thetcmgroup.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www2.thetcmgroup.com/e/897461/kplace-investigation-mistakes-/6ldffx/625527480/h/pLGkqn4cjdePwFhehHqia2Kc0XEGPf3hrK79U...
Effective URL:
https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Submission: On November 06 via api (November 6th 2023, 3:58:21 pm UTC) from NL — Scanned from NL

Summary HTTP 179 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 11 domains to perform 179 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is thetcmgroup.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.

This is the only time thetcmgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.208.125.13 18.208.125.13	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.237.219.119 34.237.219.119	14618 (AMAZON-AES) (AMAZON-AES)
60	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
6	52.222.236.71 52.222.236.71	16509 (AMAZON-02) (AMAZON-02)
23	99.86.4.76 99.86.4.76	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	192.229.233.34 192.229.233.34	15133 (EDGECAST) (EDGECAST)
2	2a02:26f0:350... 2a02:26f0:3500:18::1724:a29a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:401... 2a00:1450:4013:c02::5c	15169 (GOOGLE) (GOOGLE)
45	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1		() ()
2	2600:9000:205... 2600:9000:2057:f200:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.76.53.164 54.76.53.164	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:887::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	52.89.37.98 52.89.37.98	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
179	19

1 18.208.125.13 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com

www2.thetcmgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.219.119 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-219-119.compute-1.amazonaws.com

go.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

thetcmgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.222.236.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-71.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.233.34 (Marlborough, United States)

ASN15133 (EDGECAST, US)

static.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:18::1724:a29a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4013:c02::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 (None, )

ASN- ()

thetcmgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:f200:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.53.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-53-164.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:887::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.89.37.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-37-98.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5203 r.stripe.com — Cisco Umbrella Rank: 3546 m.stripe.com — Cisco Umbrella Rank: 1249	1 MB
62	thetcmgroup.com 1 redirects www2.thetcmgroup.com thetcmgroup.com	623 KB
19	google.com www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2685 play.google.com — Cisco Umbrella Rank: 28	457 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	594 KB
6	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5423	27 KB
3	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4470 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5121	96 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	16 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	olark.com static.olark.com — Cisco Umbrella Rank: 13928	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	77 KB
1	pardot.com 1 redirects go.pardot.com — Cisco Umbrella Rank: 17702	774 B
179	11

	Domain	Requested by
61	thetcmgroup.com	thetcmgroup.com static.olark.com
36	r.stripe.com	js.stripe.com
23	js.stripe.com	thetcmgroup.com js.stripe.com
12	play.google.com	www.gstatic.com
9	q.stripe.com	thetcmgroup.com
8	www.gstatic.com	www.google.com pay.google.com www.gstatic.com
6	widget.trustpilot.com	thetcmgroup.com widget.trustpilot.com
4	pay.google.com	js.stripe.com pay.google.com thetcmgroup.com www.gstatic.com
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	m.stripe.com	m.stripe.network
3	www.google.com	thetcmgroup.com www.gstatic.com www.google.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	consent.cookiebot.com	www.googletagmanager.com consent.cookiebot.com
2	fonts.googleapis.com	thetcmgroup.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	static.olark.com	thetcmgroup.com
1	www.googletagmanager.com	thetcmgroup.com
1	go.pardot.com	1 redirects
1	www2.thetcmgroup.com	1 redirects
179	20

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
www.canva.com
policies.google.com
www.linkedin.com
stripe.com
vimeo.com
linkedin.com
twitter.com
www.youtube.com
peopleandculture.com
theinvestigationcompany.com
transformationalculture.com
www.resolutionframework.com
peopleprofessionals.org
www.engageleadership.com
www.engagecoaching.com
themediationcompany.com
www.aubergine262.com
amzn.to

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M02	`2023-02-02` - `2024-03-02`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
static.olark.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-17` - `2024-04-16`	a year	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-17` - `2024-04-17`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Frame ID: 0CCACC195DB41F118BCADC108DECC600
Requests: 97 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=58b013e80000ff00059d4650
Frame ID: E8B8D6C1E5DAC0ECED36EF1BEB2E1766
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: EF3AAD0C2D9F95792B8F8C9495994D6C
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
Frame ID: ECD50FBD0925D8400C2D334AC812D77C
Requests: 34 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-873f465a4e99cf698176753050a5589c.html
Frame ID: EB59E3962A5BB0337BD3D43364343B37
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-c51c8fa7dfe3ace19f6c9a840e7bfafe.html
Frame ID: F61CC7ADF2E6BF37074AE756AB19A560
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
Frame ID: 03C4CDA3C72F3C42BAD5A7579540E707
Requests: 18 HTTP requests in this frame

Frame: blob://https://thetcmgroup.com/dd8f2a42-287b-41de-a55e-9079c36922e4
Frame ID: 1ADA05FAA871B65EC50FDD75295FE7CD
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: C2A29CC6C443C08DBF0DAE77DE52DD10
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcZ4CAbAAAAAOPsAuBbNZsFh13A3_lMp_JxI6o4&co=aHR0cHM6Ly90aGV0Y21ncm91cC5jb206NDQz&hl=nl&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=hpmwbviq2qlv
Frame ID: 87B3F7AFA55BF3B0C7BB0FE179A2EC67
Requests: 7 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 9BAFC482876B77CD319D71ECE38B2497
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 0A3D41066BA0ECED856B05B6FDB92890
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Avoiding common workplace investigation mistakes | The TCM GroupPowered by Cookiebot

Page URL History Show full URLs

http://www2.thetcmgroup.com/e/897461/kplace-investigation-mistakes-/6ldffx/625527480/h/pLGkqn4cjdePwFheh... HTTP 301
https://go.pardot.com/tracker/httpsRedirect?pi_email_id=625527480&request_uri_path=%2Fe%2F897461%2... HTTP 302
https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/ Page URL

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

179
Requests

100 %
HTTPS

55 %
IPv6

11
Domains

20
Subdomains

19
IPs

4
Countries

2963 kB
Transfer

9446 kB
Size

7
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiebot.com/en/what-is-behind-powered-by-cookiebot/
Title: Powered by Cookiebot

Search URL Search Domain Scan URL

URL: https://www.canva.com/policies/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/legal/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://stripe.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://vimeo.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/thetcmgroup

Search URL Search Domain Scan URL

URL: https://twitter.com/TheTCMGroup

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@Thetcmgroup

Search URL Search Domain Scan URL

URL: https://peopleandculture.com/
Title: <img src="https://thetcmgroup.com/wp-content/uploads/2023/07/PC-footer-logo.png" alt="">

Search URL Search Domain Scan URL

URL: https://theinvestigationcompany.com/
Title: <img src="https://thetcmgroup.com/wp-content/uploads/2022/03/TIC-footer-logo@2x.png" alt="">

Search URL Search Domain Scan URL

URL: https://transformationalculture.com/
Title: <img src="https://thetcmgroup.com/wp-content/uploads/2023/07/TC-footer-logo_1.png" alt="">

Search URL Search Domain Scan URL

URL: https://www.resolutionframework.com/
Title: <img src="https://thetcmgroup.com/wp-content/uploads/2022/03/RF-footer-logo@2x.png" alt="">

Search URL Search Domain Scan URL

URL: https://peopleprofessionals.org/
Title: <img src="https://thetcmgroup.com/wp-content/uploads/2023/03/PCA-logo.png" alt="">

Search URL Search Domain Scan URL

URL: https://www.engageleadership.com/
Title: <img src="https://thetcmgroup.com/wp-content/uploads/2022/03/EL-footer-logo@2x.png" alt="">

Search URL Search Domain Scan URL

URL: https://www.engagecoaching.com/
Title: <img src="https://thetcmgroup.com/wp-content/uploads/2022/06/Engage-Coaching-footer-logo.png" alt="">

Search URL Search Domain Scan URL

URL: https://themediationcompany.com/
Title: <img src="https://thetcmgroup.com/wp-content/uploads/2022/06/Mediation-Co-footer-logo.png" alt="">

Search URL Search Domain Scan URL

URL: https://www.aubergine262.com/
Title: <img src="https://thetcmgroup.com/wp-content/themes/tcm/images/aubergine-logo.svg" alt="Aubergine 262 ltd. Logo" width="100" height="36">

Search URL Search Domain Scan URL

URL: https://amzn.to/48BDXr9
Title: <img src="https://thetcmgroup.com/wp-content/plugins/tcm-footer-popup-html/assets/book-popup.png" alt="TCM book popup" style="">

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www2.thetcmgroup.com/e/897461/kplace-investigation-mistakes-/6ldffx/625527480/h/pLGkqn4cjdePwFhehHqia2Kc0XEGPf3hrK79U6YSUGY/ HTTP 301
https://go.pardot.com/tracker/httpsRedirect?pi_email_id=625527480&request_uri_path=%2Fe%2F897461%2Fkplace-investigation-mistakes-%2F6ldffx%2F625527480%2Fh%2FpLGkqn4cjdePwFhehHqia2Kc0XEGPf3hrK79U6YSUGY%2F&https_redirect=1&tracker_id=135578187&account_id=897461&visitor_id=342300945&link_type=1 HTTP 302
https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

179 HTTP transactions
24 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Redirect Chain

http://www2.thetcmgroup.com/e/897461/kplace-investigation-mistakes-/6ldffx/625527480/h/pLGkqn4cjdePwFhehHqia2Kc0XEGPf3hrK79U6YSUGY/
https://go.pardot.com/tracker/httpsRedirect?pi_email_id=625527480&request_uri_path=%2Fe%2F897461%2Fkplace-investigation-mistakes-%2F6ldffx%2F625527480%2Fh%2FpLGkqn4cjdePwFhehHqia2Kc0XEGPf3hrK79U6YS...
https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

183 KB
36 KB

247ms
124ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61fd3b67eafbe7ad93dc91572ce028865839a09b1adefe40f65d91bdb5a21d9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=86400
cf-cache-status: EXPIRED
cf-ray: 821e8952db4766c4-AMS
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 15:58:10 GMT
last-modified: Mon, 06 Nov 2023 15:49:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjKpVdV53E4pv8UnN%2FHMOwO87%2ByhktixPHYiF8U2wuSHiujcN7sg8KQB6orBz4jDporqhgXx3alByteAkZHCuYI2jVc2XgKRpt0r6eKxBojTOtds4eTlSoTsv1qDq%2FT9aA8RgDv52CP8FkYwn58%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Cookie
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd

Redirect headers

Connection: keep-alive
Content-Length: 130
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Nov 2023 15:58:10 GMT
Server: PardotServer
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
cache-control: max-age=63072000
content-encoding: gzip
expires: Wed, 05 Nov 2025 15:58:10 GMT
location: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary: Accept-Encoding,User-Agent
x-pardot-canary: true

GET
H2 200 autoptimize_c7955f787249c031f175880854eec13b.css
thetcmgroup.com/wp-content/cache/autoptimize/1/css/ 302 KB
45 KB 181ms
179ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/cache/autoptimize/1/css/autoptimize_c7955f787249c031f175880854eec13b.css

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d3e0f5e27ff66bec2902b6dcdbe52dc22ba86b143dd6940ffce312f0ac93a9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 12:57:12 GMT
server: cloudflare
etag: W/"4b8bb-6097b64870ab1-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qJEp9OW9zumWWQfgoFGxfhjVGO83%2FPjSpX8XcV6cQFpGyFaSP%2BIhvq5vvQOVtFUTYc%2FbGcw010Icf64HFEFKKGXq7MQKBHZlES6owDywKvJGsMDYyQXwyGH8AJBEbLNCjFYI3Z9c6WkvFPZIwg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400, immutable
cf-ray: 821e8953ac2e66c4-AMS

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 190ms
67ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito%3Awght%40400%3B600%3B700&display=swap&ver=59e2763034816b0850a9a4aec6bc9e68

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d6a1250b131483bf690875fcdb40533a394fff0880f007f48f9b8f2a1ccd8fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 15:58:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:20:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 15:58:10 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
612 B 191ms
68ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Playfair+Display%3Awght%40600&display=swap&ver=59e2763034816b0850a9a4aec6bc9e68

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23f71eff6c34c2a6aa74192072500749c9894c493a71b2ede6e988ae3dc31deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 15:58:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 15:33:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 15:58:10 GMT

GET
H2 200 jquery.min.js Show response
thetcmgroup.com/wp-includes/js/jquery/ 85 KB
31 KB 134ms
134ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Aug 2023 03:26:54 GMT
server: cloudflare
etag: W/"155ba-602750d151453-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWdhR5Oviegcm8BLqSBvfesZu2auLiX0i3zfMVVDjEQIfA4SBcMUwGtcjrqfigZHS%2Ff2IzZiQeB3wfWOAuSpyhgQYzG2IQmRTqpZZTbl2tYeUSDfqWtIFZBkLHw09HkIkGqRNKP0ukUEnVvfF5c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e8953ac3066c4-AMS

