welcome.mindbloom.com Open in urlscan Pro
2600:9000:2156:6c00:13:381:3540:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://welcome.mindbloom.com/
Effective URL:
https://welcome.mindbloom.com/
Submission Tags: falconsandbox
Submission: On July 26 via api (July 26th 2022, 12:51:33 pm UTC) from US — Scanned from DE

Summary HTTP 73 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 19 domains to perform 73 HTTP transactions. The main IP is 2600:9000:2156:6c00:13:381:3540:93a1, located in United States and belongs to AMAZON-02, US. The main domain is welcome.mindbloom.com.
TLS certificate: Issued by Amazon on October 28th 2021. Valid for: a year.

This is the only time welcome.mindbloom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2600:9000:215... 2600:9000:2156:6c00:13:381:3540:93a1	16509 (AMAZON-02) (AMAZON-02)
4	99.86.240.125 99.86.240.125	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
6	54.91.6.89 54.91.6.89	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:20:... 2606:4700:20::681a:7c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:dc:... 2a02:26f0:dc:18b::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	143.204.103.41 143.204.103.41	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	13.32.110.40 13.32.110.40	16509 (AMAZON-02) (AMAZON-02)
1	52.219.97.154 52.219.97.154	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	18.66.15.108 18.66.15.108	16509 (AMAZON-02) (AMAZON-02)
3	23.47.212.208 23.47.212.208	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 6	2600:9000:211... 2600:9000:211a:8800:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
4	44.236.175.31 44.236.175.31	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	108.128.102.72 108.128.102.72	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
73	27

2 2600:9000:2156:6c00:13:381:3540:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

welcome.mindbloom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.240.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-125.vie50.r.cloudfront.net

assets.formsort.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o210177.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.91.6.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-6-89.compute-1.amazonaws.com

api.flow.formsort.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:7c2 (United States)

ASN13335 (CLOUDFLARENET, US)

api.mindbloom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:dc:18b::1931 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 143.204.103.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-41.fra50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.110.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-40.vie50.r.cloudfront.net

usercontent.formsort.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.97.154 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

mindbloom-images.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-108.vie50.r.cloudfront.net

event.formsort.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.47.212.208 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-212-208.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:211a:8800:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.236.175.31 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-175-31.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.102.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-102-72.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	segment.com cdn.segment.com — Cisco Umbrella Rank: 1355	84 KB
13	formsort.com assets.formsort.com — Cisco Umbrella Rank: 794476 api.flow.formsort.com — Cisco Umbrella Rank: 827205 usercontent.formsort.com — Cisco Umbrella Rank: 873788 event.formsort.com — Cisco Umbrella Rank: 916949	5 MB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2841	60 KB
7	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2092 d.adroll.com — Cisco Umbrella Rank: 1475	21 KB
4	segment.io api.segment.io — Cisco Umbrella Rank: 870	709 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 344	12 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	131 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 773	2 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 117 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	202 KB
3	mindbloom.com 1 redirects welcome.mindbloom.com api.mindbloom.com	3 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 745	19 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	297 B
1	google.de www.google.de — Cisco Umbrella Rank: 5701	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 10	548 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
1	amazonaws.com mindbloom-images.s3.us-east-2.amazonaws.com	45 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1323	44 KB
1	sentry.io o210177.ingest.sentry.io — Cisco Umbrella Rank: 859592	281 B
73	19

	Domain	Requested by
13	cdn.segment.com	welcome.mindbloom.com assets.formsort.com cdn.segment.com
8	www.google-analytics.com	assets.formsort.com www.googletagmanager.com www.google-analytics.com cdn.segment.com
6	s.adroll.com	2 redirects cdn.segment.com s.adroll.com
6	api.flow.formsort.com	assets.formsort.com
4	api.segment.io	assets.formsort.com
4	assets.formsort.com	welcome.mindbloom.com
3	bat.bing.com	cdn.segment.com bat.bing.com
3	connect.facebook.net	cdn.segment.com connect.facebook.net
3	ct.pinterest.com	assets.formsort.com
3	www.googletagmanager.com	welcome.mindbloom.com www.googletagmanager.com cdn.segment.com
2	stats.g.doubleclick.net	assets.formsort.com
2	usercontent.formsort.com
2	region1.google-analytics.com	www.googletagmanager.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	welcome.mindbloom.com	1 redirects
1	www.facebook.com
1	www.google.de
1	www.google.com
1	d.adroll.com	s.adroll.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	event.formsort.com	assets.formsort.com
1	mindbloom-images.s3.us-east-2.amazonaws.com
1	www.googleoptimize.com	www.googletagmanager.com
1	api.mindbloom.com	assets.formsort.com
1	o210177.ingest.sentry.io	assets.formsort.com
73	26

This site contains no links.

Subject Issuer	Validity	Valid
*.mindbloom.com Amazon	`2021-10-28` - `2022-11-26`	a year	crt.sh
*.formsort.com Amazon	`2021-11-16` - `2022-12-14`	a year	crt.sh
*.ingest.sentry.io R3	`2022-06-21` - `2022-09-19`	3 months	crt.sh
api.flow.formsort.com R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-03` - `2022-09-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
*.s3.us-east-2.amazonaws.com Amazon	`2021-12-17` - `2022-12-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
formsort.com Amazon	`2021-10-06` - `2022-11-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-04` - `2022-08-02`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://welcome.mindbloom.com/
Frame ID: 60875AE8AF7861BB0A307DF27E1EF243
Requests: 70 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to Mindbloom

Page URL History Show full URLs

http://welcome.mindbloom.com/ HTTP 301
https://welcome.mindbloom.com/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

73
Requests

95 %
HTTPS

58 %
IPv6

19
Domains

26
Subdomains

27
IPs

5
Countries

5948 kB
Transfer

9446 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://welcome.mindbloom.com/ HTTP 301
https://welcome.mindbloom.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://s.adroll.com/j/exp/7RPUVNNVABB3HKZJEXA4R7/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 61

https://s.adroll.com/j/pre/7RPUVNNVABB3HKZJEXA4R7/CFGD3O3PZJGNLGD5DKHKWE/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
welcome.mindbloom.com/
Redirect Chain

http://welcome.mindbloom.com/
https://welcome.mindbloom.com/

2 KB
2 KB

534ms
510ms

Document
text/html

2600:9000:2156:6c00:13:381:3540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://welcome.mindbloom.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:13:381:3540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

waitress /

Resource Hash

f107d618681f0e4aee0d80759e4ee96ce7165e1b73914a2c606e480302d27543

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://mindbloom.co https://mindbloom.com https://mindbloom.webflow.io https://studio.formsort.com
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=60
content-encoding: gzip
content-security-policy: frame-ancestors https://mindbloom.co https://mindbloom.com https://mindbloom.webflow.io https://studio.formsort.com
content-type: text/html; charset=utf-8
date: Tue, 26 Jul 2022 12:51:29 GMT
expires: Tue, 26 Jul 2022 12:52:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: waitress
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: https://assets.formsort.com, https://welcome.mindbloom.com/
vary: Accept-Encoding
via: 1.1 vegur, 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
x-amz-cf-id: Qw6MqyObuuZJRvVT_yc3B0RneOWruSt75m48Lg9rUrLjww8DDt1QPA==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 183
Content-Type: text/html
Date: Tue, 26 Jul 2022 12:51:28 GMT
Location: https://welcome.mindbloom.com/
Server: CloudFront
Via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
X-Amz-Cf-Id: YT64HIqoEdoj-epApi1FBi_2ou27hbinI2kSu0_RW8aw3QA5xiS6zA==
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Redirect from cloudfront

