redacted.com Open in urlscan Pro
2606:4700:20::681a:264 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.redacted.com/?v11
Effective URL:
https://redacted.com/?v11
Submission: On June 09 via api (June 9th 2023, 4:38:22 pm UTC) from IN — Scanned from DE

Summary HTTP 45 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 18 domains to perform 45 HTTP transactions. The main IP is 2606:4700:20::681a:264, located in United States and belongs to CLOUDFLARENET, US. The main domain is redacted.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 4th 2023. Valid for: a year.

This is the only time redacted.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	2606:4700:20:... 2606:4700:20::681a:264	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2400:52e0:1e0... 2400:52e0:1e00::1054:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	108.138.7.31 108.138.7.31	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:863b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	185.48.120.161 185.48.120.161	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:8bce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:19c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:6cc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:75be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.202.72.98 18.202.72.98	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d4f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:223... 2600:9000:223e:1c00:11:1faa:8080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	22

13 2606:4700:20::681a:264 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.redacted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
redacted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1054:1 (Germany)

ASN200325 (BUNNYCDN, SI)

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-31.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:863b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.48.120.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-185-48-120-161.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8bce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:6cc7 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:75be (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.72.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-72-98.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4f3 (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223e:1c00:11:1faa:8080:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	redacted.com 1 redirects www.redacted.com redacted.com	450 KB
5	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 5046 ws-assets.zoominfo.com — Cisco Umbrella Rank: 32721	19 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 21878	3 KB
3	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 12561 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 9593 track.hubspot.com — Cisco Umbrella Rank: 2452	20 KB
3	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2369	16 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 733 script.hotjar.com — Cisco Umbrella Rank: 1102 in.hotjar.com — Cisco Umbrella Rank: 5783	73 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4924 forms.hscollectedforms.net — Cisco Umbrella Rank: 5117	26 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	142 KB
2	plausible.io plausible.io — Cisco Umbrella Rank: 13785	2 KB
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 15590	1 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6305	161 B
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3557	3 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2367	21 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5056	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 121	242 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3028	251 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2635	1 KB
45	18

	Domain	Requested by
12	redacted.com	redacted.com
4	ws.zoominfo.com	js.zi-scripts.com ws-assets.zoominfo.com
3	js.zi-scripts.com	redacted.com js.zi-scripts.com
3	js.hs-banner.com	js.hs-scripts.com js.hs-banner.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	redacted.com www.googletagmanager.com
2	plausible.io	redacted.com plausible.io
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	track.hubspot.com
1	perf-na1.hsforms.com	redacted.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	content.hotjar.io	script.hotjar.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	in.hotjar.com	script.hotjar.com
1	www.google.de	redacted.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	js.hs-scripts.com	redacted.com
1	static.hotjar.com	redacted.com
1	www.redacted.com	1 redirects
45	25

This site contains links to these domains. Also see Links.

Domain
apply.workable.com
www.theregister.com
www.securityinfowatch.com
www.linkedin.com

Subject Issuer	Validity	Valid
redacted.com Cloudflare Inc ECC CA-3	`2023-06-04` - `2024-06-03`	a year	crt.sh
plausible.io R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
js.zi-scripts.com Amazon RSA 2048 M02	`2022-10-17` - `2023-11-15`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://redacted.com/?v11
Frame ID: B9A30F5A2883B146EE2C68413D45F7C2
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

[redacted] Cybersecurity that Outmaneuvers Attackers

Page URL History Show full URLs

https://www.redacted.com/?v11 HTTP 301
https://redacted.com/?v11 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Plausible (Analytics) Expand

Overall confidence: 100%
Detected patterns

plausible\.io/js/plausible\.js

Page Statistics

45
Requests

100 %
HTTPS

82 %
IPv6

18
Domains

25
Subdomains

22
IPs

4
Countries

800 kB
Transfer

2267 kB
Size

16
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://apply.workable.com/redacted/?lng=en
Title: Careers - We're Hiring!