GET
H3 200 jquery-migrate.min.js Show response
thetcmgroup.com/wp-includes/js/jquery/ 13 KB
6 KB 110ms
109ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Aug 2023 03:26:54 GMT
server: cloudflare
etag: W/"3509-602750d15c034-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ogyt38Ycoop9I9xMQ1A23D7ab55VVNcQTrqWrtMonWhkax1XttrtAVFgHmPqPToRssZ2TrSZ4jngAkdQvSd8e1rmrth3Y%2Bst7WUn%2BN8Z1YTwgSMk6esiHHKTKgO5Lsi40FGFLHDUdI6ztlOaagA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e8954e8796688-AMS

GET
H3 200 autoptimize_single_169ba4109a99d0bd1d59953f07ffa0f1.js Show response
thetcmgroup.com/wp-content/cache/autoptimize/1/js/ 29 KB
6 KB 138ms
137ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/cache/autoptimize/1/js/autoptimize_single_169ba4109a99d0bd1d59953f07ffa0f1.js?ver=1.18.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0312475e7974a6a7d4ca349eb9f0f1fb00387c993f1ee6627065a32a3aa8ad8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 12:49:36 GMT
server: cloudflare
etag: W/"7510-6097b4956b570-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpkZxgPq%2FAmOr6dgkspaRxGhUaBjohrTdi0XghfIvmPTBSVlG55t6JS3lXSsN3GofJCl2Wz%2BveY8ayAL%2Buxq1Ja101ieer2VxZCiqr4SnLZO%2FYRAg20eOX5gmRTVZ7g9dlzIEnmmMh7UWpPfBnk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400, immutable
cf-ray: 821e8954f8946688-AMS

GET
H3 200 tokenization-form.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
1 KB 126ms
123ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/tokenization-form.min.js?ver=8.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac0a29702ebc38d8c064dc547ef86af370a27d8b2f3f758291d3cc481643872d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 03:27:41 GMT
server: cloudflare
etag: W/"8d8-607e11af1fb2e-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3PQy38czAjOxmlgOCRvtYMN18fdery%2BQfgA6KLX8JCilGiNqGjYNZU0LdVkLH7wxZBdHV8xyeI8q24DPwiFkAqVdiXiLDh50QQKqFp4K2QYCvGIeuqZY5PTs9Awx8l5SoHTGwTsiazCURC5xgY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e895508a66688-AMS

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 220ms
62ms Script
application/x-javascript 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Nov 2023 02:50:47 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 47242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: MjRPTsGeg-55CbbC94HSm-jL4vLqB78aI6xqnot2qc3j5KU035Rn_w==

GET
H3 200 seach-icon.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 371 B
847 B 156ms
142ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/seach-icon.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f29390b230580ac6995fa545c194d7ae22099bf823ca93fa9bfd1af736e0747

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"173-5ded292a57f89-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YADThMhPcd52dSQ7um4nYKW8NIjVBuv11Q2v6E7eHi4do3Qc8%2FBveaBYxR2B8AWQI%2BTe%2FDRCnHv2JPL1Komb3ENbkdex%2BhClTklNc0gyQtUr%2BmQtFyGkcsXjdlgRQoW7t88Gu%2Fv%2F77lHE9BxUt8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821e895518b26688-AMS

GET
H3 200 lazysizes.min.js Show response
thetcmgroup.com/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
5 KB 169ms
155ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.9

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 14 Oct 2023 15:26:29 GMT
server: cloudflare
etag: W/"2655-607aecc143827-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHVdBI32%2BtlmSc1K0eqIM02r1A%2BHRioQzlLCx7urRuzU0%2BtmS8CeRaZlfOruRP0UH4rr864FuCClsv96nmjau4Cp8CHOBuRhsOb4jqutTyu%2FSnNlHYnT51yVqhHwD8hAFMWK%2BiVzuqkqA%2BtbHx8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e895518b96688-AMS

GET
H2 200 dashicons.min.css
thetcmgroup.com/wp-includes/css/ 58 KB
35 KB 138ms
138ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-includes/css/dashicons.min.css?ver=59e2763034816b0850a9a4aec6bc9e68

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Feb 2022 15:02:00 GMT
server: cloudflare
etag: W/"e688-5d7fbb2ce8d8d-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0VLWQM2uJhCKcXrlG7bsylyYt6yMIUt0SBrMHKT13VZUz%2B2y64jFGuD%2F1PfktKJf7vrLFiJ8DaNskjtLt2HvwDYWHOLeN4ZwP2l0nv9RJVHyuxAaSla%2Fv0XvhxXMlxh230Nt894iDoUoK63eqc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 821e8953ac3166c4-AMS

GET
H3 200 autoptimize_single_100425145b9835a8af74fb3da4a0de39.js Show response
thetcmgroup.com/wp-content/cache/autoptimize/1/js/ 878 B
1015 B 132ms
119ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/cache/autoptimize/1/js/autoptimize_single_100425145b9835a8af74fb3da4a0de39.js?ver=1.0

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e6e9b41bfb424a2dc0ffef4a8902dbfb4b6dbf9618c4a05b22f4a12fa7c821c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 12:49:36 GMT
server: cloudflare
etag: W/"36e-6097b4956c510-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1FgWACmPQYDmwsJkpogpeV8B3kwGr4EKDvWisrYbh8yLjqxHzwtUtsOMpE58g%2BBkeYf6bGLhiL5B2KpHEYkeb%2BbQ8QhVo%2BZ%2F6uq%2FvsqoaEvKE9%2BQFGMcybyiGJBokKlMNUR65GtCcM1Q8hd8GY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400, immutable
cf-ray: 821e895518bb6688-AMS

GET
H3 200 jquery.blockUI.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 172ms
159ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 03:27:41 GMT
server: cloudflare
etag: W/"25a4-607e11af20ace-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFattBWv3lefvTH9N1zfAbuCpig07y7Mnd2GVtZBAnp18stZbl8ZOmiOSLahBTsiFh5pyZlOqBq8ttuVqq37ytyWwDjmx7ysT2a7PXCWMAi8m%2Ba3zWGO%2Fc%2Fx3cxCA4XS1EnpBwfVaYzn%2FdWumX8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e895518bd6688-AMS

GET
H3 200 add-to-cart.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
2 KB 193ms
181ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92b4feff9bb6c863075d35cd38d989cc254f99489f574338def1949904027d42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 03:27:41 GMT
server: cloudflare
etag: W/"bdd-607e11af1cc4e-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fy056%2BNaHYX8s8vMLf5US6yV2S1kElXZNhA8qTM8lidIhU%2FP92GxnvAghlAo13Tnka01DRIN%2F0g4BrGHmadq8wDM9xD4uZGZerSh3dKJLKaEwnGSWQuXDIexgI2yy5yMJ9g9DODDYBh1tI1E%2BtU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e895518be6688-AMS

GET
H3 200 single-product.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/ 6 KB
2 KB 131ms
118ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=8.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e7d2a1ae6d18ec37ab985e42b7202b14d222cb9074a7d0f8557e8bff8759a75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 03:27:41 GMT
server: cloudflare
etag: W/"191d-607e11af1fb2e-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eh%2BUM4j0ZlrCgE25fsNCj7TUCjYHYUEvch8u8QofQb7qOZlzYBJxF94RIOi9BhiduUkImuzKkmnKwQ7BaSTCHsXHEIybOUT1em0i8chARxQ%2BMOzFZJj%2Fj7UXws65%2BpVYTifoaDEQkZlkHtOHPYw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e895518c26688-AMS

GET
H3 200 js.cookie.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
2 KB 193ms
181ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1533d5bc82424a9a3ac37a7fe543925909d25715d16938b9e02c728c86fd86e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 03:27:41 GMT
server: cloudflare
etag: W/"735-607e11af239ae-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DP9sQk9qZHJ9yvuqm2guGDy0CmlxAJhv5bzm%2B19gnAHCXwT%2BUyG5poCda362OVqkl%2FSUhpPuAoX3fAFgnHUc5gxMYUT64ux61Jr8mmYIND00sHLGUL%2F3GlSaflkRL7jN5iJddiBqRGPqWx2ItKE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e895518c46688-AMS

GET
H3 200 woocommerce.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
1 KB 201ms
189ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 03:27:41 GMT
server: cloudflare
etag: W/"85b-607e11af1fb2e-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkjuVPy13O2EzVEYaOsUZ5nwJvldZwFbKOX9FtxqWNlYI%2BlDYdmIRntkd1r7LvBqGSGJqdAlT%2BM4ZzKH2IXSNRE1tUO3HM%2BYvvjnXQlt3IDa3jwxPd8YV6knbAZHwvlotEoXx3DkXA0DPint6u0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e895518c56688-AMS

GET
H2 200 / Show response
js.stripe.com/v3/ 552 KB
154 KB 235ms
82ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/?ver=3.0

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2173fe202b54daeb55873608869a7ee5a1ef481d23f6e42b024ae666973770fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:57:41 GMT
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 31
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:43:32 GMT
server: Cloudfront
etag: W/"463d1a2955ddebfd1fbb0126c59738fd"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: JWX4JknZ5LJ0ErOMewSy7Xj50YqRZrzX31fWoM8s4zxs41m_KZ7Nfw==

GET
H3 200 stripe-payment-request.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce-gateway-stripe/assets/js/ 14 KB
4 KB 205ms
195ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce-gateway-stripe/assets/js/stripe-payment-request.min.js?ver=7.6.2

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

675abb39e33edf5c534d86017f925545b7f68621897f9c688badad05303824f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Nov 2023 03:26:46 GMT
server: cloudflare
etag: W/"372a-6090ed746786f-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSbiX%2BM7jTCKALHiQX5%2BP8rHBV%2FcXHqVCObAl%2BG19Eze7LshUDHf4F%2FksI2xOw5JjE9GebVyW%2Fbe0wbL2L%2BsxzE43r%2F8OJQQajaYoWVjj2sD6QQ5nhcghZbM74GBg2MvW1%2FakZqX1YCUNKuytxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e895518c66688-AMS

GET
H3 200 slick.min.js Show response
thetcmgroup.com/wp-content/themes/tcm/slick-slider/ 42 KB
11 KB 206ms
196ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/slick-slider/slick.min.js?ver=1.30

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"a76f-5ded292a59ec9-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ap67xDV4tb4fPevmi6pzocS3MF14TXIcSv%2FlEeDkeIHUNvhdZPqgkTZ1iZDiqodvUQ9pc0%2F%2F2pll2oh1BVtkuHTW5ZYQdnCc6LYpLkv5FF1iPOUWyCJC2y1JWahpk1DU5RNGPwgEHRO52jlf34Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e895518c86688-AMS

GET
H3 200 autoptimize_single_092e0f4c6cf9e1699af003bcedb06089.js Show response
thetcmgroup.com/wp-content/cache/autoptimize/1/js/ 20 KB
8 KB 207ms
197ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/cache/autoptimize/1/js/autoptimize_single_092e0f4c6cf9e1699af003bcedb06089.js?ver=1.1.0

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9355c1b32c96f1da116a0df14644c2f2a1965d5206234304174514fc209aa90

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 12:49:36 GMT
server: cloudflare
etag: W/"4ea6-6097b4956f3f0-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxfivM6HPw5pfb%2FptFAOV8ei8qh98m49I8zndwh1Qm30bS%2F8CMJ%2BHRGPkCJ%2Bw%2Bxd6cGsYfxnXo8wotYHmJiNFZnDPJP%2FnErpiUpg1izwf%2B52xPfp5PdwxAtN0%2BBpynHNT%2BFschsqcLSGlvSGojI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400, immutable
cf-ray: 821e895528ca6688-AMS

GET
H3 200 autoptimize_single_69934f5f152d577e6da48c75cf09fd90.js Show response
thetcmgroup.com/wp-content/cache/autoptimize/1/js/ 15 KB
5 KB 215ms
206ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/cache/autoptimize/1/js/autoptimize_single_69934f5f152d577e6da48c75cf09fd90.js?ver=1.30j

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5263e0259033b631c270979443ce95ea023737a1ad7f5d6d618e73bef2d64e8d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 12:49:36 GMT
server: cloudflare
etag: W/"3a86-6097b49573270-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXtAJbhEOTPCEFrep3M06dpag6PdUAS0Z9fvcedWjhkES0tRB4llnDsSw5UlvmV9a8EbYOpf%2Fwu8Hehyex%2FYfpz2uLSIS08at8OAhEFYeGb39Ok7z1isDYCM5ErUSbtmjKfuZY7dQxMLtsI26IA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400, immutable
cf-ray: 821e895528cb6688-AMS

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 346ms
89ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcZ4CAbAAAAAOPsAuBbNZsFh13A3_lMp_JxI6o4&ver=3.0

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e498b2961dbb96d80349b25bfdf2ed6d5ac4f580c9824dae5b53e03eb414db3a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 06 Nov 2023 15:58:10 GMT