GET
H2 200 react.195f8cc7e19a064f1872.js Show response
assets.formsort.com/flow/static/js/ 186 KB
61 KB 188ms
55ms Script
application/javascript 99.86.240.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.formsort.com/flow/static/js/react.195f8cc7e19a064f1872.js
Requested by: Host: welcome.mindbloom.com
URL: https://welcome.mindbloom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-125.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63b57e162a96a8bdea52626698b16a1115df368d2f2aa26b08f4ceed76dd534f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 10:39:50 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 09:20:28 GMT
server: AmazonS3
age: 94300
etag: W/"96daa79eca7c0c3a106031d9e967a54a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: cNCoomIq8Z0NdZA4hwfmnJl8uS9eC_5XuZpGLYOv0EQ-fifH8qUDOQ==
x-amz-meta-sha: 85d4336fcee45d765a1d680bd2a4b5f5084036ad

GET
H2 200 vendors.6b5a0fcc5fffc0cddaef.js Show response
assets.formsort.com/flow/static/js/ 542 KB
175 KB 164ms
32ms Script
application/javascript 99.86.240.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.formsort.com/flow/static/js/vendors.6b5a0fcc5fffc0cddaef.js
Requested by: Host: welcome.mindbloom.com
URL: https://welcome.mindbloom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-125.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1755cecb0026538ef5c7e76cfa362dafa082e1c70d4dca49c2b02766baec87f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 10:39:50 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 09:20:28 GMT
server: AmazonS3
age: 94300
etag: W/"bc74554270046ecc0f69b9c1b8e11bb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: tOHqNzdTOQGQGQEag_b03B6mSXutWcl9YlyLdJ75ksLrHjj73_U57w==
x-amz-meta-sha: 85d4336fcee45d765a1d680bd2a4b5f5084036ad

GET
H2 200 flow.021f98bf5609f9502874.js Show response
assets.formsort.com/flow/static/js/ 457 KB
126 KB 134ms
17ms Script
application/javascript 99.86.240.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.formsort.com/flow/static/js/flow.021f98bf5609f9502874.js
Requested by: Host: welcome.mindbloom.com
URL: https://welcome.mindbloom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-125.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 162e762ddb236f47a9ce3b186b72a4a6b93a5f17611c5acc32d1c559c41d35d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 14:28:01 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 13:25:40 GMT
server: AmazonS3
age: 80608
etag: W/"be1d7fc40bf303bb73442b37b2d70552"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 7zZvohBEq3lPRrS-05sTcSpc3ajaKMYtu_SeB5jatEbKcd85mzB21Q==
x-amz-meta-sha: f93f0a1f495086ac179a9f86e54cc97c7a51a25e

GET
H2 200 flow.239.8f733385d0f1348b2873.css
assets.formsort.com/flow/static/css/ 8 KB
3 KB 147ms
15ms Stylesheet
text/css 99.86.240.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.formsort.com/flow/static/css/flow.239.8f733385d0f1348b2873.css
Requested by: Host: welcome.mindbloom.com
URL: https://welcome.mindbloom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-125.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b71cf02e02ed6ae6865c1af063e30381469810806da2316c8b11a3b180b93d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 14:02:37 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 12:41:53 GMT
server: AmazonS3
age: 514133
etag: W/"4f15f59012905727e9f0fabe7d9f8707"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: d_obGzKEuRFVn1NxyxzpxXSFNlGgmZi6wT3r-4r19s-Mv2mEn2n7bw==
x-amz-meta-sha: cf1db38c444f58f0caa05756dbde097b61f18d4b

POST
H2 200 / Show response
o210177.ingest.sentry.io/api/1334649/envelope/ 2 B
281 B 70ms
12ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o210177.ingest.sentry.io/api/1334649/envelope/?sentry_key=64ded0b86127407cb55f5c467a6312fb&sentry_version=7&sentry_client=sentry.javascript.react%2F7.7.0

Requested by

Host: assets.formsort.com
URL: https://assets.formsort.com/flow/static/js/vendors.6b5a0fcc5fffc0cddaef.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://welcome.mindbloom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Jul 2022 12:51:29 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://welcome.mindbloom.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H/1.1 200
OK start Show response
api.flow.formsort.com/flow-api/session/ 1 KB
1 KB 104ms
104ms Fetch
application/json 54.91.6.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.flow.formsort.com/flow-api/session/start

Requested by

Host: assets.formsort.com
URL: https://assets.formsort.com/flow/static/js/vendors.6b5a0fcc5fffc0cddaef.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-6-89.compute-1.amazonaws.com

Software

waitress /

Resource Hash

65930fcff3c0e8838bd778e741f3e8f24f676b675f81648e538a942dfbf97711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-transaction-id: 6b7a731d-624e-4d22-af97-654c4e0cdde4/19477611-5aab-400c-ad33-c80ca64f4acc/7e13f31d-18f5-429e-80e6-c73bc57d9be6
Referer: https://welcome.mindbloom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
X-Request-ID: 6b7a731d-624e-4d22-af97-654c4e0cdde4/19477611-5aab-400c-ad33-c80ca64f4acc/7e13f31d-18f5-429e-80e6-c73bc57d9be6
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Date: Tue, 26 Jul 2022 12:51:30 GMT
Via: 1.1 vegur
Referrer-Policy: strict-origin-when-cross-origin
Server: waitress
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/json
Access-Control-Allow-Origin: https://welcome.mindbloom.com
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Origin
Content-Length: 1102
X-Xss-Protection: 1; mode=block

OPTIONS
H/1.1 200
OK start
api.flow.formsort.com/flow-api/session/ 0
0 466ms
98ms Preflight
text/html 54.91.6.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.flow.formsort.com/flow-api/session/start

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-6-89.compute-1.amazonaws.com

Software

waitress /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-request-id,x-transaction-id
Access-Control-Request-Method: POST
Origin: https://welcome.mindbloom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Headers: x-request-id, x-transaction-id
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://welcome.mindbloom.com
Access-Control-Max-Age: 60
Allow: GET, OPTIONS, HEAD, POST
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Tue, 26 Jul 2022 12:51:30 GMT
Referrer-Policy: strict-origin-when-cross-origin
Server: waitress
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Vary: Origin
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK variant Show response
api.flow.formsort.com/flow-api/client/mindbloom/flow/candidate_survey/ 97 KB
97 KB 171ms
171ms Fetch
application/json 54.91.6.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.flow.formsort.com/flow-api/client/mindbloom/flow/candidate_survey/variant?schemaVersion=20&random=true&formsortEnv=production

Requested by

Host: assets.formsort.com
URL: https://assets.formsort.com/flow/static/js/vendors.6b5a0fcc5fffc0cddaef.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-6-89.compute-1.amazonaws.com

Software

waitress /

Resource Hash

e6bcbdc42564246431c300ddd1a621e50b0b611fad22000120108c00d9f05696

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImFhOmI4OjIyOmYxOmUwOjRkOjFhOmNlOmVkOjBmOmVlOjljOjBjOmFlOmVkOjE5OmNmOjJmOmQxOmVmIn0.eyJpYXQiOjE2NTg4Mzk4OTAsImV4cCI6MTY1ODg0MzQ5MCwic3ViIjoic2Vzc2lvbnwxOTQ3NzYxMS01YWFiLTQwMGMtYWQzMy1jODBjYTY0ZjRhY2MiLCJ0eXAiOiJTRVNTSU9OIiwiZmxvd19sYWJlbCI6ImNhbmRpZGF0ZV9zdXJ2ZXkiLCJzZXNzaW9uX3V1aWQiOiIxOTQ3NzYxMS01YWFiLTQwMGMtYWQzMy1jODBjYTY0ZjRhY2MiLCJjbGllbnRfbGFiZWwiOiJtaW5kYmxvb20iLCJyZXNwb25kZXJfdXVpZCI6IjZiN2E3MzFkLTYyNGUtNGQyMi1hZjk3LTY1NGM0ZTBjZGRlNCIsImVudmlyb25tZW50X2xhYmVsIjoicHJvZHVjdGlvbiIsInJvbGVzIjowfQ.brrnxc2tlZxKdP-G_YApXtjRTE66mdbUgTPgYB5eTX3uM-rdldZEchBuArHHVDKkCsjpYBXIH0Vu3tVtAcJZYefGypuq4Mzz00J2tuJjgpIeWaTHLAjd4lfI25HRV9t76fErq_xTHZhjKFUXGsnojoS775CNL7Ru5UevwhXeSFx78LYCbfS1OiKSAe5N88ivV4xjQfjDCOs_Kk7AcK134Ywvm9mch2UAsL6UgWc1I3PjGd7bPX_eQ3cek0ARfbF8SjHZoKROI7qyx_b8Bq06ilPamA_DwCp9rTwLu5gGp2dRCG6V5QsZW5gDtwSSCB2VH71JAfBdoP8TLTG4P2H4Ww
x-transaction-id: 6b7a731d-624e-4d22-af97-654c4e0cdde4/19477611-5aab-400c-ad33-c80ca64f4acc/e76eb5a2-76bc-407b-a97b-493c1e0026c1
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
baggage
sentry-trace: d390495c9e53435188e106d6f13066bd-90e73716953550b1-0
X-Request-ID: 6b7a731d-624e-4d22-af97-654c4e0cdde4/19477611-5aab-400c-ad33-c80ca64f4acc/e76eb5a2-76bc-407b-a97b-493c1e0026c1