Search URL Search Domain Scan URL

URL: https://www.theregister.com/2023/05/17/fbi_cisa_bianlian_advisory/
Title: ‘Strictly limit’ remote desktop – unless you like catching BianLian ransomware

Search URL Search Domain Scan URL

URL: https://www.securityinfowatch.com/cybersecurity/article/53058330/russiaukraine-war-and-the-fears-of-notpetyastyle-attacks
Title: Russia-Ukraine war, and the fears of NotPetya-style attacks

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/redacted/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.redacted.com/?v11 HTTP 301
https://redacted.com/?v11 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
redacted.com/
Redirect Chain

https://www.redacted.com/?v11
https://redacted.com/?v11

35 KB
8 KB

677ms
647ms

Document
text/html

2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redacted.com/?v11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3019a36f860fa6522b2f873509abef3645f948363dbc0322bffc65ce2e96b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7d4acdc39c513813-FRA
content-encoding: br
content-type: text/html
date: Fri, 09 Jun 2023 16:38:14 GMT
last-modified: Fri, 09 Jun 2023 07:07:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlyzFjNTRu85Smq1and3LeYqhZHsHd7sySqb2zKgmTk36Y0C4kk8MBrnWDeYcCt48n5bUFW9JAau3tibZcBOdYlFNGvzcj0dLejnuMWu9Y7uHcXRnlu9X%2BjsKJ3zCy0XEps7fmJXjSzq5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=300; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7d4acdbf4e273813-FRA
content-type: text/html
date: Fri, 09 Jun 2023 16:38:14 GMT
location: https://redacted.com:443/?v11
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGrdWmli25NhUTJm%2FYHIl26LA0ZSL5ampKrxJIo5QpKFOI4G4kzQVmRRa4Z6uR6sAweuvCExsVn6h7OHwD8mG6%2BD%2Btq%2F33caRM8E9j%2BEYGXA6w8ltH6ludePNRqa%2Fk1eV%2FgfIAwwM4XrUfKHOwk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.7845693223299c9c398be6c67c91b768d3ba8bd5f0d130662b2a776bd92f6dea.css
redacted.com/assets/css/ 167 KB
25 KB 1146ms
1146ms Stylesheet
text/css 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redacted.com/assets/css/style.7845693223299c9c398be6c67c91b768d3ba8bd5f0d130662b2a776bd92f6dea.css

Requested by

Host: redacted.com
URL: https://redacted.com/?v11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7845693223299c9c398be6c67c91b768d3ba8bd5f0d130662b2a776bd92f6dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/?v11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:16 GMT
strict-transport-security: max-age=300; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Jun 2023 07:07:27 GMT
server: cloudflare
etag: W/"6482cfaf-29de4"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOOHbfnARMgCGdF8xsphVVHWU6SjrD%2BhQTMLUtl%2Fdo6fp0%2FK4i8vH6CayefPccFBj3ZYAqoZHC26rRmyBWgdljnQ%2FOYQLeu3KIWe4s%2B0WgtFeuCDZDBXy6XOflLtW0ImI%2FWn%2FfArpGOXFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7d4acdc7a9b03813-FRA

GET
H2 200 main.803c1e7d301bf70dc2fd688639274ed1b876c1c210ff32ad9a6266b92e08da14.js Show response
redacted.com/assets/js/ 254 KB
82 KB 1102ms
1101ms Script
application/javascript 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redacted.com/assets/js/main.803c1e7d301bf70dc2fd688639274ed1b876c1c210ff32ad9a6266b92e08da14.js

Requested by

Host: redacted.com
URL: https://redacted.com/?v11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

803c1e7d301bf70dc2fd688639274ed1b876c1c210ff32ad9a6266b92e08da14

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/?v11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:16 GMT
strict-transport-security: max-age=300; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Jun 2023 07:07:27 GMT
server: cloudflare
etag: W/"6482cfaf-3f9f4"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOJajlKPUulbUusfspy6hnKtwS%2B0qCOy%2Bh7sBbxaEa6XexKTsS9tB6xg51XVZ9vJZX65SdWV51EXTcshs3FmKyclTNrYFRJRKhZoOMzFvfR4DnlsJEsF9EusNyx9XMiIJeIlWcjyUPSwIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7d4acdc7a9b23813-FRA

GET
H2 200 lottie-player.59825e18ded5cd0013692b124360714f64aa53d0b4d67bef3da48189d35a343b.js Show response
redacted.com/assets/js/ 337 KB
90 KB 1311ms
1311ms Script
application/javascript 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redacted.com/assets/js/lottie-player.59825e18ded5cd0013692b124360714f64aa53d0b4d67bef3da48189d35a343b.js