GET
H3 200 front-scripts.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce-multilingual/res/js/ 344 B
809 B 235ms
226ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=5.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5550f904be1dd8825d113db685b9c92507fa0087d414c6a1f64852d62758c0c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Oct 2023 15:26:18 GMT
server: cloudflare
etag: W/"158-6074a3636f6dd-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0gizX1kLcACF239QPgbq%2FGM4mQbgrZKuZ1Ev0PFz0t70KgTsxlMfbu4adYPzk1Vh9AhYYxUBZNoKh3H5Ouf2G5dU7vRQ3ftB3R8HPNrDtLeR%2Fy6F96Rz7GHDl4%2FeKgPDR7rvwjpLBMbvfBbs%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e895528cc6688-AMS

GET
H3 200 cart_widget.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce-multilingual/res/js/ 364 B
817 B 235ms
227ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=5.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00b55d4c2f81b6b53aa944b364b81ac1e1a3a4f3e94818b14eb270e5f156f24b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Oct 2023 15:26:18 GMT
server: cloudflare
etag: W/"16c-6074a3636d79d-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uy%2FzqdMGuo%2B7PHQblOwz8tHgaFoS8CgEfNIqhcCrBhuAhR1oaKlZjxJo8olFNVKDxA9i4n6%2B7hyYv%2F3pWSuCGaKsmM4oGn5A6T%2FtK2GTO8JfdJtJAPpdup6U0a%2BbowlfNSFTnCAzwGbuHMyHnZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e895528ce6688-AMS

GET
H3 200 jquery.payment.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/jquery-payment/ 8 KB
3 KB 117ms
109ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/jquery-payment/jquery.payment.min.js?ver=3.0.0-wc.8.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12553f3efc346c133c5ffba7a493ef82fce2298e81b1a09a342b8ada10e26405

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 03:27:41 GMT
server: cloudflare
etag: W/"2119-607e11af22a0e-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lORtLSPI9aeDHadZgSUUCnm2T%2BjPg0g56wQGQuAvV7ph1JgOyd0hLF%2BrT3MDZUAtj3YIGb3yhRwsGRzRicC6PVIgdGqz7CC%2FUANmcQbt9EP9Jh4wHxvrBk3ihNPHsvVS242HQhaMe37Fb1VUDhU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e895528d16688-AMS

GET
H3 200 stripe.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce-gateway-stripe/assets/js/ 14 KB
5 KB 235ms
227ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce-gateway-stripe/assets/js/stripe.min.js?ver=7.6.2

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b662ab593f8d6554b3b463d4a352e5b7e0586bb4e60acc11f4913b428509ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Nov 2023 03:26:46 GMT
server: cloudflare
etag: W/"39f1-6090ed746786f-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpVc0i3LiFKmcb0ZkjcpL%2BcSjVu8Vu2zMdcAEpCZq%2Fp%2BH5G5WRsfm7vlTUtS9ryDvsY%2BHGpXRzaNWlUjkP39WWUkskr6Y3vz7om8dppEsh4qahUkrRiiNdnf1O209D5v6m4tSuQ1A4WPLw1cMjc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e895528d36688-AMS

GET
H3 200 underscore.min.js Show response
thetcmgroup.com/wp-includes/js/ 18 KB
8 KB 241ms
233ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-includes/js/underscore.min.js?ver=1.13.4

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 29 Nov 2022 08:30:13 GMT
server: cloudflare
etag: W/"4991-5ee97cbfac994-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVkUiUlP50xQOBfTRcahkiurvStDjcUqktzPfDR06FwabGrdd1S%2B03oiuLSYKBpZthxo2iyL3Td7jY1jSYtt4guLKu3nDpQICpJgty36Z1yZ7es2p9ep2hAD4UlD8qf4iMni4nllm9ohrSL9fNE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e895528d46688-AMS

GET
H3 200 backbone.min.js Show response
thetcmgroup.com/wp-includes/js/ 23 KB
9 KB 248ms
240ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-includes/js/backbone.min.js?ver=1.4.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b99993143ef5c98b746267c0a19fd2c2f4a6d64af3e1dae82a87573c4b9b1572

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Jun 2023 15:28:44 GMT
server: cloudflare
etag: W/"5d28-5ff0a018be323-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1yOuuNzDJ4mNapmNsy9JopkQUM4V7zh9rxfLhwcngxKXyTKMa95VX9CJzG63PvkB2rxkR4RFkYcVwO0FTh9UwLeczpmpU1VdfINvWdGfkUclk6%2BFObwaUH3E2PDteJyaIsU7vxAmt5ira3FfpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821e895528d56688-AMS

GET
H3 200 autoptimize_single_0cc678c9d558709407ec0e953e17e7da.js Show response
thetcmgroup.com/wp-content/cache/autoptimize/1/js/ 61 KB
18 KB 248ms
241ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/cache/autoptimize/1/js/autoptimize_single_0cc678c9d558709407ec0e953e17e7da.js?ver=3.6.34

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02400eff6006674ae1b3d90e24a27433b2f7724c5002b7c82d9a3f340755357a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 12:57:12 GMT
server: cloudflare
etag: W/"f247-6097b6485840f-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQfH7X%2F58o7cGsRJdcdCNk%2B%2FCIK%2ByUbUpPAiHdnz7Wj%2B0p6XjLLZDRtqZbKn1IFhpvPE3LIb4nruGO2qYE5K34p%2FFR6wcSj7WqIq%2BhiQgC%2BSIlVNbPrVJBIldKB8cVE3keCE%2FqLmz3R5xq%2FvLWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400, immutable
cf-ray: 821e895528d76688-AMS

GET
H3 200 autoptimize_single_2108e87bb49f49c15840ec1e981e799b.js Show response
thetcmgroup.com/wp-content/cache/autoptimize/1/js/ 101 KB
23 KB 249ms
242ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/cache/autoptimize/1/js/autoptimize_single_2108e87bb49f49c15840ec1e981e799b.js?ver=3.6.34

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0775857f32c100c7e98fe96ba857873809054342a1ce98fafc174f8046a1da0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 12:57:12 GMT
server: cloudflare
etag: W/"195e7-6097b64865ed0-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9d2ngDZRqgqAVvqoECc3Tu%2FOxwNdkXyfHbAKh0AdEqidJgX%2F%2F%2BdLfyYaYqxEzwKW7ZXE9kvVR75z%2F9zptYllY619QLAHP4WY4DlMvw5Q73b1XAtnCuqqwCq1JcqlxieWqA%2F%2BCgtTfpenzNImS0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400, immutable
cf-ray: 821e895528d86688-AMS

GET
H3 200 autoptimize_single_5bcc345f6c2386193d24714fac0b9b12.js Show response
thetcmgroup.com/wp-content/cache/autoptimize/1/js/ 8 KB
3 KB 122ms
115ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/cache/autoptimize/1/js/autoptimize_single_5bcc345f6c2386193d24714fac0b9b12.js?ver=3.0.29

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

118e237b998bf26746914c5398bd37a71938f664dc434a27830351e778ae0ab3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 12:57:12 GMT
server: cloudflare
etag: W/"1ef7-6097b64866e70-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BCJt5z2JiP1j%2FU%2FxDwKuGgC8kj0LWI9wnvlySW8%2F4oBmlN26MpR%2FztLX9PJ10WKtEozae1dqygPogB8U%2Fml5jUEZNmboTn8o7X2wCtXDcseLW7z28efuNhG8nz8Fpcf2z67s5d815xKXYKuWiw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400, immutable
cf-ray: 821e895528db6688-AMS

GET
DATA 200
OK truncated Show response
/ 112 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1633281d74a87f044dea32f5782acf8e587b7814f907e17b3740dc72f988e29e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
77 KB 308ms
55ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5DKFX4C

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1e8e0185e0bc8a10588d49536887fc5410fdc43a386adbe377a8c4c09662e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78613
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Nov 2023 15:58:10 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d585a2ee280fb3a5db922a8035d7d8c633c5e3245d1ef5ff4a97f52c6d7e3853

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0056299071c4519f17586f5a4f9d7bacadc0978a31b36e79eebc09ec17439cbe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27381220e3f28342d9b020614058b4ca43f5abf17efbc48d6a817ae6f05160f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated Show response
/ 14 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08ed8e3aab1262bd50ac7b605dfb3f628dab6f18fbb58b0e59623216dbad6727

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbdd8a81111b2dbc784a4d9b9193f9d241ddd212932d440c5a4ac46277ae8f44

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated Show response
/ 20 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6d62cb480942c8deb8161cbca06f0838d48ebdc750b7c2f535d0581212a7cfe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8adfbc27fffba13ab2e297324d3e0141049e272ed6439a3703ff4fdb74f5fb7f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated Show response
/ 720 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c008de21b502d1a5e12ede3b27f9f595ed4388dda36a9784b4accb8149044a7c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d851b0454d1ad5a29006e4d06b0e98fe70f6d324b3ebf7e8c28d4f61ef0472b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated Show response
/ 152 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 109 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3115055b28056bc3d6ae03731659ea8ccc83e08f18b3f64a6dcd02f36000d4b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 260 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a02c9957ef409f8602001de0cde05ad5bb5953b2fb75e4b958ffafefaba6a196

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 555 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32f9c687f53eaf43d8691cfc3ec89d8982f3a0da2bb8a45066891d6f7ca9b4a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 135 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ba9af6f12e99663f8f04285ef3d4ffd4cdbca820bccbc2dda9c40f805b5a850

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76e3d57f294e687fe050edb76a590371ad5de81e5c74fe313f2fba3187006a6d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 209 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 218bc0ca7943a10d0d9fe3db6a6bf5778bf6396031d82e0680d828fdd10a7b54

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 85 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b2e4c86ca4da9eac25c15aaed65de5428d4c30b8d308a38e1870d28498c2b18

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8484111ff018ada568ba906180a74be9b043a7f605988ab7ed5fe2d843fcb278

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bcfd86c8d3f5891e3cbfa3fd7a67fcc2c2e9eb090c7ce73735124a01d3333aa8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f9d95f4b70225cad9e8255322914389e70174461330a4330ad1f851b444bded

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 574 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d18587fe060f4a33ff629645aaf30ea3a4e56246d59855b78887c742dc7ce998

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 232ms
38ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito%3Awght%40400%3B600%3B700&display=swap&ver=59e2763034816b0850a9a4aec6bc9e68

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thetcmgroup.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:18:41 GMT
x-content-type-options: nosniff
age: 337169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:18:41 GMT

GET
H3 200 fontawesome-webfont.woff2
thetcmgroup.com/wp-content/plugins/ninja-forms/assets/fonts/ 65 KB
66 KB 163ms
162ms Font
application/font-woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/ninja-forms/assets/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/wp-content/cache/autoptimize/1/css/autoptimize_c7955f787249c031f175880854eec13b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://thetcmgroup.com/wp-content/cache/autoptimize/1/css/autoptimize_c7955f787249c031f175880854eec13b.css
Origin: https://thetcmgroup.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:10 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Oct 2023 03:26:32 GMT
server: cloudflare
etag: W/"10440-6077c819c6c1c-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsZpi03jfLJ4gbIAhIf6Y3ZQEV%2BubgKDSkshO9Dyp317tVQ5kG0HHk6wtNFqgVxNgWWwgXLu73G1EZirswnzaF0l6OS79ABjVBU%2FGXzXdtk9g7qZGdHIEcN1OzofxZ%2BJc74otjAd9tcJFDcnGOk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=86400
cf-ray: 821e8955a96b6688-AMS

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKebunDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ 23 KB
23 KB 255ms
94ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKebunDXbtM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display%3Awght%40600&display=swap&ver=59e2763034816b0850a9a4aec6bc9e68

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6658396ee384c7a84e83365a3ce7aabec29bbd9d55ee8400abd3c367ac72bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thetcmgroup.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 16:47:07 GMT
x-content-type-options: nosniff
age: 601863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23240
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:29:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 16:47:07 GMT

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame E8B8 6 KB
2 KB 80ms
55ms Document
text/html 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=58b013e80000ff00059d4650

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 51640
cache-control: max-age=86400
content-encoding: gzip
content-length: 1930
content-type: text/html
date: Mon, 06 Nov 2023 01:37:31 GMT
etag: "1b1a56d9c9fcf8acab07f238231461df"
last-modified: Mon, 08 May 2023 11:42:34 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-id: tIBzW0Kbb67nQDJl7QGbj6lKmjNDBexMOf9HUR0x4yr7sxtkTm4OAA==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 TCM-logo-white.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 3 KB
2 KB 75ms
72ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/TCM-logo-white.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25954a06d0ad4e02de285782538fce370efd6482e37aff9ecaa386149db1159f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Jun 2022 08:56:42 GMT
server: cloudflare
etag: W/"dd3-5e22dbfcbba30-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CovFj6%2Bf0mVG0DGNAe2RPK0LIvkK22qED1sbh4KcID3UmqqQ34UWHNZnFX29WdY%2B%2Bi%2BTJ9kLqR4lxwBXP8KyE8gw4b%2F37%2BEIH86jO7%2FkpQ9uFY9MPcYw2ahLef2HXI4tNQ4UNF5Qc2qTK8AysU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821e8956ba8e6688-AMS