Response headers

Date: Tue, 26 Jul 2022 12:51:30 GMT
Via: 1.1 vegur
Referrer-Policy: strict-origin-when-cross-origin
Server: waitress
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/json
Access-Control-Allow-Origin: https://welcome.mindbloom.com
Cache-Control: no-store
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Origin
Content-Length: 99146
X-Xss-Protection: 1; mode=block

OPTIONS
H/1.1 200
OK variant
api.flow.formsort.com/flow-api/client/mindbloom/flow/candidate_survey/ 0
0 97ms
97ms Preflight
text/html 54.91.6.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.flow.formsort.com/flow-api/client/mindbloom/flow/candidate_survey/variant?schemaVersion=20&random=true&formsortEnv=production

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-6-89.compute-1.amazonaws.com

Software

waitress /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,baggage,sentry-trace,x-request-id,x-transaction-id
Access-Control-Request-Method: GET
Origin: https://welcome.mindbloom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization, baggage, sentry-trace, x-request-id, x-transaction-id
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://welcome.mindbloom.com
Access-Control-Max-Age: 60
Allow: HEAD, OPTIONS, GET
Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Tue, 26 Jul 2022 12:51:30 GMT
Referrer-Policy: strict-origin-when-cross-origin
Server: waitress
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Vary: Origin
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

OPTIONS
H/1.1 200
OK answers-upload
api.flow.formsort.com/flow-api/client/mindbloom/flow/candidate_survey/variant/thesis_other-traffic_overhaul-test_control_4/variant-revision/0e31084f-06f2-4171-bbc4-c08dc363bec7/responder/6b7a731d-6... 0
0 97ms
97ms Preflight
text/html 54.91.6.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.flow.formsort.com/flow-api/client/mindbloom/flow/candidate_survey/variant/thesis_other-traffic_overhaul-test_control_4/variant-revision/0e31084f-06f2-4171-bbc4-c08dc363bec7/responder/6b7a731d-624e-4d22-af97-654c4e0cdde4/answers-upload?env=production

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-6-89.compute-1.amazonaws.com

Software

waitress /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-request-id,x-transaction-id
Access-Control-Request-Method: GET
Origin: https://welcome.mindbloom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization, x-request-id, x-transaction-id
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://welcome.mindbloom.com
Access-Control-Max-Age: 60
Allow: HEAD, OPTIONS, GET
Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Tue, 26 Jul 2022 12:51:30 GMT
Referrer-Policy: strict-origin-when-cross-origin
Server: waitress
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Vary: Origin
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

GET
H2 201 pre-register Show response
api.mindbloom.com/api/portal/ 52 B
642 B 972ms
261ms Fetch
application/json 2606:4700:20::681a:7c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mindbloom.com/api/portal/pre-register

Requested by

Host: assets.formsort.com
URL: https://assets.formsort.com/flow/static/js/vendors.6b5a0fcc5fffc0cddaef.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ffd406c0dbbe201433127391527c3e3d7b67de6710394b9a3da11164d7c54b4

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json
Referer: https://welcome.mindbloom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 12:51:31 GMT
allow: GET, POST, HEAD, OPTIONS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUQJe3hZxn4hhnepSkOhN7srpBF6hYYXHx3q7ddXP99bY1c3w1o0gh9hr%2BME63XUN%2Fz9zGyJH1tvnq8YcVSy%2Flxq7pCPMNFZiX7uQg4sJlWINFKZDwlLpe6WNumcW%2FDgQdS8w1Io6FdiMxD0iuqh"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://welcome.mindbloom.com
access-control-allow-credentials: true
cf-ray: 730d4469adcf9267-FRA
content-length: 52

GET
H/1.1 200
OK answers-upload Show response
api.flow.formsort.com/flow-api/client/mindbloom/flow/candidate_survey/variant/thesis_other-traffic_overhaul-test_control_4/variant-revision/0e31084f-06f2-4171-bbc4-c08dc363bec7/responder/6b7a731d-6... 2 KB
2 KB 102ms
102ms Fetch
application/json 54.91.6.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: assets.formsort.com
URL: https://assets.formsort.com/flow/static/js/vendors.6b5a0fcc5fffc0cddaef.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-6-89.compute-1.amazonaws.com

Software

waitress /

Resource Hash

897c349741e33de5076011c17c4d88d74926ae3eb5d1ff64eac187aa178ec6d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-transaction-id: 6b7a731d-624e-4d22-af97-654c4e0cdde4/19477611-5aab-400c-ad33-c80ca64f4acc/96b365e4-460d-4309-b91a-8c77b518b91a
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImFhOmI4OjIyOmYxOmUwOjRkOjFhOmNlOmVkOjBmOmVlOjljOjBjOmFlOmVkOjE5OmNmOjJmOmQxOmVmIn0.eyJpYXQiOjE2NTg4Mzk4OTAsImV4cCI6MTY1ODg0MzQ5MCwic3ViIjoic2Vzc2lvbnwxOTQ3NzYxMS01YWFiLTQwMGMtYWQzMy1jODBjYTY0ZjRhY2MiLCJ0eXAiOiJTRVNTSU9OIiwiZmxvd19sYWJlbCI6ImNhbmRpZGF0ZV9zdXJ2ZXkiLCJzZXNzaW9uX3V1aWQiOiIxOTQ3NzYxMS01YWFiLTQwMGMtYWQzMy1jODBjYTY0ZjRhY2MiLCJjbGllbnRfbGFiZWwiOiJtaW5kYmxvb20iLCJyZXNwb25kZXJfdXVpZCI6IjZiN2E3MzFkLTYyNGUtNGQyMi1hZjk3LTY1NGM0ZTBjZGRlNCIsImVudmlyb25tZW50X2xhYmVsIjoicHJvZHVjdGlvbiIsInJvbGVzIjowfQ.brrnxc2tlZxKdP-G_YApXtjRTE66mdbUgTPgYB5eTX3uM-rdldZEchBuArHHVDKkCsjpYBXIH0Vu3tVtAcJZYefGypuq4Mzz00J2tuJjgpIeWaTHLAjd4lfI25HRV9t76fErq_xTHZhjKFUXGsnojoS775CNL7Ru5UevwhXeSFx78LYCbfS1OiKSAe5N88ivV4xjQfjDCOs_Kk7AcK134Ywvm9mch2UAsL6UgWc1I3PjGd7bPX_eQ3cek0ARfbF8SjHZoKROI7qyx_b8Bq06ilPamA_DwCp9rTwLu5gGp2dRCG6V5QsZW5gDtwSSCB2VH71JAfBdoP8TLTG4P2H4Ww
X-Request-ID: 6b7a731d-624e-4d22-af97-654c4e0cdde4/19477611-5aab-400c-ad33-c80ca64f4acc/96b365e4-460d-4309-b91a-8c77b518b91a