GET
H3 200 family_2e5c8517-447d-4851-81c0-b86de09d0d70-_-090-766x766.jpg
thetcmgroup.com/wp-content/uploads/2023/10/ 76 KB
76 KB 132ms
128ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2023/10/family_2e5c8517-447d-4851-81c0-b86de09d0d70-_-090-766x766.jpg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d77df9f839f005f080cc53f762fa9bdc2feb864fd18203de081d382f452518d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 77496
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 02 Oct 2023 14:26:01 GMT
server: cloudflare
etag: "12eb8-606bc8dbeeebc"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lww6CeFOep6hv5X9cant9YPbz35cpZ1DkzNip7%2B15RxcqC5gIOEGUVPrrNdia9dVVLsLEjPYgA6Gwd2fO%2FibmfWAMC4XAdBpldf8OvtZrL%2B5HuYv8QYyAQw8pdBCRbJpzU17QNGlszqd9I6m9cI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e8956ca8f6688-AMS

GET
H3 200 duration-square.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 3 KB
1 KB 112ms
107ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/duration-square.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

816259af9cec16869342c649874102bbf21eb8f7d735c40f3e7f45ebd56ff8e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"b17-5ded292a57f89-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Kpaush%2B2wXTlz8lYq9EITLyS8iPga%2BJXHbUXYeW%2F8i9M92pSWY962vLp2V8nzUVJSr03w9Y1dxLZeLqz1%2BoLwtq0%2F8gSM8LqpBQV1PEnTNLnZLZh4DbFzE%2F0R3sLhmvGXpaxCg9LrrbqEbPUnM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821e8956ca926688-AMS

GET
H3 200 location-square.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 809 B
1 KB 113ms
108ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/location-square.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

859a00a2a87cb8cda482aeac3f79e7c77183e868c30e4ac6da07829fdf69f705

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"329-5ded292a57f89-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVlFKUqCh1NwX9fa5bqzE81QYd3hV4WBy%2BD0b1vpA3Dvq3PDbpv73XHLWFExCAfrErUTfBcOIffdckRUS9FLwXuMcpCykm7l28m7Ugyq5AN2YQToMjNPpWprLjyXzM5ss%2BwnKb3Z0Ba1NStsxZs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821e8956ca956688-AMS

GET
H3 200 document.png
thetcmgroup.com/wp-includes/images/media/ 200 B
791 B 113ms
108ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-includes/images/media/document.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fc10f9452d76439d0ad3bb712d360c869347110abf205cc0d733f489d56f8c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 200
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Feb 2022 15:02:35 GMT
server: cloudflare
etag: "c8-5d7fbb4edb6f5"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMqdQfi7jGfpmbOa3osVwhfwCyKpYisLf%2BhK5%2BIfrMlUbZUmTNddOC5RwrOYBaDr8yg7RvFK%2F0G8bn2D47b1U4c7sXK5UBq1Y%2F%2BMLMeasMgZPAQqjx8lA5X6bsLrkWy9baMhtcpmwsW3o%2Frno%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e8956ca976688-AMS

GET
H3 200 open-quotemarks.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 958 B
1 KB 110ms
105ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/open-quotemarks.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb689f976d6d96a8593caf251df449432d017be8923bc5557f13e8f060b07211

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"3be-5ded292a57f89-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3725%2BCl2llV6RR09w8zHN9RnrL8u%2FpFzY6DSA6n%2FLTCMA6BXHI%2FisiUGwVD4vrN9MergYwKTUeRqE3YTVzV6M26u2jSRrQwuzzwOFaOqrF1xCkZ0FevPVv0cLRe1efo4LXsxuEzCGGPWtkvS8To%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821e8956ca996688-AMS

GET
H3 200 tcm-footer-logo.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 18 KB
6 KB 124ms
119ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/tcm-footer-logo.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85f7a5f0575d264e7ae61f50e1933edc81474948b6fab0ca77d92bf4074a8ad3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jul 2023 15:17:07 GMT
server: cloudflare
etag: W/"4661-600b04aa80adc-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Psc7LPD2sUEkvowjoE2GzZsQAwx95Fhza%2Ff2Astit64jLZxXTuW5N79eKtWkvL2yCNgV1gq74kmLtSkqr%2FwOPAbRidDu4lLL264g%2FJB6HhheESLdEojqbAXYUTpvF36%2FVqD4LFhCMviIcmHa1jU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821e8956ca9a6688-AMS

GET
H3 200 email-arrow.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 272 B
804 B 120ms
116ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/email-arrow.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75f49fa35612a52c9a1dde5a3c6edc9beac852ddf99c08af7b4b9830f95c8c2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jul 2023 15:17:07 GMT
server: cloudflare
etag: W/"110-600b04aa80adc-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54zy081uJ6v7TlhnHc3Fxk1qfmGGRwJgZlll4EAG45uKNbV9KJFsng97Y5d6T3G0f8%2Bx4uru2grvAPoIPuYPIgsQNQyjtBzPmGdwWSvNFDSADK1lVUxgpJm0CI%2Bp5jSiJ4CT1iFpB4cicLQ0XnE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821e8956ca9c6688-AMS

GET
H3 200 TIC-footer-logo@2x.png
thetcmgroup.com/wp-content/uploads/2022/03/ 4 KB
4 KB 119ms
115ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/03/TIC-footer-logo@2x.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78c9a9261396f69ebcea27f2163f517652d6e2ff3e14c9e6b1754bf5fa1d0331

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3634
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 16:46:01 GMT
server: cloudflare
etag: "e32-5d9dff3004015"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BJuh1lDRKuUftNuReQ9jVSRivwooUuPS9x9UxtxB18ExEQ8p3vrlEDEihtdkhpWi7Be0CTcV8dpTEAxmvJ9dqJkncafS1bZdRNyvqtoYur7zI9y77C4ku2%2FlWSDNbn8wi4YOoNx3ifGR6p8cO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e8956ca9d6688-AMS

GET
H3 200 TC-footer-logo_1.png
thetcmgroup.com/wp-content/uploads/2023/07/ 3 KB
4 KB 77ms
73ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2023/07/TC-footer-logo_1.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1462afd7ed679c2549f4104b64946fee49c0b7b5778e91945825783fddd05fe6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3025
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 18 Jul 2023 16:19:39 GMT
server: cloudflare
etag: "bd1-600c54823773f"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVLRN%2BT30wO0G%2FBeVzKko0MA5RuelPaNHyBDoNbHlceusi61Eexa7BWrawmPCHF%2FXJGnIk7JHJUogCmhPKTrsa7EA1Rjlc70MTrFmRUv%2BvqppZWF5GfBmLgjILZvxPyMhfoUFrXqs%2BwBIbcHc9A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e8956ca9e6688-AMS

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame E8B8 50 KB
16 KB 69ms
65ms Script
application/x-javascript 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=58b013e80000ff00059d4650

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

124f0540b0a531107030a6cd746f2c7b84acfe4469ba08b6792bb68da7edb984

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=58b013e80000ff00059d4650
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Nov 2023 03:37:18 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 44454
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15571
x-xss-protection: 1; mode=block
last-modified: Mon, 08 May 2023 11:42:56 GMT
server: AmazonS3
etag: "f90daf8c8f47c6afab7d4e27466118b5"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: f_c8vlJC2i76zNAklPoh_z5izP3JjjYU-jQRw0ejxeZuszfTEUGc7A==

GET
H3 200 trace Show response
thetcmgroup.com/cdn-cgi/ 316 B
381 B 47ms
47ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/cdn-cgi/trace

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7896e32d16e6b23738dc3dd97d7fc902557c1881c0b95d928024aba48a7de459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 821e89579b716688-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 Arrow-Head-Left.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 531 B
926 B 68ms
67ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/Arrow-Head-Left.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bdb08ca20e66e5b228a0899ec9e1fcb26cb5862ddd786bcb6694cb1f3790d21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"213-5ded292a56fe9-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i09U37ERqaHd3fEVjS1j0lvyIygLylghkrzdR7PnkTW0KPtAavRMZqXvEJclWzqYCEmo0khK4Eco0sUX7AeA7JFTvC7vNSsmtEZ5yj6XAi%2FxkTMG5vRwOX0Ozx%2BzYgKsNFgmQijWNZux8Im8tmc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821e89579b746688-AMS

GET
H3 200 Arrow-Head-Right.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 529 B
930 B 113ms
113ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/Arrow-Head-Right.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

360d29017fa6e21cb151ddc2694fa9815fb32145c1c8cb679d1101884113ba57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"211-5ded292a56fe9-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAokEoohMHK8ewWePJ1yXh6zQ%2FbxjU7E%2FkAMotGaa2%2FGKT%2FutKQFSJKnVYuK0oRroxjBZPKslmZ6w8kyyCr1jATUoncY%2FGteD7hWCixbHk92wmb%2FarxRiYtrPl9nYmk7Q%2FZuRP6Zy6WUIPYP8cw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821e89579b786688-AMS

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ 468 KB
188 KB 275ms
78ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcZ4CAbAAAAAOPsAuBbNZsFh13A3_lMp_JxI6o4&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b40c162722693512b2339257f4f4ed9b8f316f0bc56caf6895d29c9e3f85249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Origin: https://thetcmgroup.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 16:39:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 602348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191780
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Oct 2024 16:39:03 GMT

GET
H2 200 loader.js Show response
static.olark.com/jsclient/ 9 KB
3 KB 205ms
46ms Script
application/javascript 192.229.233.34
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/loader.js
Requested by: Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.34 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB6) /
Resource Hash: afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 24 Oct 2023 21:49:46 GMT
server: ECS (amb/6BB6)
age: 369
etag: W/"65383bfa-2227"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 3120
expires: Mon, 06 Nov 2023 18:58:11 GMT

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame EF3A 200 B
1 KB 55ms
55ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 339
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 15:52:33 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 03 Nov 2023 20:07:03 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-id: TzfgIZKQaR7Dy1sCaPagXO12pNsEeSjuFly3hU4JLYdJ8z4Fu7tZcw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-af2b1a0930aabaabdd88bbaa62023e98.html Show response
js.stripe.com/v3/ Frame ECD5 325 B
1 KB 55ms
54ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c029f32889d72c0d738e8dfa7233bbbbba61381cef6fe8aa74bfb2d884c983f7

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 15:58:10 GMT
etag: "af2b1a0930aabaabdd88bbaa62023e98"
last-modified: Fri, 03 Nov 2023 20:06:48 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-id: qkJuzjcZgd60Dqqk6kcj0Y5P36M3r3vr_Nvxdkcxgmw-M_dKaj77aA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-873f465a4e99cf698176753050a5589c.html Show response
js.stripe.com/v3/ Frame EB59 408 B
1 KB 55ms
55ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-873f465a4e99cf698176753050a5589c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

dc2d2c530c67decbf9fbbd68e9566c8d36162ad4b71c7adbe075bfe227aa6b29

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thetcmgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2800
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 15:11:32 GMT
etag: "873f465a4e99cf698176753050a5589c"
last-modified: Fri, 03 Nov 2023 20:07:03 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-id: C4BUzSJW4GSHhJ23M3MyNIxQJmGvMfnBwp4-cwxBbr3hr325aMnVFQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-c51c8fa7dfe3ace19f6c9a840e7bfafe.html Show response
js.stripe.com/v3/ Frame F61C 344 B
1 KB 58ms
58ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-c51c8fa7dfe3ace19f6c9a840e7bfafe.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

56de66b79ce04f8c6296659ca883c18912a0402647de8358a7ca678b0ed80226

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 4
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 15:58:08 GMT
etag: "c51c8fa7dfe3ace19f6c9a840e7bfafe"
last-modified: Fri, 03 Nov 2023 20:07:03 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-id: 3iCsa6Yswy3zQ34duXHieqbCOtfwwib_OObxzsv_6rwDZI7C-rZBOw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-af2b1a0930aabaabdd88bbaa62023e98.html Show response
js.stripe.com/v3/ Frame 03C4 325 B
1 KB 55ms
54ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c029f32889d72c0d738e8dfa7233bbbbba61381cef6fe8aa74bfb2d884c983f7

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 15:58:10 GMT
etag: "af2b1a0930aabaabdd88bbaa62023e98"
last-modified: Fri, 03 Nov 2023 20:06:48 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-id: YBQJvsJyQ4o1OTVgO_b5fgUpNN3foehQIfYC3NCyns1G775PTfxmTQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EF3A 631 B
1 KB 74ms
56ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:35:27 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 1633
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 631
last-modified: Thu, 02 Nov 2023 20:55:14 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: fDUQceF6EQG-7XfdRw0LRVa_riaQtZypYCNrH5L62HpqKFJvMgmlhw==