Response headers

Date: Tue, 26 Jul 2022 12:51:30 GMT
Via: 1.1 vegur
Referrer-Policy: strict-origin-when-cross-origin
Server: waitress
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/json
Access-Control-Allow-Origin: https://welcome.mindbloom.com
Cache-Control: no-store
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Origin
Content-Length: 1961
X-Xss-Protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 701ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.formsort.com
URL: https://assets.formsort.com/flow/static/js/flow.021f98bf5609f9502874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6571
date: Tue, 26 Jul 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 26 Jul 2022 13:02:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 202 KB
69 KB 721ms
27ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KKGP9LF

Requested by

Host: welcome.mindbloom.com
URL: https://welcome.mindbloom.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87bd065b378375766843db74e56915138fdc3feb6c4463c30a6b9afb7222d825

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 12:51:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69744
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Jul 2022 12:51:31 GMT

GET
BLOB 200
OK 135f4fa3-4594-4f81-943d-e018d73f3a06
https://welcome.mindbloom.com/ 870 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://welcome.mindbloom.com/135f4fa3-4594-4f81-943d-e018d73f3a06
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81a3338bbafc4f0a7058c441e961a3f378a342b9d1d2828c8ca82a30f60f1a25

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 870
Content-Type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
72 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YM046PJ5G5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKGP9LF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf05c56001c0f6acc32d6baaa4dcef274002a25114cad6c2f37b3ef9744904ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 12:51:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74091
x-xss-protection: 0
expires: Tue, 26 Jul 2022 12:51:31 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 116 KB
44 KB 45ms
23ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NVCWWBK

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKGP9LF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45d7e611942626d8599ca10e6ed675a4070585dabeaf3cd0d72f58d77928d2d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 12:51:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45026
x-xss-protection: 0
expires: Tue, 26 Jul 2022 12:51:31 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 268ms
177ms Script
application/javascript 2a02:26f0:dc:18b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKGP9LF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:18b::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/5t6ub4jwPeJwKUpSvKqA0DS1ZOVHSofG/ 95 KB
26 KB 711ms
656ms Script
text/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/5t6ub4jwPeJwKUpSvKqA0DS1ZOVHSofG/analytics.min.js
Requested by: Host: welcome.mindbloom.com
URL: https://welcome.mindbloom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ecd03ef365b3eae9b608a53124a0546f59080d0d0d899a30274ff83da38ab05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: hSuVRv4KjZ0nPClo2uV8_HMYL_UiMsBW
content-encoding: br
etag: W/"e29b966621a5136f376c3715962d7b9f"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 20 Jul 2022 21:52:26 GMT
server: AmazonS3
date: Tue, 26 Jul 2022 12:51:33 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: 5zz2oSBdvzopHb_WJsAzIcLvspe4HucX8JkdgB79iRsdhnp129OPJA==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
351 B 42ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YM046PJ5G5&gtm=2oe7k0&_p=1737015341&_z=ccd.v9B&cid=274312594.1658839891&ul=en-us&sr=1600x1200&_s=1&sid=1658839891&sct=1&seg=0&dl=https%3A%2F%2Fwelcome.mindbloom.com%2F&dt=&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YM046PJ5G5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 12:51:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://welcome.mindbloom.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 3d24463c-033d-4a49-9d3a-8d369c061d22
https://welcome.mindbloom.com/ 920 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://welcome.mindbloom.com/3d24463c-033d-4a49-9d3a-8d369c061d22
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7490279320c239342aaef6ddf8e8cef71e81b5fb59aa0353a850269a61f196ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 920
Content-Type: application/javascript

GET
H2 200 840cfda4-7a20-4bb5-b41d-43335afce125.svg
usercontent.formsort.com/mindbloom/ 6 MB
5 MB 113ms
30ms Image
image/svg+xml 13.32.110.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usercontent.formsort.com/mindbloom/840cfda4-7a20-4bb5-b41d-43335afce125.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-40.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 399a56b3c4ba6b60eb43ef300d222669840f7ccd359871f1c5755d2fba3f271e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 10:01:09 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:45:33 GMT
server: AmazonS3
age: 3552623
etag: W/"bf02434bdf2bc45fa08ef980e28aef94"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: ahbldYtyzb4qpvVxGFRcr-793AP3djf5uO8Mmy4sPB-yBxuci5_WbQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
14ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1737015341&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwelcome.mindbloom.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Mindbloom&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Formsort&ea=FlowLoaded&_u=aEDAAEABQAAAAC~&jid=1538752327&gjid=1866192690&cid=274312594.1658839891&tid=UA-142462469-1&_gid=1626640609.1658839891&_r=1&gtm=2wg7k0KKGP9LF&z=451046275

Requested by

Host: assets.formsort.com
URL: https://assets.formsort.com/flow/static/js/vendors.6b5a0fcc5fffc0cddaef.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://welcome.mindbloom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 12:51:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://welcome.mindbloom.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKGP9LF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6571
date: Tue, 26 Jul 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 26 Jul 2022 13:02:00 GMT

GET
H/1.1 200
OK TelegrafRegular400.otf
mindbloom-images.s3.us-east-2.amazonaws.com/ 44 KB
45 KB 487ms
124ms Font
application/vnd.oasis.opendocument.formula-template 52.219.97.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mindbloom-images.s3.us-east-2.amazonaws.com/TelegrafRegular400.otf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.97.154 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 86279a934a79ab5f5f2699914ec4b5c9dbae294e2527c5bdce51e0de84feec1d

Request headers

Referer: https://welcome.mindbloom.com/
Origin: https://welcome.mindbloom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 26 Jul 2022 12:51:33 GMT
Last-Modified: Mon, 26 Oct 2020 17:35:57 GMT
Server: AmazonS3
x-amz-request-id: 2DB67TV19DB4APJM
ETag: "e23affd710be91bdef94a227a44bf2e0"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/vnd.oasis.opendocument.formula-template
Access-Control-Allow-Origin: https://welcome.mindbloom.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 45116
x-amz-id-2: mo7WodOutCbEbgP2/DuxVYJyGnqyeNslxj0YwJpb3v/uAeKKqfkSIBUrF+3N/1EY9VEmJglN4jI=

GET
H2 200 ad3ec198-1b85-4f91-a0d9-c297579b9539.png
usercontent.formsort.com/mindbloom/ 73 KB
74 KB 109ms
56ms Image
image/png 13.32.110.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usercontent.formsort.com/mindbloom/ad3ec198-1b85-4f91-a0d9-c297579b9539.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-40.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fee6f52514bdbabffdbe2aa4bcead455505d36953c36905dc657eb7642f631df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:01:46 GMT
via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
last-modified: Tue, 21 Sep 2021 15:35:07 GMT
server: AmazonS3
age: 4502986
etag: "11b4b5ab9e6a2879407cdd8949139ba4"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
x-amz-cf-pop: VIE50-C2
content-length: 74823
x-amz-cf-id: 3-w-kwpUk8ia9oLj846BL7BJOwoQei9H3RRap02JgcZuYXDfZYU5RA==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
11ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1737015341&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwelcome.mindbloom.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Mindbloom&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Formsort&ea=StepLoaded_0&el=0&_u=aEDAAEABQAAAAC~&jid=&gjid=&cid=274312594.1658839891&tid=UA-142462469-1&_gid=1626640609.1658839891&gtm=2wg7k0KKGP9LF&z=1760946268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 04:52:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28745
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 141ms
141ms Script
application/javascript 2a02:26f0:dc:18b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:18b::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
443 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-142462469-1&cid=274312594.1658839891&jid=1538752327&gjid=1866192690&_gid=1626640609.1658839891&_u=aEDAAEAAQAAAAC~&z=592557025