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 107 KB
33 KB 200ms
59ms Script
application/javascript 2a02:26f0:3500:18::1724:a29a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=a9237bd4-3780-4145-9699-99e148d3c75c&consentmode-dataredaction=undefined
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DKFX4C
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 02b9de7b7bf138e700920ae29919c78cf2188a5725d20499e79225860d164a67

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Mon, 06 Nov 2023 15:58:11 GMT
content-encoding: gzip
last-modified: Wed, 27 Sep 2023 07:15:18 GMT
etag: "4a4b65e12f1d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=584
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 33511
expires: Mon, 06 Nov 2023 16:07:55 GMT

GET
H2 200 shared-289a1402b72005b26d9b25f09d2809b5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame ECD5 532 KB
116 KB 74ms
60ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

574c3a7cc926bae5f88423285368c09ae6f625cb2ae48fbfcec9de6972fb93cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:08:21 GMT
content-encoding: br
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2990
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:07:02 GMT
server: Cloudfront
etag: W/"3dd9059f98c49a91686f7547b64efa85"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: cKjdpSRXSq2xSYeCRPzyVpGqc_6hFizw_QT37SrreaV80EGI4lBcQQ==

GET
H2 200 controller-21c1514437467dfd9679df463beea143.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame ECD5 655 KB
168 KB 85ms
80ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-21c1514437467dfd9679df463beea143.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f1cbb0f159c0fa596ed6ca37fff10a821c055bcf7c52f7ba8f63da1d29087b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:23:24 GMT
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2087
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:06:59 GMT
server: Cloudfront
etag: W/"4fddab37efe361069ce6f24f889791b0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6vOiw5nrzR9pjN6S8a4NdvezaWVfh7Che8hv4YENfh1w-BmLSrF3Pg==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame EB59 117 KB
36 KB 239ms
91ms Script
application/javascript 2a00:1450:4013:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-873f465a4e99cf698176753050a5589c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c02::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2ca074e06b24a5adbed403260d9a354a1d13d2eb95f13c59740e3c378f5a0c3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-YriZgC0d5z_6CS04G9tGWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-YriZgC0d5z_6CS04G9tGWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 06 Nov 2023 15:58:11 GMT

GET
H2 200 shared-289a1402b72005b26d9b25f09d2809b5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EB59 532 KB
116 KB 130ms
126ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-873f465a4e99cf698176753050a5589c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

574c3a7cc926bae5f88423285368c09ae6f625cb2ae48fbfcec9de6972fb93cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-873f465a4e99cf698176753050a5589c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:08:21 GMT
content-encoding: br
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2990
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:07:02 GMT
server: Cloudfront
etag: W/"3dd9059f98c49a91686f7547b64efa85"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: fixPpJiLHj1dAvh-A83SWrl3GG7Izjo0iA2PL6ZkXZ39Yy4NHoV9nA==

GET
H2 200 payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EB59 10 KB
4 KB 73ms
57ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-873f465a4e99cf698176753050a5589c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-873f465a4e99cf698176753050a5589c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:16:31 GMT
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2501
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:07:01 GMT
server: Cloudfront
etag: W/"947a5566a308873ad0fd8dbfdd9c81cf"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: f5wHYvbrSoPRUYcgjpV59UV2uhsh4cMO6nMbxolpL8MC5-QW_pzADw==

GET
H2 200 shared-289a1402b72005b26d9b25f09d2809b5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F61C 532 KB
116 KB 148ms
147ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-c51c8fa7dfe3ace19f6c9a840e7bfafe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

574c3a7cc926bae5f88423285368c09ae6f625cb2ae48fbfcec9de6972fb93cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-c51c8fa7dfe3ace19f6c9a840e7bfafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:08:21 GMT
content-encoding: br
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2990
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:07:02 GMT
server: Cloudfront
etag: W/"3dd9059f98c49a91686f7547b64efa85"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: A1BAVmVrmWgwOBdEG1vyJypwpkFv5C8eqXCvX97w1TdjcE7Dv3lhxw==

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F61C 12 KB
5 KB 161ms
160ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-c51c8fa7dfe3ace19f6c9a840e7bfafe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-c51c8fa7dfe3ace19f6c9a840e7bfafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:09:15 GMT
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2946
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:07:01 GMT
server: Cloudfront
etag: W/"330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: yrDuSMW1YdrcJXvA7YHHFaiPB1kTy9AdKpPaPT1413rUXxWgp78Zhw==

GET
H2 200 shared-289a1402b72005b26d9b25f09d2809b5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 03C4 532 KB
116 KB 160ms
154ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

574c3a7cc926bae5f88423285368c09ae6f625cb2ae48fbfcec9de6972fb93cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:08:21 GMT
content-encoding: br
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2990
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:07:02 GMT
server: Cloudfront
etag: W/"3dd9059f98c49a91686f7547b64efa85"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: gz2FiD3b4pi9QdZvcOxe_MMPpinlxl3B47XHE15eOcBe_ROhKpvFtg==

GET
H2 200 controller-21c1514437467dfd9679df463beea143.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 03C4 655 KB
168 KB 172ms
168ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-21c1514437467dfd9679df463beea143.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f1cbb0f159c0fa596ed6ca37fff10a821c055bcf7c52f7ba8f63da1d29087b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:23:24 GMT
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2087
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:06:59 GMT
server: Cloudfront
etag: W/"4fddab37efe361069ce6f24f889791b0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: N0egliu50bYTk40yMuvL8PrDjpreOEgvFjXEA_KW0mpocFyXeWUA7Q==

GET
H3 200 RF-footer-logo@2x.png
thetcmgroup.com/wp-content/uploads/2022/03/ 3 KB
4 KB 84ms
80ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/03/RF-footer-logo@2x.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edb23b3a54b2a8135bd8913696fdb0bf9e3365f36ca2bcd90efff2fa915fc758

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2993
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 16:45:48 GMT
server: cloudflare
etag: "bb1-5d9dff2385b4a"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pn8%2FodAjMJTjV648K%2F3oBraWM2mg%2FEwz4Xf0DZBaLo279I75k%2B7WBZXLeHIgjrhi36hfwgzXQKj9E9xRyj%2B3WDCOuURHcipWvBs764qRAIon5TLpnNb9pSQ7vz%2F6cIsqSfButzO%2FuuxQTkabFzc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e89598d976688-AMS

GET
H3 200 PCA-logo.png
thetcmgroup.com/wp-content/uploads/2023/03/ 8 KB
9 KB 119ms
116ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2023/03/PCA-logo.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ae4fc38640e214543ed0088f833f7500da172eb97f91bee5a296ee603e81ca5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8286
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Mar 2023 17:10:51 GMT
server: cloudflare
etag: "205e-5f68ed7e657cf"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcD6J5LU3z%2FhNZxvGvy6hg3i1m3iIA4a6VlZrKUiXU8wUjiI4kL8fIG7M26KMrvL1XB6Ds4qTUNSHAGAC8%2BqPQmh9AX6Enjtxc5tiwFJ0Ed7GLbIQRvA1zEAiF%2Fs%2FMDQxV%2BEuTmVGvsVQP5rxtM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e89598d9b6688-AMS

GET
H3 200 EL-footer-logo@2x.png
thetcmgroup.com/wp-content/uploads/2022/03/ 3 KB
4 KB 114ms
111ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/03/EL-footer-logo@2x.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b75fd7bd020f88e34a1861d1db246057777bc7050ff7adbad2e3b0d82c666bfe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3378
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 16:45:45 GMT
server: cloudflare
etag: "d32-5d9dff21542c0"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXmjaJpSg07NZuoXRs3tCAd4CLK65QY9eEPAAX0VdiaazgNyPFLaF9fIDalDSwxDYHeaIyjVV%2FAoOX9xMQg7XTSEhS3UPtKMK%2FpflV3rcQEzLBZpwze89AQePVoDcxqN%2FMHTyvBq4tf%2BLFEekNI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e89598d9d6688-AMS

GET
H3 200 Engage-Coaching-footer-logo.png
thetcmgroup.com/wp-content/uploads/2022/06/ 4 KB
4 KB 133ms
130ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/06/Engage-Coaching-footer-logo.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff66cd8b354fba69134c2fc2066b72c5e2bb3fa62a87f1819a74288e8ee37523

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3911
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 09:32:47 GMT
server: cloudflare
etag: "f47-5e21a22fd67da"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUoSwVYQApDo8YnNMivahGhe%2FkimflXL5995jgMpsvaEKyUoqFcrjLtDKdxHv%2FXrYFXEMWvRoi3mAFMYaTWYxFkzjmauBUpO%2F9BY8%2Bny4Zyk16hLu7trf7dbxnNaT8919xD2zPUK29uc4Dv7hyo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e89598d9e6688-AMS

GET
H3 200 Mediation-Co-footer-logo.png
thetcmgroup.com/wp-content/uploads/2022/06/ 6 KB
6 KB 117ms
115ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/06/Mediation-Co-footer-logo.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56395a307931ba8c8af322da569d8fbf232a6a2a198beff060bc60a0cb67f40c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5783
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 09:32:54 GMT
server: cloudflare
etag: "1697-5e21a236847b7"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FwffcOKCfbHmV2Yf4mxzUlvUY8ZIAZPoM3ybFHkCbzoXwIMZyHbMT1OyhoPY3afrStGn9WL6VH6MbtFJd0qZ610tl5B%2FIMXo8Gnmyj2GC%2FrI2yiPKvmA10X3QR0z2aLexve91Yf%2FIYDXn%2B7Jzs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e89598d9f6688-AMS

GET
H3 200 PC-footer-logo.png
thetcmgroup.com/wp-content/uploads/2023/07/ 3 KB
4 KB 131ms
129ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2023/07/PC-footer-logo.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6add0582c5120aa7b4b92c4d565789d2fac17eaecede5d6abee7fad99c23083e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3155
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 18 Jul 2023 16:19:55 GMT
server: cloudflare
etag: "c53-600c549251993"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbL9BYPSGMDt9q6p0k4mPbAwyngdKro0JPvYFoQjdptPGsyqho6D0PT4axh4VMruySIhXklFcLChfR6ezSx9x6zGS5JsvWgUGzkeAQr51dGKNQjdj%2FAxqsHqjzg3pqonnuhgYWZjWM1edXkryAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e89598da06688-AMS

GET
H3 200 Total-Conflict-logo.png
thetcmgroup.com/wp-content/uploads/2022/06/ 3 KB
4 KB 113ms
112ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/06/Total-Conflict-logo.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c9bd32be3014ae8c43d7d46a6d3a6ce34a26305777b44a1dff3df56e24fad1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3432
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 09:32:43 GMT
server: cloudflare
etag: "d68-5e21a22c04ef2"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6rTP9wZ%2FJf%2FHYuwn9qLRNq3V2PEBEvVDWcCsrYEf%2Fe7PHd92ObYgsPQ0uNwF306O8I6TN0D00nqPfIgDRn5pFjx0N%2BlnLNd57W5mthX1U%2FPzl68hLPSMWGSTgfmN97Zje0UraA6rqaC%2Fqu0hbY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e89598da16688-AMS

GET
H3 200 aubergine-logo.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 5 KB
3 KB 76ms
74ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/aubergine-logo.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccc25886abb8e064a290ed03b5051df4125812743217ad3f71bfa7d7466e7803

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"135f-5ded292a56fe9-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jbe9WJ2nHkrl1D2bxckjRG0NFKUz3HJLu5XLKGijmNbDZqdkRtBn50o%2FQqfal8qSST6vqUGGoIpFQ4I4XGu7w9O3SIZRS6O9gfL2KuEc7EmYcjEEk%2FiV%2FTuBtYJkIaN%2B4qsf%2B43qIrUrRYtHQzs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821e89598da36688-AMS

GET
H3 200 book-popup.png
thetcmgroup.com/wp-content/plugins/tcm-footer-popup-html/assets/ 105 KB
106 KB 142ms
141ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/plugins/tcm-footer-popup-html/assets/book-popup.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bf7d28b7817a3c5f5138d907b26704c1d9d5ee6daedf4bf9f305e5e0fbe48f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 107485
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 27 Sep 2023 12:35:18 GMT
server: cloudflare
etag: "1a3dd-606566c881e3b"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65a4jEPipFpVFPpWaTZA1K0mdpt5V%2B1tJ8WUZQ5dDanDmy0uRhUtt46TCdREGSxDcYSSQ4wJ%2BQVDQFlMIJvTaSwjdn1BbntZql0tPsTjP2lpAnQ0TU5kYb96%2FhxkadpoPQQvpjKJNekzWT3iWyA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e89598da56688-AMS