Requested by

Host: assets.formsort.com
URL: https://assets.formsort.com/flow/static/js/vendors.6b5a0fcc5fffc0cddaef.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://welcome.mindbloom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 26 Jul 2022 12:51:31 GMT
content-type: text/plain
access-control-allow-origin: https://welcome.mindbloom.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 events
event.formsort.com/ 0
0 450ms
368ms Fetch 18.66.15.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.formsort.com/events?payload=%5B%7B%22createdAt%22%3A%222022-07-26T12%3A51%3A31.782Z%22%2C%22eventType%22%3A%22FlowLoaded%22%2C%22variantUuid%22%3A%220e31084f-06f2-4171-bbc4-c08dc363bec7%22%2C%22responderUuid%22%3A%226b7a731d-624e-4d22-af97-654c4e0cdde4%22%2C%22data%22%3A%7B%22experimentId%22%3A0.42682749149389565%2C%22formsortEnv%22%3A%22production%22%2C%22windowInnerWidth%22%3A1600%2C%22windowInnerHeight%22%3A1200%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.134%20Safari%2F537.36%22%2C%22pathname%22%3A%22%2F%22%2C%22releaseId%22%3A%22094d56276b6290124f60d323514bb27377c4fcbc%22%2C%22isInIframe%22%3Afalse%7D%7D%2C%7B%22createdAt%22%3A%222022-07-26T12%3A51%3A31.792Z%22%2C%22eventType%22%3A%22StepLoaded%22%2C%22variantUuid%22%3A%220e31084f-06f2-4171-bbc4-c08dc363bec7%22%2C%22responderUuid%22%3A%226b7a731d-624e-4d22-af97-654c4e0cdde4%22%2C%22data%22%3A%7B%22stepIndex%22%3A0%2C%22stepId%22%3A0%2C%22stepUuid%22%3A%22a9f67ba2-26ef-40b9-a297-1f399680d141%22%7D%7D%5D
Requested by: Host: assets.formsort.com
URL: https://assets.formsort.com/flow/static/js/vendors.6b5a0fcc5fffc0cddaef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-108.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 12:51:32 GMT
via: 1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
x-amz-apigw-id: V4B1MF5kiYcFkLg=
x-amzn-requestid: a6e54ffd-e9c4-4f9f-9e1b-7e80f5c64b3f
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62dfe354-26d0662420d5b5475a2b88ba
x-cache: Miss from cloudfront
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,sentry-trace
x-amz-cf-id: TzQPUM0f6-DaAcCmE1_r4DtbK6VY96JSvXmAJ4dVahX2QRX7dnU5mA==

GET
H2 200 / Show response
ct.pinterest.com/user/ 488 B
837 B 154ms
64ms XHR
application/json 23.47.212.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614178513279&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1658839891960

Requested by

Host: assets.formsort.com
URL: https://assets.formsort.com/flow/static/js/vendors.6b5a0fcc5fffc0cddaef.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.208 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-208.deploy.static.akamaitechnologies.com

Software

Resource Hash

540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 12:51:32 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.6e730617.1658839892.d4052b8
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1083077994395667
pin-unauth: dWlkPU9UY3hNVEU0WXpBdE9HUmlPQzAwTjJWaExUazRZbVF0WmpnNVlqZzVNRFl4WVRRMg
access-control-allow-origin: https://welcome.mindbloom.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 151ms
63ms Image
image/gif 23.47.212.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614178513279&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwelcome.mindbloom.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1658839891962

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.208 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-208.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 12:51:32 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.6e730617.1658839892.d4052bb
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1807370713305312
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
578 B 153ms
65ms Image
image/gif 23.47.212.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614178513279&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwelcome.mindbloom.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1658839891962

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.208 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-208.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 12:51:32 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.6e730617.1658839892.d4052bc
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1527981224232156
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/5t6ub4jwPeJwKUpSvKqA0DS1ZOVHSofG/ 4 KB
2 KB 36ms
19ms XHR
application/json 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/5t6ub4jwPeJwKUpSvKqA0DS1ZOVHSofG/settings
Requested by: Host: assets.formsort.com
URL: https://assets.formsort.com/flow/static/js/vendors.6b5a0fcc5fffc0cddaef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b335b58b8af0fb653014dfcc8b35e4fb3464217c26a14841565dfc39c118cc3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: _njx3J_jGr26k0FtdtDxSJXNMD9.CtMU
content-encoding: br
etag: W/"020d409ab634fe11f68d0f5b02975282"
age: 1722
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 14 Jul 2022 21:24:51 GMT
server: AmazonS3
date: Tue, 26 Jul 2022 12:51:32 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control: public, max-age=10800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: GRI-xuG-1oT8VRUVL1BymbonDT7ZFU_HQQPMQp3qdp8N7GlUvPkrLg==

GET
H2 200 870.bundle.323974846b6d45afb45e.js Show response
cdn.segment.com/analytics-next/bundles/ 17 KB
5 KB 13ms
13ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5t6ub4jwPeJwKUpSvKqA0DS1ZOVHSofG/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 04:14:53 GMT
content-encoding: br
vary: Accept-Encoding
age: 2277400
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 00:39:24 GMT
server: AmazonS3
etag: W/"d471f2a8b801a51bbc09c91b3f90b749"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: eGdtYNgVU7C.sD0ud7vKl0kuuvXdbYqu
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: RTtADEE-vzC1DuzXCujZxZM8qkz-73Prvy3HpxNReT-PuTrTO35WXQ==

GET
H2 200 ajs-destination.bundle.35a8f6f19959bf2f455f.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
4 KB 14ms
14ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5t6ub4jwPeJwKUpSvKqA0DS1ZOVHSofG/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 04:14:53 GMT
content-encoding: br
vary: Accept-Encoding
age: 2277400
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 00:39:24 GMT
server: AmazonS3
etag: W/"e0f89f667fb8d2b50aa8e29a86a4c9b1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: rRSPxUD4JSPvaFMNmUXrTxb4ziC5WpWM
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: -O41F4kXm40tJlSUDoFHxpxyvnuS_7cJ98BriQCtjMmy6pq5a73nqw==

GET
H2 200 schemaFilter.bundle.debb169c1abb431faaa6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 8ms
7ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5t6ub4jwPeJwKUpSvKqA0DS1ZOVHSofG/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 04:14:57 GMT
content-encoding: br
vary: Accept-Encoding
age: 2277396
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 00:39:24 GMT
server: AmazonS3
etag: W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 2Zx1lLvKGQVUN0CW_0j0kkuvMQ5TNtLg
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: RwOICkZodnyCcNhFUOo7Ls4smKytnhFdBVtRO8cMRHzXIm9YJGEwRw==

GET
H2 200 6765cb3cf169443c119b.js Show response
cdn.segment.com/next-integrations/actions/amplitude-plugins/ 4 KB
3 KB 8ms
8ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/6765cb3cf169443c119b.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5t6ub4jwPeJwKUpSvKqA0DS1ZOVHSofG/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e12072d9b0b933c2db675af735dae991682dae9978c1cdefcfb953c63cda90c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: dbdvC1Ag3ascNi2ZtTdmAcxzLY0ePJM5
content-encoding: gzip
etag: W/"5f8b185058a6559e765f14c7cff3b7d2"
age: 32700
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 08 Jul 2022 16:54:42 GMT
server: AmazonS3
date: Tue, 26 Jul 2022 07:05:36 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: MDbddP5YK2JzPg7V2H65y7sbQ8ZJ_2SDLwlM5fGUJMnh4nev3c6CXw==

GET
H2 200 688.js Show response
cdn.segment.com/next-integrations/actions/ 22 KB
7 KB 8ms
8ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/688.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/6765cb3cf169443c119b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9b28c72166a68ac8d99179b29eb8d82b18e3545b652d2093b4fcff3730e478c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 00:40:36 GMT
content-encoding: br
vary: Accept-Encoding
age: 43857
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 25 Jul 2022 19:48:22 GMT
server: AmazonS3
etag: W/"6939a60573121581ebb440b679590ba8"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 5EgmUkOQLS9XpJVkFfg31toRGx2PH6bw
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: js1oI_9KV2gxWi-33uaf14o3kephDnwy-MchLvJ6EMyQkpGZNDPJGA==

GET
H2 200 google-analytics.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 16 KB
5 KB 8ms
7ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5t6ub4jwPeJwKUpSvKqA0DS1ZOVHSofG/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf78eaea38d3f752633061d945ceb00649048329acde4450c5bf06d8205fa24d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:45:35 GMT
content-encoding: gzip
age: 443158
x-cache: Hit from cloudfront
content-length: 4745
access-control-allow-origin: *
last-modified: Tue, 19 Jul 2022 22:01:11 GMT
server: AmazonS3
etag: "725c9394a3f4482000e7a1a42aaceb41"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: SFVflWmgB5_sxlsDfNsT4QHxKb7jUpLv
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: Kee8Cc4nr-mxya7-JwSc0W-G7wczfNoWVUyaFxbM53VVr3VO9oaPFg==

GET
H2 200 facebook-pixel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.4/ 10 KB
4 KB 10ms
9ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.4/facebook-pixel.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5t6ub4jwPeJwKUpSvKqA0DS1ZOVHSofG/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a606f215a29b0916df97dcca69b90e43128fca3bc8f237c3f56d58f4cf800ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 10:06:44 GMT
content-encoding: gzip
age: 3725089
x-cache: Hit from cloudfront
content-length: 3271
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 20:08:19 GMT
server: AmazonS3
etag: "11d09c60390d4846b90b372bd58cf329"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 17X0NkGq1OsC_wIzbXMPw945quYMcp3U
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 7Kvp4BVFRncfSwD6aU88LhMeVZyuIAM53G4jRNOfJGGIFLuWNBa06Q==

GET
H2 200 google-adwords-new.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-adwords-new/1.2.1/ 4 KB
2 KB 10ms
9ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-adwords-new/1.2.1/google-adwords-new.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5t6ub4jwPeJwKUpSvKqA0DS1ZOVHSofG/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c861edac7f4f16c26218d1901867f8d51a57d66c4bdf98a2328e6aa064c3ba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 22:39:55 GMT
content-encoding: gzip
age: 3507098
x-cache: Hit from cloudfront
content-length: 1637
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 20:08:19 GMT
server: AmazonS3
etag: "42d5be27ccbd8a0a8aafd8ba7a7470c7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: lzS4o9qY99LJ9YhTYXaw..1kmaf7mtqS
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: yRxmifbm0o6QNw1BKEeTm1MtQ3zr-MkGblvo2fc0eoSycstL0jvyTg==

GET
H2 200 bing-ads.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/bing-ads/2.0.1/ 2 KB
2 KB 11ms
10ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/bing-ads/2.0.1/bing-ads.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5t6ub4jwPeJwKUpSvKqA0DS1ZOVHSofG/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e7725cd5ebe9abb20bc88424a1bdf862bedf617659975b9f59040bad2e57b0e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 19:10:56 GMT
content-encoding: gzip
age: 8617237
x-cache: Hit from cloudfront
content-length: 1136
access-control-allow-origin: *
last-modified: Tue, 12 Apr 2022 23:48:25 GMT
server: AmazonS3
etag: "1553faa0acd9e90dbb46c23e1127f86e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: VDs3vEBJIa17FFCnH5HYXG9Z6XAIMQVC
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 5h7CLrK_mxyoWKt06oy4V32379T9bg18xp_9CzLYVjQg6CL6tt6m2g==

GET
H2 200 adroll.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/adroll/2.2.1/ 4 KB
2 KB 11ms
10ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/adroll/2.2.1/adroll.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5t6ub4jwPeJwKUpSvKqA0DS1ZOVHSofG/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44f88e0918ca200a37d805380ac39d0c507b27e758f928dd0e475419b2d50350

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 08 May 2022 05:31:11 GMT
content-encoding: gzip
age: 6852022
x-cache: Hit from cloudfront
content-length: 1486
access-control-allow-origin: *
last-modified: Thu, 21 Apr 2022 20:31:57 GMT
server: AmazonS3
etag: "e5f92b64f1dc63913938266db9c991a4"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: ZdrlxMY7oNdssa.7G0TpAo47Ywcay2Dv
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: yXM9cn_vT13ETIZku0CzFthifFNss5f3JUTbZUQ57oLo1QeuAWovsg==

GET
H2 200 commons.54701049fd6fb8497e9e.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 11ms
10ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5t6ub4jwPeJwKUpSvKqA0DS1ZOVHSofG/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 01:24:25 GMT
content-encoding: gzip
age: 732428
x-cache: Hit from cloudfront
content-length: 22174
access-control-allow-origin: *
last-modified: Wed, 22 Jun 2022 18:49:48 GMT
server: AmazonS3
etag: "7741fd16ad2418cd17ab981f8207b106"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: roiVwtkP5KVqB2CPhavnk0EASEFXjHUq
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 3F92lNt5CHn23YOkFEkRIDqH-bw5OraLsigQkuMtwHRqociC0gDpTQ==

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 7ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 12:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 26 Jul 2022 13:50:02 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6572
date: Tue, 26 Jul 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 26 Jul 2022 13:02:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 28ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be7fd4a76d16eaf0869c22ccbe53a3baa540ae5cabcc08dd9dc40f68268b883d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26085
x-xss-protection: 0
pragma: public
x-fb-debug: gtYxScRWXe2q9E+ius8+3uabor5UdQ3s+ZaG5zeOFzUdP6WsMFus+yjkZ7ZU348gvx2xtik/CtTjxh9iHOk4Gw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Tue, 26 Jul 2022 12:51:32 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 69ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6B0BEC67E6C241A3B562794D47BCC6C4 Ref B: FRA31EDGE0807 Ref C: 2022-07-26T12:51:32Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 26 Jul 2022 12:51:32 GMT
accept-ranges: bytes
content-length: 11360

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
61 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-982954304

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a8999579dd9580dc01b27bfe30e75117990163bdbdf782f170d892fcf865bd65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 12:51:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62342
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Jul 2022 12:51:32 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 52 KB
17 KB 55ms
14ms Script
text/javascript 2600:9000:211a:8800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9db9265f8119cc29e3011eb69fb5d9bfb6b2b715890351480ac0904059af7f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

X-Amz-Version-Id: J7p8W1lQgNY91qwUxZU3x.y9IQrTVjMu
Content-Encoding: gzip
Etag: W/"d570d2e0cc47679b5bf3a6f9ff5b9e5b"
Age: 926
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 659e81bfffb15e4b314a9b12d4db8946.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Jun 2022 21:03:48 GMT
Server: AmazonS3
Date: Tue, 26 Jul 2022 12:36:07 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: VIE50-C2
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: vArTmdDgX7KWpYxduUkvwUUBB9wdE5-RkpphgEYULfEjR5HYRzOgRQ==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
177 B 531ms
174ms Fetch
application/json 44.236.175.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: assets.formsort.com
URL: https://assets.formsort.com/flow/static/js/vendors.6b5a0fcc5fffc0cddaef.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.175.31 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-175-31.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://welcome.mindbloom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://welcome.mindbloom.com
date: Tue, 26 Jul 2022 12:51:33 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
177 B 530ms
175ms Fetch
application/json 44.236.175.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: assets.formsort.com
URL: https://assets.formsort.com/flow/static/js/vendors.6b5a0fcc5fffc0cddaef.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.175.31 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-175-31.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://welcome.mindbloom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://welcome.mindbloom.com
date: Tue, 26 Jul 2022 12:51:33 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 i Show response
api.segment.io/v1/ 21 B
178 B 528ms
173ms Fetch
application/json 44.236.175.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/i

Requested by

Host: assets.formsort.com
URL: https://assets.formsort.com/flow/static/js/vendors.6b5a0fcc5fffc0cddaef.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.175.31 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-175-31.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://welcome.mindbloom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://welcome.mindbloom.com
date: Tue, 26 Jul 2022 12:51:33 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 i Show response
api.segment.io/v1/ 21 B
177 B 696ms
344ms Fetch
application/json 44.236.175.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/i