GET
H3 200 blue-close-tab.png
thetcmgroup.com/wp-content/plugins/tcm-footer-popup-html/assets/ 4 KB
4 KB 121ms
120ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/plugins/tcm-footer-popup-html/assets/blue-close-tab.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58c726abb9961e46616b46c8e5e8a714fb1403afd60457932edec76913bc21d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3592
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 27 Sep 2023 12:35:18 GMT
server: cloudflare
etag: "e08-606566c881e3b"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aByY1kK0uf9DRIp63eQ5P7LLcaKeCTRTBo64SyXlg%2BQoa%2BE3Wlc0iGvs2VaDIxley66jCTmJanEY9mgfOk6YFrqMKBaqIblur4hvqMbpTaogh%2FHTZ9bXmKVsWxCrG5mOLhBMGRrSxtnyW6TXJko%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e89598da76688-AMS

POST
H2 200 csp-report
q.stripe.com/ Frame EF3A 0
716 B 834ms
379ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699286292159527
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699286292159226
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame EF3A 0
716 B 853ms
401ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699286292160253
x-envoy-upstream-service-time: 7
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699286292159359
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame ECD5 0
715 B 847ms
397ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699286292160211
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699286292159052
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame EB59 0
715 B 827ms
385ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699286292159913
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699286292159001
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame EB59 0
716 B 810ms
369ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699286292149313
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699286292148920
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F61C 0
716 B 807ms
368ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699286292149260
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699286292148895
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F61C 0
715 B 775ms
337ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699286292118322
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699286292118031
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 03C4 0
716 B 817ms
382ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699286292159834
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699286292159427
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 53aa8807dec7e10d38f59f32 Show response
widget.trustpilot.com/trustbox-data/ Frame E8B8 892 B
824 B 58ms
57ms XHR
application/json 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=58b013e80000ff00059d4650&locale=en-GB

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

d920bbb4d210be64fabcd05b8c9e567b24b82adf6db425dd400f2252691376fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=58b013e80000ff00059d4650
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Nov 2023 15:46:49 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 681
x-cache: Hit from cloudfront
content-length: 394
x-xss-protection: 1; mode=block
server: Kestrel
etag: "6fd4690b5d9b56415bbf8eef0c8f1edd"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
x-amz-cf-id: 4LM5pVflTSsYomaXhiJn6Da1mBtUe7pG-4_zAhkVCLsyX-fR2KwaNA==

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame E8B8 0
321 B 88ms
88ms XHR
text/plain 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-GB&styleHeight=150px&styleWidth=100%25&theme=dark&url=https%3A%2F%2Fthetcmgroup.com%2Ftcm_course%2Fworkplace-investigation-mistakes%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.105%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=58b013e80000ff00059d4650&widgetId=53aa8807dec7e10d38f59f32

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=58b013e80000ff00059d4650
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 15:58:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: PmOk4-IabbInw3VjSww7BWeyvEs8VKHGEKKTeFAs_lty_4kRpoxrtw==
x-xss-protection: 1; mode=block

GET
H2 204 TrustboxView Show response
widget.trustpilot.com/stats/ Frame E8B8 0
321 B 82ms
81ms XHR
text/plain 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxView?locale=en-GB&styleHeight=150px&styleWidth=100%25&theme=dark&url=https%3A%2F%2Fthetcmgroup.com%2Ftcm_course%2Fworkplace-investigation-mistakes%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.105%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=58b013e80000ff00059d4650&widgetId=53aa8807dec7e10d38f59f32

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=58b013e80000ff00059d4650
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 15:58:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: TCUg0YhNdG-c_XofwSMmiOnD2zVM_aZkZT7cIa2uo-a1cRPB4z6wQw==
x-xss-protection: 1; mode=block

GET
BLOB 200
OK dd8f2a42-287b-41de-a55e-9079c36922e4 Show response
https://thetcmgroup.com/ Frame 1ADA 147 B
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://thetcmgroup.com/dd8f2a42-287b-41de-a55e-9079c36922e4
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/loader.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef75b33904d93af24fa40e39bfc332becf6145911fb0715a252445b5e2bcb79e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Content-Length: 147
Content-Type: text/html

GET
H2 200 inner.html Show response
m.stripe.network/ Frame C2A2 930 B
2 KB 238ms
59ms Document
text/html 2600:9000:2057:f200:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:f200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 91
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 15:56:41 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-id: rdWt0syd3Y4uQC8tUHx4f5yd8xr7_vGT4W9vhpa3qGHgQIuL6kCIaQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame ECD5 474 B
864 B 183ms
73ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 4b4e2fd962c12448fbb7303ba8a992df1457176a77844c907e298477619e4049

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
last-modified: Fri, 03 Nov 2023 20:43:33 GMT
server: Cloudfront
age: 1
x-amz-cf-pop: FRA6-C1
etag: "9d2b7c68f3688d63062ae3c45959953a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: b40uVinWyS4Fl4afeT6uq3fWIGqzQ4Ifw4ZZ_JJolCZ7IjyzXQtpLQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame ECD5 474 B
862 B 143ms
71ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 4b4e2fd962c12448fbb7303ba8a992df1457176a77844c907e298477619e4049

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
last-modified: Fri, 03 Nov 2023 20:43:33 GMT
server: Cloudfront
age: 1
x-amz-cf-pop: FRA6-C1
etag: "9d2b7c68f3688d63062ae3c45959953a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: sfbb0sfrPnsmNIbjQvEGbFhDSJ07iIfvAEOCp1852R1wi26muLZ9CA==

GET
H2 200 en-GB-de258e70e6f927eb403fbbc08d1e847f.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame ECD5 133 KB
24 KB 136ms
66ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/en-GB-de258e70e6f927eb403fbbc08d1e847f.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

612a484bf603116cfc8df65f8d75bc4d1718f4abc9fe3b4b8e94bf220cbbf60e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Nov 2023 15:10:14 GMT
content-encoding: br
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2915
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:06:50 GMT
server: Cloudfront
etag: W/"de258e70e6f927eb403fbbc08d1e847f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: -o7kWlXc7p-LNGwrMxPgMZ2G2gpfknA9nUC3_kpZ0r_YRn3zw2HqLg==

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame ECD5 2 KB
3 KB 440ms
292ms Fetch
application/json 54.76.53.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.76.53.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-53-164.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9738d81e77da8e0bdc68dbc301d00434f4825ef8c7ea2c5397ae8d7f90245915

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy-report-only: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
cross-origin-resource-policy: same-site
content-length: 1967
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 87B3 58 KB
33 KB 114ms
109ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcZ4CAbAAAAAOPsAuBbNZsFh13A3_lMp_JxI6o4&co=aHR0cHM6Ly90aGV0Y21ncm91cC5jb206NDQz&hl=nl&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=hpmwbviq2qlv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__nl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40d8564090a3040b5f1878f99bef4aab52f2a4e2d32bc75c73d827a0700bcbbf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iCX0G0a2PQR6IMJUJrVQsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-iCX0G0a2PQR6IMJUJrVQsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 15:58:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 03C4 474 B
863 B 55ms
54ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 4b4e2fd962c12448fbb7303ba8a992df1457176a77844c907e298477619e4049

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
last-modified: Fri, 03 Nov 2023 20:43:33 GMT
server: Cloudfront
age: 1
x-amz-cf-pop: FRA6-C1
etag: "9d2b7c68f3688d63062ae3c45959953a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: y6uUiYlk5DmNSSZw6_phxMNWxZAtEe2a8wWj84UdmD_uehsr_pNh0A==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 03C4 474 B
863 B 78ms
56ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 4b4e2fd962c12448fbb7303ba8a992df1457176a77844c907e298477619e4049

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
last-modified: Fri, 03 Nov 2023 20:43:33 GMT
server: Cloudfront
age: 1
x-amz-cf-pop: FRA6-C1
etag: "9d2b7c68f3688d63062ae3c45959953a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: KWzMCzdR8E5TZMj6LmhgLAL1q70Dd9tC9bffnsiYHc8CQmNLsNja2w==

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 9BAF 627 B
813 B 586ms
54ms Document
text/html 2a02:26f0:3500:887::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=a9237bd4-3780-4145-9699-99e148d3c75c&consentmode-dataredaction=undefined
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=29852610
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 15:58:12 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Thu, 17 Oct 2024 04:21:42 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1699286291894_388276618_2201792739_27_767_52_455_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/a9237bd4-3780-4145-9699-99e148d3c75c/ 271 KB
62 KB 120ms
119ms Script
application/x-javascript 2a02:26f0:3500:18::1724:a29a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/a9237bd4-3780-4145-9699-99e148d3c75c/cc.js?renew=false&referer=thetcmgroup.com&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=a9237bd4-3780-4145-9699-99e148d3c75c&consentmode-dataredaction=undefined
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 546e28cf159a041652349d56a4dab93d93e1b5733f1f78ebd42dab6f680621d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:11 GMT
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 15:58:11 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
cross-origin-resource-policy: cross-origin
content-length: 63335
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

POST
H2 200 csp-report
q.stripe.com/ Frame C2A2 0
490 B 473ms
400ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699286292160923
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699286292159236
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame C2A2 87 KB
14 KB 64ms
63ms Script
text/javascript 2600:9000:2057:f200:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:f200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:53:34 GMT
content-encoding: br
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 277
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: 0EyFCq4S_vw_3ym_K9IleemaYmZNeP3phKOGJyuY0baEQkXU0j5Igw==

GET
H2 200 en-GB-de258e70e6f927eb403fbbc08d1e847f.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 03C4 133 KB
24 KB 68ms
62ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/en-GB-de258e70e6f927eb403fbbc08d1e847f.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

612a484bf603116cfc8df65f8d75bc4d1718f4abc9fe3b4b8e94bf220cbbf60e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Nov 2023 15:10:14 GMT
content-encoding: br
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2915
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:06:50 GMT
server: Cloudfront
etag: W/"de258e70e6f927eb403fbbc08d1e847f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: SkB8QCFtdh9LhhX5Ajav4C83gmWhzRBxr32aTCZphG1GLLZdEn-8lw==

GET
H2 200 en-GB-de258e70e6f927eb403fbbc08d1e847f.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 03C4 133 KB
24 KB 77ms
76ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/en-GB-de258e70e6f927eb403fbbc08d1e847f.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

612a484bf603116cfc8df65f8d75bc4d1718f4abc9fe3b4b8e94bf220cbbf60e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Nov 2023 15:10:14 GMT
content-encoding: br
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2915
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:06:50 GMT
server: Cloudfront
etag: W/"de258e70e6f927eb403fbbc08d1e847f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 0gB035b0Qzi_HJwbKHVRJA7TMoleZpFT-HF9-G5ApKBgVwIl3zWxCg==

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 0A3D 19 KB
8 KB 135ms
91ms Document
text/html 2a00:1450:4013:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c02::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa2b13742e1d3c9f2a4434b4506a8d7d0655bc649f3b3a80723c6f5e78c445fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zYQWVVUBdHcAL5tigTh9Zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zYQWVVUBdHcAL5tigTh9Zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 06 Nov 2023 15:58:11 GMT
expires: Mon, 06 Nov 2023 15:58:11 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 634ms
584ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292349014
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699286292348830
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 629ms
583ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292349011
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286292348655
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 762ms
717ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292500934
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286292500507
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 441ms
395ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292159836
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1699286292159550
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 436ms
391ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292159651
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699286292159494
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 614ms
569ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292349082
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699286292348830
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 630ms
585ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292348942
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699286292348757
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 426ms
382ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292159817
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699286292159517
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 613ms
569ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292348747
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699286292348435
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 614ms
570ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292348602
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286292348455
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 625ms
581ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292348627
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286292348486
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 629ms
585ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292348712
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1699286292348546
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 632ms
590ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292349026
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 6
x-stripe-client-envoy-start-time-us: 1699286292348611
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 614ms
572ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292349049
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699286292348701
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 610ms
568ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292348760
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699286292348602
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 03C4 0
274 B 612ms
571ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292349103
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699286292348708
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 03C4 0
274 B 610ms
570ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292349045
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699286292348770
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 03C4 0
274 B 564ms
524ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292307446
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286292307177
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 03C4 0
274 B 563ms
523ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292307780
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699286292307217
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 03C4 0
274 B 602ms
563ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292340594
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286292339995
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 03C4 0
274 B 623ms
584ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292348657
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699286292348283
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 03C4 0
274 B 621ms
582ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292348577
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286292348319
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 03C4 0
274 B 624ms
585ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292349113
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699286292348381
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 03C4 0
274 B 627ms
590ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292349105
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1699286292348478
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 406ms
393ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292159685
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286292159401
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 03C4 0
274 B 401ms
392ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292159491
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286292159341
access-control-allow-credentials: true
content-length: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ Frame 87B3 55 KB
24 KB 167ms
56ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcZ4CAbAAAAAOPsAuBbNZsFh13A3_lMp_JxI6o4&co=aHR0cHM6Ly90aGV0Y21ncm91cC5jb206NDQz&hl=nl&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=hpmwbviq2qlv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 21:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Nov 2024 21:56:59 GMT

GET
H3 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ Frame 87B3 468 KB
187 KB 166ms
57ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__nl.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b40c162722693512b2339257f4f4ed9b8f316f0bc56caf6895d29c9e3f85249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 16:39:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 602349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191780
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Oct 2024 16:39:03 GMT