Requested by

Host: assets.formsort.com
URL: https://assets.formsort.com/flow/static/js/vendors.6b5a0fcc5fffc0cddaef.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.175.31 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-175-31.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://welcome.mindbloom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://welcome.mindbloom.com
date: Tue, 26 Jul 2022 12:51:33 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 59ms
20ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-142462469-1&cid=274312594.1658839891&jid=1489067620&gjid=761309208&_gid=1626640609.1658839891&_u=aGDAgEAjQAAAAG~&z=1835345969

Requested by

Host: assets.formsort.com
URL: https://assets.formsort.com/flow/static/js/vendors.6b5a0fcc5fffc0cddaef.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://welcome.mindbloom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 26 Jul 2022 12:51:32 GMT
content-type: text/plain
access-control-allow-origin: https://welcome.mindbloom.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
7ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1737015341&t=pageview&_s=1&dl=https%3A%2F%2Fwelcome.mindbloom.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Mindbloom&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEAjQAAAAC~&jid=1489067620&gjid=761309208&cid=274312594.1658839891&tid=UA-142462469-1&_gid=1626640609.1658839891&z=356363653

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 04:52:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28746
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.66

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: 7GUAmf0r7LYeDFpNVjLJQ70FrPIPC54956SRpSW8p4bM46XCe/eh0iVyFnsPNbGZaFxAeLK5jQ0Oj7tFoyfTtg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 26 Jul 2022 12:51:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 515649702678318 Show response
connect.facebook.net/signals/config/ 295 KB
85 KB 135ms
124ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/515649702678318?v=2.9.66&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5b075b6b4fa3c566fe024df6e06de1824796b57f074954c1a9399cff7877955

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: PU4omc1HdZs3cfscrR+fmAug7NkA6NpgJqxMVgw0Wzy0Yy2TcChEkOJix4O85P5tcOJ1ZRrXQn75lSdptAlYDw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 26 Jul 2022 12:51:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658839892737
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 63ms
39ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982954304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 12:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 26 Jul 2022 12:51:32 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/7RPUVNNVABB3HKZJEXA4R7/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

14ms
14ms

Script
application/javascript

2600:9000:211a:8800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Server: 2600:9000:211a:8800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

X-Amz-Version-Id: BTP2rshxaRFWPNdrItPYEau9DI6Y8oce
Via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 36329
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 28
Last-Modified: Wed, 06 Jul 2022 18:15:57 GMT
Server: AmazonS3
Date: Tue, 26 Jul 2022 02:46:50 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: VIE50-C2
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: racs7C_srd01mY5kq7jp3PMfwvsm0PsIPhIkkZQ8FYI1LUSiCkmHwA==

Redirect headers

Date: Mon, 25 Jul 2022 15:06:18 GMT
Via: 1.1 659e81bfffb15e4b314a9b12d4db8946.cloudfront.net (CloudFront)
Age: 78313
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: VIE50-C2
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: sfE_1E7q-WkOZCySD5rZRI1U_3rcCfbTmbFkLnqQJ7QvRIbYi70CcA==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/7RPUVNNVABB3HKZJEXA4R7/CFGD3O3PZJGNLGD5DKHKWE/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

13ms
13ms

Script
application/javascript

2600:9000:211a:8800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:211a:8800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 659e81bfffb15e4b314a9b12d4db8946.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 28737
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Tue, 26 Jul 2022 04:52:54 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: VIE50-C2
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: uQyg_s3UZlhfZVgvjzR1USyjc2jtzjHzvLjTaDtN28rnyVvf-21hRQ==

Redirect headers

Date: Mon, 25 Jul 2022 12:52:36 GMT
Via: 1.1 659e81bfffb15e4b314a9b12d4db8946.cloudfront.net (CloudFront)
Age: 86335
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: VIE50-C2
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: D6IZzAuHyDFa4NcekunwEMSV9P1-CjomHQWs2mc7CPcb1kp9AYybCQ==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/7RPUVNNVABB3HKZJEXA4R7/CFGD3O3PZJGNLGD5DKHKWE/ 0
808 B 38ms
14ms Script
text/javascript 2600:9000:211a:8800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/7RPUVNNVABB3HKZJEXA4R7/CFGD3O3PZJGNLGD5DKHKWE/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

X-Amz-Version-Id: 2ejt42LQiPeUj0AyFknEpEj81MTyKQcn
Via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 184
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Mon, 25 Jul 2022 15:40:10 GMT
Server: AmazonS3
Date: Tue, 26 Jul 2022 12:48:29 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: VIE50-C2
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: VBjzZLXzQ03BpfD4gEPuVHaaURt7_pbOE2C3M7_Nf0s4m7nAmVse_Q==

GET
H2 204 148010389.js Show response
bat.bing.com/p/action/ 0
119 B 221ms
221ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/148010389.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 69DBFBDA10774C92BB041100F38497A4 Ref B: FRA31EDGE0807 Ref C: 2022-07-26T12:51:32Z
date: Tue, 26 Jul 2022 12:51:32 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
177 B 36ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=148010389&Ver=2&mid=94254253-6fa7-451e-bdde-b143f40f0b14&sid=aceeab600ce111edb2f08f043879df60&vid=aceee4500ce111ed85218729e4d24590&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Welcome%20to%20Mindbloom&p=https%3A%2F%2Fwelcome.mindbloom.com%2F&r=&lt=1065&evt=pageLoad&msclkid=N&sv=1&rn=381723

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 943775C2E39B47748D62DA3DDD5EE2F2 Ref B: FRA31EDGE0807 Ref C: 2022-07-26T12:51:32Z
date: Tue, 26 Jul 2022 12:51:32 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/982954304/ 2 KB
2 KB 45ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982954304/?random=1658839892695&cv=9&fst=1658839892695&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7k0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwelcome.mindbloom.com%2F&tiba=Welcome%20to%20Mindbloom&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc42b2a6bfb031050f9d4984ab69f6cbbcee8592ca5c7d5d2ea6aa2b948c2674

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 12:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1033
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7RPUVNNVABB3HKZJEXA4R7 Show response
d.adroll.com/consent/check/ 462 B
555 B 168ms
32ms Script
application/javascript 108.128.102.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/7RPUVNNVABB3HKZJEXA4R7?arrfrr=https%3A%2F%2Fwelcome.mindbloom.com%2F&_s=9309143586b793f029585c26b029f4ed&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.102.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-102-72.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 5325b3a490261a2328311929382f65726b725a767a39332a1b228367528bb7c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 12:51:32 GMT
server: nginx/1.20.0
content-length: 462
content-type: application/javascript

GET
H2 200 /
www.google.com/pagead/1p-user-list/982954304/ 42 B
548 B 48ms
25ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/982954304/?random=1658839892695&cv=9&fst=1658836800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwelcome.mindbloom.com%2F&tiba=Welcome%20to%20Mindbloom&async=1&fmt=3&is_vtc=1&random=491871092&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 12:51:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/982954304/ 42 B
548 B 47ms
24ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/982954304/?random=1658839892695&cv=9&fst=1658836800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwelcome.mindbloom.com%2F&tiba=Welcome%20to%20Mindbloom&async=1&fmt=3&is_vtc=1&random=491871092&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 12:51:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 26ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=515649702678318&ev=PageView&dl=https%3A%2F%2Fwelcome.mindbloom.com%2F&rl=&if=false&ts=1658839892762&sw=1600&sh=1200&ud[external_id]=322036148c14328b1cf4e53ad885896a5805346f88da2210b1dc8a1acdc587a8&v=2.9.66&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1658839892761.444682837&it=1658839892604&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 12:51:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 26 Jul 2022 12:51:32 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1737015341&t=event&ni=0&_s=2&dl=https%3A%2F%2Fwelcome.mindbloom.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Mindbloom&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Questionnaire%20Started&ev=0&_u=aGDAgEAjQAAAAG~&jid=&gjid=&cid=274312594.1658839891&tid=UA-142462469-1&_gid=1626640609.1658839891&z=776316904

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 04:52:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28746
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 32ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YM046PJ5G5&gtm=2oe7k0&_p=1737015341&_z=ccd.v9B&cid=274312594.1658839891&ul=en-us&sr=1600x1200&_s=2&sid=1658839891&sct=1&seg=0&dl=https%3A%2F%2Fwelcome.mindbloom.com%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=13
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YM046PJ5G5&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welcome.mindbloom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 12:51:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://welcome.mindbloom.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mindbloom.com/	1970-01-20 04:48:46	Name: _gid Value: GA1.2.1626640609.1658839891
.mindbloom.com/	1970-01-20 22:18:31	Name: _ga Value: GA1.2.274312594.1658839891
.mindbloom.com/	1970-01-20 04:47:19	Name: _gat_UA-142462469-1 Value: 1
.ct.pinterest.com/	1970-01-20 13:32:55	Name: _pinterest_ct_ua Value: "TWc9PSZ3ejRkN1ZQNWZ3NlJpSlBiVjNWd2hpOWY5OHg0VjJ0aVFkUlVzT1NWNVJ4NHVZSE82UXZPblVRUGtkSm5rRlRheVlhdkZaUkFHNERWZVNOWlRqWnVvUXd2NFVza3E5QS83R1Q4ZWQ2MUFGOD0mOEJBd012VW0yMEQ3Z0I5YUx6RzNpeVluNmhrPQ=="
.welcome.mindbloom.com/	1970-01-20 13:32:55	Name: _pin_unauth Value: dWlkPU9UY3hNVEU0WXpBdE9HUmlPQzAwTjJWaExUazRZbVF0WmpnNVlqZzVNRFl4WVRRMg
.mindbloom.com/	1970-01-20 13:32:55	Name: ajs_anonymous_id Value: dba4bade-6b1a-454f-b442-d9e5d5428cc0
.mindbloom.com/	1970-01-20 13:32:55	Name: ajs_user_id Value: f50c6208-7800-4309-a7bd-b9c9f70745b5
.mindbloom.com/	1970-01-20 04:47:19	Name: _gat Value: 1
.mindbloom.com/	1970-01-20 06:56:55	Name: _gcl_au Value: 1.1.833389543.1658839893
.bing.com/	1970-01-20 14:08:55	Name: MUID Value: 3B6A6415AE5E61D80EBD75F8AFF260C3
.mindbloom.com/	1970-01-20 04:48:46	Name: _uetsid Value: aceeab600ce111edb2f08f043879df60
.mindbloom.com/	1970-01-20 14:08:55	Name: _uetvid Value: aceee4500ce111ed85218729e4d24590
.doubleclick.net/	1970-01-20 04:47:20	Name: test_cookie Value: CheckForPermission
.mindbloom.com/	1970-01-20 06:56:55	Name: _fbp Value: fb.1.1658839892761.444682837
.mindbloom.com/	1970-01-20 22:18:31	Name: _ga_YM046PJ5G5 Value: GS1.1.1658839891.1.0.1658839892.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://mindbloom.co https://mindbloom.com https://mindbloom.webflow.io https://studio.formsort.com
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.flow.formsort.com
api.mindbloom.com
api.segment.io
assets.formsort.com
bat.bing.com
cdn.segment.com
connect.facebook.net
ct.pinterest.com
d.adroll.com
event.formsort.com
googleads.g.doubleclick.net
mindbloom-images.s3.us-east-2.amazonaws.com
o210177.ingest.sentry.io
region1.google-analytics.com
s.adroll.com
s.pinimg.com
stats.g.doubleclick.net
usercontent.formsort.com
welcome.mindbloom.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
108.128.102.72
13.32.110.40
142.250.186.66
143.204.103.41
18.66.15.108
2001:4860:4802:32::36
23.47.212.208
2600:9000:211a:8800:6:9280:1080:93a1
2600:9000:2156:6c00:13:381:3540:93a1
2606:4700:20::681a:7c2
2620:1ec:c11::200
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:812::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9c
2a02:26f0:dc:18b::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.120.195.249
44.236.175.31
52.219.97.154
54.91.6.89
99.86.240.125
0a606f215a29b0916df97dcca69b90e43128fca3bc8f237c3f56d58f4cf800ab
0c861edac7f4f16c26218d1901867f8d51a57d66c4bdf98a2328e6aa064c3ba8
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
162e762ddb236f47a9ce3b186b72a4a6b93a5f17611c5acc32d1c559c41d35d7
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
399a56b3c4ba6b60eb43ef300d222669840f7ccd359871f1c5755d2fba3f271e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f88e0918ca200a37d805380ac39d0c507b27e758f928dd0e475419b2d50350
45d7e611942626d8599ca10e6ed675a4070585dabeaf3cd0d72f58d77928d2d8
5325b3a490261a2328311929382f65726b725a767a39332a1b228367528bb7c8
540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0
63b57e162a96a8bdea52626698b16a1115df368d2f2aa26b08f4ceed76dd534f
65930fcff3c0e8838bd778e741f3e8f24f676b675f81648e538a942dfbf97711
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7490279320c239342aaef6ddf8e8cef71e81b5fb59aa0353a850269a61f196ce
7ecd03ef365b3eae9b608a53124a0546f59080d0d0d899a30274ff83da38ab05
81a3338bbafc4f0a7058c441e961a3f378a342b9d1d2828c8ca82a30f60f1a25
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc
86279a934a79ab5f5f2699914ec4b5c9dbae294e2527c5bdce51e0de84feec1d
87bd065b378375766843db74e56915138fdc3feb6c4463c30a6b9afb7222d825
897c349741e33de5076011c17c4d88d74926ae3eb5d1ff64eac187aa178ec6d4
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6
9b71cf02e02ed6ae6865c1af063e30381469810806da2316c8b11a3b180b93d0
9db9265f8119cc29e3011eb69fb5d9bfb6b2b715890351480ac0904059af7f02
9ffd406c0dbbe201433127391527c3e3d7b67de6710394b9a3da11164d7c54b4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a8999579dd9580dc01b27bfe30e75117990163bdbdf782f170d892fcf865bd65
b1755cecb0026538ef5c7e76cfa362dafa082e1c70d4dca49c2b02766baec87f
b335b58b8af0fb653014dfcc8b35e4fb3464217c26a14841565dfc39c118cc3a
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
bc42b2a6bfb031050f9d4984ab69f6cbbcee8592ca5c7d5d2ea6aa2b948c2674
be7fd4a76d16eaf0869c22ccbe53a3baa540ae5cabcc08dd9dc40f68268b883d
bf05c56001c0f6acc32d6baaa4dcef274002a25114cad6c2f37b3ef9744904ed
bf78eaea38d3f752633061d945ceb00649048329acde4450c5bf06d8205fa24d
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d5b075b6b4fa3c566fe024df6e06de1824796b57f074954c1a9399cff7877955
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e12072d9b0b933c2db675af735dae991682dae9978c1cdefcfb953c63cda90c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bcbdc42564246431c300ddd1a621e50b0b611fad22000120108c00d9f05696
e7725cd5ebe9abb20bc88424a1bdf862bedf617659975b9f59040bad2e57b0e6
e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f107d618681f0e4aee0d80759e4ee96ce7165e1b73914a2c606e480302d27543
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f9b28c72166a68ac8d99179b29eb8d82b18e3545b652d2093b4fcff3730e478c
fee6f52514bdbabffdbe2aa4bcead455505d36953c36905dc657eb7642f631df

welcome.mindbloom.com Open in urlscan Pro 2600:9000:2156:6c00:13:381:3540:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

95 %HTTPS

58 %IPv6

19 Domains

26 Subdomains

27 IPs

5 Countries

5948 kBTransfer

9446 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

welcome.mindbloom.com Open in urlscan Pro
2600:9000:2156:6c00:13:381:3540:93a1 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

95 %
HTTPS

58 %
IPv6

19
Domains

26
Subdomains

27
IPs

5
Countries

5948 kB
Transfer

9446 kB
Size

15
Cookies

73 HTTP transactions
0 data transactions