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.iKhxtymGPlo.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 0A3D 158 KB
56 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.iKhxtymGPlo.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrisb-o7qs7RnzxdxaKkbu4rkwWjSA/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fed8a1f987f43ce99e17bb8b4652f5205a1e1b0e781bbbf32e1fbd9557d681cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:51:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57334
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 08:39:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 19:51:29 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame C2A2 156 B
670 B 829ms
214ms XHR
application/json 52.89.37.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.89.37.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-89-37-98.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

dc71c2c9aa64cd665acec391e324b4355cb5b622c40d30784f33a478b7d82123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 06 Nov 2023 15:58:13 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699286293087662
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699286293087375
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 0A3D 2 KB
2 KB 153ms
149ms Other
text/html 2a00:1450:4013:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c02::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 241ms
240ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292535763
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286292535145
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 242ms
240ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292537810
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286292537598
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 235ms
235ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292540252
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286292537683
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 230ms
230ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292537845
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286292537667
access-control-allow-credentials: true
content-length: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 87B3 2 KB
2 KB 63ms
54ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 00:18:29 GMT
x-content-type-options: nosniff
age: 315583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 10 Nov 2023 00:18:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 87B3 15 KB
15 KB 62ms
53ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 219609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 87B3 15 KB
15 KB 72ms
64ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:06:30 GMT
x-content-type-options: nosniff
age: 337902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:06:30 GMT

GET
DATA 200
OK truncated
/ 293 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 87B3 102 B
133 B 95ms
94ms Other
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=3sU2vDRVDmUU2E0Ro4VadvPr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4fc582548b676f5a5e9c266bf9cbd3a0a1ae1621521b97fa5d1cd13de8abf9b8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcZ4CAbAAAAAOPsAuBbNZsFh13A3_lMp_JxI6o4&co=aHR0cHM6Ly90aGV0Y21ncm91cC5jb206NDQz&hl=nl&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=hpmwbviq2qlv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 06 Nov 2023 15:58:12 GMT

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.iKhxtymGPlo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0D... Frame 0A3D 73 KB
27 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.iKhxtymGPlo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0DVug9w.L.B1.O/am=EIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriibz9bfpH-YleGQ1VVAOaRcqhg7A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.iKhxtymGPlo.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrisb-o7qs7RnzxdxaKkbu4rkwWjSA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e670ed3138ce1631c59261b27fbc1ce77fb9484a3cf6fb4c1055a4ab80c7868b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 20:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27247
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 08:39:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 20:09:38 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 0A3D 1 MB
376 KB 115ms
115ms XHR
text/html 2a00:1450:4013:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c02::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

879ede361c9e1cefa2beb77b7c48594b0b1144c7936e8bcd36dd1439c3ea2188

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-ycgurIZ6N1_r1goreKFG7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-ycgurIZ6N1_r1goreKFG7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 06 Nov 2023 15:58:12 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.iKhxtymGPlo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0D... Frame 0A3D 9 KB
4 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.iKhxtymGPlo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0DVug9w.L.B1.O/am=EIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriibz9bfpH-YleGQ1VVAOaRcqhg7A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d352dd04d825a5c78227fbbd3abe50f686a04fba43dcd8b8a365d78be33722c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 20:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 08:39:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 20:09:38 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.iKhxtymGPlo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0D... Frame 0A3D 37 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.iKhxtymGPlo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0DVug9w.L.B1.O/am=EIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriibz9bfpH-YleGQ1VVAOaRcqhg7A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

defc6ef0592843c255e4494a344c675a33149cff70ac2049626c5f890123c528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 20:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14053
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 08:39:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 20:09:38 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0A3D 131 B
155 B 215ms
97ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 06 Nov 2023 15:58:13 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Nov 2023 15:58:13 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0A3D 131 B
155 B 245ms
128ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 06 Nov 2023 15:58:13 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Nov 2023 15:58:13 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0A3D 131 B
155 B 245ms
128ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 06 Nov 2023 15:58:13 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Nov 2023 15:58:13 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0A3D 131 B
155 B 244ms
126ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 06 Nov 2023 15:58:13 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Nov 2023 15:58:13 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0A3D 131 B
155 B 213ms
98ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 06 Nov 2023 15:58:13 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Nov 2023 15:58:13 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 215ms
214ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292893752
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286292893005
access-control-allow-credentials: true
content-length: 0

POST
H3 200 log Show response
play.google.com/ Frame 0A3D 131 B
155 B 215ms
98ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 06 Nov 2023 15:58:13 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Nov 2023 15:58:13 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 201ms
200ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292967585
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286292967415
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 199ms
199ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:12 GMT
x-stripe-server-envoy-start-time-us: 1699286292969749
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286292969515
access-control-allow-credentials: true
content-length: 0

GET
H3 200 close-quotemarks.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 973 B
1 KB 115ms
115ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/close-quotemarks.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b727f16d85c160feb1177c586ff68936a86f7742a029d031ac09505c088c536c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"3cd-5ded292a57f89-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaBnSj7PWfF%2B3G%2FmxIQgadeMDWk6PW%2B2QFU5DQox%2FbuNIj8bIQc0X5xxBMn1PwkxSizhOuCl7Cib4ri30rvhjhq%2FVIY6OBm0JscI%2B6wI%2BTSb2txOZv%2FZWTySRrk%2BWZK%2BRur2a1OBj7Sq1eVaT8c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821e89629ffc6688-AMS

GET
H3 200 PC-footer-logo.png
thetcmgroup.com/wp-content/uploads/2023/07/ 3 KB
4 KB 62ms
62ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2023/07/PC-footer-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6add0582c5120aa7b4b92c4d565789d2fac17eaecede5d6abee7fad99c23083e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 3155
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 18 Jul 2023 16:19:55 GMT
server: cloudflare
etag: "c53-600c549251993"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1e4%2FG36zxJObekZFbKJ47KIoM2oPgecp9i2oU2rLgyzGz7Hhn2Wkg5phToEFxo9G5RoSmNebQCHA1xPBaF6OEsGBriujbLmFnIe27jPnTwWzfo3ujJD78AbKhCJkkBhFNfxqbNZUN4k%2FCkOzqeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e89629fff6688-AMS

GET
H3 200 Total-Conflict-logo.png
thetcmgroup.com/wp-content/uploads/2022/06/ 3 KB
4 KB 60ms
60ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/06/Total-Conflict-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c9bd32be3014ae8c43d7d46a6d3a6ce34a26305777b44a1dff3df56e24fad1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 3432
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 09:32:43 GMT
server: cloudflare
etag: "d68-5e21a22c04ef2"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtb6jpGl4Y%2B%2B2OvzvyZtoYGr4ylikBDLreDVgmnR0hkVAo2mx7Iy71hamR%2FIaL1MLNxa8c4eAq%2FqsnfufGj6KygHL3IJTTVReITDXUqKmszBp2WC%2BdYwYfHnvFLKfqlATu8FtzzSu89Nl%2BRlIKY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e896298016688-AMS

GET
H3 200 RF-footer-logo@2x.png
thetcmgroup.com/wp-content/uploads/2022/03/ 3 KB
4 KB 61ms
60ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/03/RF-footer-logo@2x.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edb23b3a54b2a8135bd8913696fdb0bf9e3365f36ca2bcd90efff2fa915fc758

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 2993
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 16:45:48 GMT
server: cloudflare
etag: "bb1-5d9dff2385b4a"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzQhlUftznOsgSHbA461%2BUGqFZ4JJmTFI0W2N4Wxjrv4I6%2FT%2FakMOJBqLWGU6YbAcge3FZ4cUYKBGR5Spn2dcL7WytrSq9TTcsOPjL8USS%2B%2FjPrwKyQz4To4oQZVLP%2F5LUJFYgpo4w%2BgdMZxsfg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e896298046688-AMS

GET
H3 200 PCA-logo.png
thetcmgroup.com/wp-content/uploads/2023/03/ 8 KB
9 KB 61ms
61ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2023/03/PCA-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ae4fc38640e214543ed0088f833f7500da172eb97f91bee5a296ee603e81ca5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 8286
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Mar 2023 17:10:51 GMT
server: cloudflare
etag: "205e-5f68ed7e657cf"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8sDUpPGtpgLPHNqOvxBLF9naBRG1Y0TcXBRBwbdSSAEPhj6U4JRCb%2BthH6Ty8%2FvGT6%2BKA28HoJ83BHRLGiOZ4b45fLA3uSkeVNqkoRL8MeST2ddhQJwtLjxySAMDTNAjJvJ2%2Fmme6uiE5ZDhIk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e896298066688-AMS

GET
H3 200 EL-footer-logo@2x.png
thetcmgroup.com/wp-content/uploads/2022/03/ 3 KB
4 KB 59ms
58ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/03/EL-footer-logo@2x.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b75fd7bd020f88e34a1861d1db246057777bc7050ff7adbad2e3b0d82c666bfe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 3378
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 16:45:45 GMT
server: cloudflare
etag: "d32-5d9dff21542c0"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zu%2BpfkNyTCTg4VOG%2FOM5ap11MnUpw4dZS%2BeGes8zdjOtH20HwobK49oVn1ThzzN%2Bew5kL%2FlL7AaBap4rgoNFwvCT5hhsl1iP8acQ96o5qGFUb1SUZr9XASJmLScrnM9lfGDWn68fMLd8IYLEkTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e8962a80c6688-AMS

GET
H3 200 Engage-Coaching-footer-logo.png
thetcmgroup.com/wp-content/uploads/2022/06/ 4 KB
4 KB 58ms
57ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/06/Engage-Coaching-footer-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff66cd8b354fba69134c2fc2066b72c5e2bb3fa62a87f1819a74288e8ee37523

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 3911
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 09:32:47 GMT
server: cloudflare
etag: "f47-5e21a22fd67da"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ws3hAhHkhqNg7urcjWNhuxAzFFEeF40hXeEsbTJklihvJZMWhsMEkFMdfAQvo9NWIIwJD1dTaATai83Ysg3skI3VPF%2FqaMfo%2FNnEqz9RPREioPFdW8J%2FOmXNnvOAUKVLaehFs6n8CI7Imq31nc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e8962a80f6688-AMS

GET
H3 200 Mediation-Co-footer-logo.png
thetcmgroup.com/wp-content/uploads/2022/06/ 6 KB
6 KB 60ms
59ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/06/Mediation-Co-footer-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56395a307931ba8c8af322da569d8fbf232a6a2a198beff060bc60a0cb67f40c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:58:12 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 5783
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 09:32:54 GMT
server: cloudflare
etag: "1697-5e21a236847b7"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hD084TKfwT0uCf5gNEG%2FOuy8yNHoSYvLRknukyTVSEl2NZB%2Bf3LJ66IhRNLttkBMN2fulTWtRdEL419BdZl824i31BkQpetrSWfz%2B%2Fa3mXF4fryRnSjIWIEO1KhPpjIXhtGXx3kbHoUkdqbolyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821e8962a8106688-AMS

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 267ms
262ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:13 GMT
x-stripe-server-envoy-start-time-us: 1699286293086743
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286293086171
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 266ms
262ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:13 GMT
x-stripe-server-envoy-start-time-us: 1699286293086506
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699286293086208
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECD5 0
274 B 263ms
262ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 15:58:13 GMT
x-stripe-server-envoy-start-time-us: 1699286293086537
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1699286293086234
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 332ms
112ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 06 Nov 2023 15:58:13 GMT
expires: Mon, 06 Nov 2023 15:58:13 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 321ms
113ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 06 Nov 2023 15:58:13 GMT
expires: Mon, 06 Nov 2023 15:58:13 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 316ms
114ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 06 Nov 2023 15:58:13 GMT
expires: Mon, 06 Nov 2023 15:58:13 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 310ms
113ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 06 Nov 2023 15:58:13 GMT
expires: Mon, 06 Nov 2023 15:58:13 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 308ms
114ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 06 Nov 2023 15:58:13 GMT
expires: Mon, 06 Nov 2023 15:58:13 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 232ms
114ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 06 Nov 2023 15:58:13 GMT
expires: Mon, 06 Nov 2023 15:58:13 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame C2A2 156 B
669 B 199ms
198ms XHR
application/json 52.89.37.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.89.37.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-89-37-98.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

dc71c2c9aa64cd665acec391e324b4355cb5b622c40d30784f33a478b7d82123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 06 Nov 2023 15:58:13 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699286293326179
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699286293325961
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame C2A2 156 B
669 B 247ms
247ms XHR
application/json 52.89.37.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.89.37.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-89-37-98.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

dc71c2c9aa64cd665acec391e324b4355cb5b622c40d30784f33a478b7d82123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 06 Nov 2023 15:58:13 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699286293376057
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699286293375669
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ 295 B
796 B 55ms
54ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:09:19 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 2945
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 295
last-modified: Fri, 03 Nov 2023 20:07:02 GMT
server: Cloudfront
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: NyA7tEVs_yTCj1o4Glj0oKvw-PSDNFfbI7qpzCPxk3MQgYXhS2vW9w==

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www2.thetcmgroup.com/	1970-01-21 01:37:26	Name: visitor_id897461 Value: 342300945
www2.thetcmgroup.com/	1970-01-21 01:37:26	Name: visitor_id897461-hash Value: 1cb834bc7da19f57f9604392049688bc44c02626966cf07487df9bdb6fb28371ab005877af768b5dde9d44f7e4c10804a206a7d1
.pardot.com/	1970-01-21 01:37:26	Name: visitor_id897461 Value: 342300945
.google.com/	1970-01-20 20:24:57	Name: NID Value: 511=oS_VuE1XONBRnfhHJgFMHJI3L8y54EpL2XcPWpZ9Y_bwIO_cX-x9la4rlF4Mv8ojfiZs5oB2D9ryWsMOFWYaMya3zz_eUQG1rhJHSF9hg21MvjDB1XAsseVChnqaoCpso5cWddmJIjh402CLs70534pnw3L0OyGzMApNkZsB3nQ
m.stripe.com/	1970-01-21 01:37:26	Name: m Value: d440eb07-5d71-4cfe-9bf7-133dc3751974d4dbbd
.thetcmgroup.com/	1970-01-21 00:47:02	Name: __stripe_mid Value: 00dc6d04-c763-4806-957c-3f3b613f3195c949e7
.thetcmgroup.com/	1970-01-20 16:01:28	Name: __stripe_sid Value: 23c9b362-f866-4175-aa47-3dcc5007222e89998e

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent.cookiebot.com
consentcdn.cookiebot.com
fonts.googleapis.com
fonts.gstatic.com
go.pardot.com
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
static.olark.com
thetcmgroup.com
widget.trustpilot.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www2.thetcmgroup.com

18.208.125.13
192.229.233.34
2600:9000:2057:f200:19:7d10:bd80:93a1
2a00:1450:4001:802::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:811::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:4013:c02::5c
2a02:26f0:3500:18::1724:a29a
2a02:26f0:3500:887::f09
2a06:98c1:3120::3
34.237.219.119
52.222.236.71
52.89.37.98
54.186.23.98
54.76.53.164
99.86.4.76
0056299071c4519f17586f5a4f9d7bacadc0978a31b36e79eebc09ec17439cbe
00b55d4c2f81b6b53aa944b364b81ac1e1a3a4f3e94818b14eb270e5f156f24b
02400eff6006674ae1b3d90e24a27433b2f7724c5002b7c82d9a3f340755357a
02b9de7b7bf138e700920ae29919c78cf2188a5725d20499e79225860d164a67
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
0312475e7974a6a7d4ca349eb9f0f1fb00387c993f1ee6627065a32a3aa8ad8b
0775857f32c100c7e98fe96ba857873809054342a1ce98fafc174f8046a1da0d
08ed8e3aab1262bd50ac7b605dfb3f628dab6f18fbb58b0e59623216dbad6727
09b662ab593f8d6554b3b463d4a352e5b7e0586bb4e60acc11f4913b428509ad
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
118e237b998bf26746914c5398bd37a71938f664dc434a27830351e778ae0ab3
124f0540b0a531107030a6cd746f2c7b84acfe4469ba08b6792bb68da7edb984
12553f3efc346c133c5ffba7a493ef82fce2298e81b1a09a342b8ada10e26405
1462afd7ed679c2549f4104b64946fee49c0b7b5778e91945825783fddd05fe6
1533d5bc82424a9a3ac37a7fe543925909d25715d16938b9e02c728c86fd86e8
15c9bd32be3014ae8c43d7d46a6d3a6ce34a26305777b44a1dff3df56e24fad1
1633281d74a87f044dea32f5782acf8e587b7814f907e17b3740dc72f988e29e
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f9d95f4b70225cad9e8255322914389e70174461330a4330ad1f851b444bded
2173fe202b54daeb55873608869a7ee5a1ef481d23f6e42b024ae666973770fa
218bc0ca7943a10d0d9fe3db6a6bf5778bf6396031d82e0680d828fdd10a7b54
23f71eff6c34c2a6aa74192072500749c9894c493a71b2ede6e988ae3dc31deb
25954a06d0ad4e02de285782538fce370efd6482e37aff9ecaa386149db1159f
27381220e3f28342d9b020614058b4ca43f5abf17efbc48d6a817ae6f05160f7
2b2e4c86ca4da9eac25c15aaed65de5428d4c30b8d308a38e1870d28498c2b18
2bdb08ca20e66e5b228a0899ec9e1fcb26cb5862ddd786bcb6694cb1f3790d21
2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03
2fc10f9452d76439d0ad3bb712d360c869347110abf205cc0d733f489d56f8c9
3115055b28056bc3d6ae03731659ea8ccc83e08f18b3f64a6dcd02f36000d4b4
32f9c687f53eaf43d8691cfc3ec89d8982f3a0da2bb8a45066891d6f7ca9b4a3
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
360d29017fa6e21cb151ddc2694fa9815fb32145c1c8cb679d1101884113ba57
3d6a1250b131483bf690875fcdb40533a394fff0880f007f48f9b8f2a1ccd8fb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40d8564090a3040b5f1878f99bef4aab52f2a4e2d32bc75c73d827a0700bcbbf
49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc
4b4e2fd962c12448fbb7303ba8a992df1457176a77844c907e298477619e4049
4d3e0f5e27ff66bec2902b6dcdbe52dc22ba86b143dd6940ffce312f0ac93a9d
4fc582548b676f5a5e9c266bf9cbd3a0a1ae1621521b97fa5d1cd13de8abf9b8
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5263e0259033b631c270979443ce95ea023737a1ad7f5d6d618e73bef2d64e8d
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
546e28cf159a041652349d56a4dab93d93e1b5733f1f78ebd42dab6f680621d4
5550f904be1dd8825d113db685b9c92507fa0087d414c6a1f64852d62758c0c4
56395a307931ba8c8af322da569d8fbf232a6a2a198beff060bc60a0cb67f40c
56de66b79ce04f8c6296659ca883c18912a0402647de8358a7ca678b0ed80226
574c3a7cc926bae5f88423285368c09ae6f625cb2ae48fbfcec9de6972fb93cc
58c726abb9961e46616b46c8e5e8a714fb1403afd60457932edec76913bc21d1
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ba9af6f12e99663f8f04285ef3d4ffd4cdbca820bccbc2dda9c40f805b5a850
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d77df9f839f005f080cc53f762fa9bdc2feb864fd18203de081d382f452518d
612a484bf603116cfc8df65f8d75bc4d1718f4abc9fe3b4b8e94bf220cbbf60e
61fd3b67eafbe7ad93dc91572ce028865839a09b1adefe40f65d91bdb5a21d9d
675abb39e33edf5c534d86017f925545b7f68621897f9c688badad05303824f7
6add0582c5120aa7b4b92c4d565789d2fac17eaecede5d6abee7fad99c23083e
6b40c162722693512b2339257f4f4ed9b8f316f0bc56caf6895d29c9e3f85249
6bf7d28b7817a3c5f5138d907b26704c1d9d5ee6daedf4bf9f305e5e0fbe48f9
6d352dd04d825a5c78227fbbd3abe50f686a04fba43dcd8b8a365d78be33722c
6d851b0454d1ad5a29006e4d06b0e98fe70f6d324b3ebf7e8c28d4f61ef0472b
6e6e9b41bfb424a2dc0ffef4a8902dbfb4b6dbf9618c4a05b22f4a12fa7c821c
6e7d2a1ae6d18ec37ab985e42b7202b14d222cb9074a7d0f8557e8bff8759a75
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
75f49fa35612a52c9a1dde5a3c6edc9beac852ddf99c08af7b4b9830f95c8c2c
76e3d57f294e687fe050edb76a590371ad5de81e5c74fe313f2fba3187006a6d
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688
7896e32d16e6b23738dc3dd97d7fc902557c1881c0b95d928024aba48a7de459
78c9a9261396f69ebcea27f2163f517652d6e2ff3e14c9e6b1754bf5fa1d0331
7f29390b230580ac6995fa545c194d7ae22099bf823ca93fa9bfd1af736e0747
816259af9cec16869342c649874102bbf21eb8f7d735c40f3e7f45ebd56ff8e8
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
8484111ff018ada568ba906180a74be9b043a7f605988ab7ed5fe2d843fcb278
859a00a2a87cb8cda482aeac3f79e7c77183e868c30e4ac6da07829fdf69f705
85f7a5f0575d264e7ae61f50e1933edc81474948b6fab0ca77d92bf4074a8ad3
879ede361c9e1cefa2beb77b7c48594b0b1144c7936e8bcd36dd1439c3ea2188
8adfbc27fffba13ab2e297324d3e0141049e272ed6439a3703ff4fdb74f5fb7f
8ae4fc38640e214543ed0088f833f7500da172eb97f91bee5a296ee603e81ca5
8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6
92b4feff9bb6c863075d35cd38d989cc254f99489f574338def1949904027d42
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9738d81e77da8e0bdc68dbc301d00434f4825ef8c7ea2c5397ae8d7f90245915
a02c9957ef409f8602001de0cde05ad5bb5953b2fb75e4b958ffafefaba6a196
a1e8e0185e0bc8a10588d49536887fc5410fdc43a386adbe377a8c4c09662e8d
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
a9355c1b32c96f1da116a0df14644c2f2a1965d5206234304174514fc209aa90
aa2b13742e1d3c9f2a4434b4506a8d7d0655bc649f3b3a80723c6f5e78c445fe
ac0a29702ebc38d8c064dc547ef86af370a27d8b2f3f758291d3cc481643872d
afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d
b2ca074e06b24a5adbed403260d9a354a1d13d2eb95f13c59740e3c378f5a0c3
b6d62cb480942c8deb8161cbca06f0838d48ebdc750b7c2f535d0581212a7cfe
b727f16d85c160feb1177c586ff68936a86f7742a029d031ac09505c088c536c
b75fd7bd020f88e34a1861d1db246057777bc7050ff7adbad2e3b0d82c666bfe
b99993143ef5c98b746267c0a19fd2c2f4a6d64af3e1dae82a87573c4b9b1572
bcfd86c8d3f5891e3cbfa3fd7a67fcc2c2e9eb090c7ce73735124a01d3333aa8
c008de21b502d1a5e12ede3b27f9f595ed4388dda36a9784b4accb8149044a7c
c029f32889d72c0d738e8dfa7233bbbbba61381cef6fe8aa74bfb2d884c983f7
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
cbdd8a81111b2dbc784a4d9b9193f9d241ddd212932d440c5a4ac46277ae8f44
ccc25886abb8e064a290ed03b5051df4125812743217ad3f71bfa7d7466e7803
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620
d18587fe060f4a33ff629645aaf30ea3a4e56246d59855b78887c742dc7ce998
d585a2ee280fb3a5db922a8035d7d8c633c5e3245d1ef5ff4a97f52c6d7e3853
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d920bbb4d210be64fabcd05b8c9e567b24b82adf6db425dd400f2252691376fa
dc2d2c530c67decbf9fbbd68e9566c8d36162ad4b71c7adbe075bfe227aa6b29
dc71c2c9aa64cd665acec391e324b4355cb5b622c40d30784f33a478b7d82123
defc6ef0592843c255e4494a344c675a33149cff70ac2049626c5f890123c528
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e498b2961dbb96d80349b25bfdf2ed6d5ac4f580c9824dae5b53e03eb414db3a
e6658396ee384c7a84e83365a3ce7aabec29bbd9d55ee8400abd3c367ac72bdb
e670ed3138ce1631c59261b27fbc1ce77fb9484a3cf6fb4c1055a4ab80c7868b
edb23b3a54b2a8135bd8913696fdb0bf9e3365f36ca2bcd90efff2fa915fc758
ef75b33904d93af24fa40e39bfc332becf6145911fb0715a252445b5e2bcb79e
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f1cbb0f159c0fa596ed6ca37fff10a821c055bcf7c52f7ba8f63da1d29087b8f
fb689f976d6d96a8593caf251df449432d017be8923bc5557f13e8f060b07211
fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e
fed8a1f987f43ce99e17bb8b4652f5205a1e1b0e781bbbf32e1fbd9557d681cb
ff66cd8b354fba69134c2fc2066b72c5e2bb3fa62a87f1819a74288e8ee37523
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

thetcmgroup.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

179 Requests

100 %HTTPS

55 %IPv6

11 Domains

20 Subdomains

19 IPs

4 Countries

2963 kBTransfer

9446 kBSize

7 Cookies

21 Outgoing links

Page URL History

Redirected requests

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 24 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thetcmgroup.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

179
Requests

100 %
HTTPS

55 %
IPv6

11
Domains

20
Subdomains

19
IPs

4
Countries

2963 kB
Transfer

9446 kB
Size

7
Cookies

179 HTTP transactions
24 data transactions