Requested by

Host: redacted.com
URL: https://redacted.com/?v11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59825e18ded5cd0013692b124360714f64aa53d0b4d67bef3da48189d35a343b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/?v11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:17 GMT
strict-transport-security: max-age=300; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Jun 2023 07:07:28 GMT
server: cloudflare
etag: W/"6482cfb0-544ce"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0B8ntoE57Z1%2FBvk2ak0NoMvumSFkQaxg7veqDz7f2L8giqyHERye8kqtwEzZvd27CPa0jgd9IOM9DT1WYPNw7IdwMmTTgN5SljlmMPmeu69Ylnxb9kLnHRV%2B%2Fb7jKokJKYvAlnC9%2BqQRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7d4acdcecac63813-FRA

GET
H2 200 illustration-redacted.svg
redacted.com/images/content/ 19 KB
3 KB 686ms
684ms Image
image/svg+xml 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redacted.com/images/content/illustration-redacted.svg

Requested by

Host: redacted.com
URL: https://redacted.com/?v11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3169fd0ded507bafa79edb2c8d427a97d9f5dfd9fb7376e537b961b52e2c0031

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/?v11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:16 GMT
strict-transport-security: max-age=300; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Jun 2023 07:04:41 GMT
server: cloudflare
etag: W/"6482cf09-4bc8"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxWCB6vqyuZDP8PYNra%2FAamVJQTRM1kzvf2eBhWNU6HY32pPFp41bfJsEcMuDEwfWGO3Uy45NuhOSn1fWpG5l3m2hyFj9X%2BiUgWf2CVp7YaWgPHBpV9to8Dczk7vdFyppx1I1DMTVgWKwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7d4acdceeae13813-FRA

GET
H2 200 logo.svg
redacted.com/images/layout/ 369 B
513 B 651ms
650ms Image
image/svg+xml 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redacted.com/images/layout/logo.svg

Requested by

Host: redacted.com
URL: https://redacted.com/?v11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4ae362bd43d5ff13b856f73016acfa8f7010144ddd51e86e2af7ccc4fe45889

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/?v11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:16 GMT
strict-transport-security: max-age=300; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Jun 2023 07:04:41 GMT
server: cloudflare
etag: W/"6482cf09-171"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lO6TBKCGeS4Ed91KjXD%2FQwbQfEtPrQzSPHbWTiZ%2BXNQvStYeja9cDKenBRl%2BH7q6hH7VXUEuymyaXyZx8WaCqH4XOLzkMShzgV6BIZU9GCeS%2BITDXg8KjonY6St1Vli9h8b8kOdVXu2AJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7d4acdcf2b2c3813-FRA

GET
H2 200 plausible.js Show response
plausible.io/js/ 1 KB
1 KB 145ms
42ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://plausible.io/js/plausible.js

Requested by

Host: redacted.com
URL: https://redacted.com/?v11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1054 /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 874
cdn-cachedat: 06/09/2023 15:42:25
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.1.2
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, max-age=3600
permissions-policy: interest-cohort=()
cdn-requestid: f79cf4906bfb880bf8d8935348a12bb1
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 141 KB
54 KB 92ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MV9T8VC

Requested by

Host: redacted.com
URL: https://redacted.com/?v11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

131fda0a3f6fef7f22896be54dc717171a10ff971150f296fafcd780feeea60a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54891
x-xss-protection: 0
last-modified: Fri, 09 Jun 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Jun 2023 16:38:16 GMT

GET
H2 200 hotjar-3504122.js Show response
static.hotjar.com/c/ 9 KB
4 KB 148ms
57ms Script
application/javascript 108.138.7.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3504122.js?sv=6

Requested by

Host: redacted.com
URL: https://redacted.com/?v11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-31.fra56.r.cloudfront.net

Software

Resource Hash

edf2952766d40e9a7a70fd436156e5631c4fd0c6f3b4543753258be19ea292c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 09 Jun 2023 16:38:16 GMT
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/662477475fa0eb11b9e0137241991dcb
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: b1li3cMlsRc41SleHDqJe2kxD5gr0LZTiQipypYytKTNAR-ZR3gZcw==

GET
H2 200 22166617.js Show response
js.hs-scripts.com/ 2 KB
1 KB 448ms
402ms Script
application/javascript 2606:4700::6812:863b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/22166617.js
Requested by: Host: redacted.com
URL: https://redacted.com/?v11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:863b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c49024a6a798982486a9201dac7f806cc31478e1a6fee82308bdb3790fd428e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:16 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 7cd094ee-58ac-413c-b6dc-7b754d5bb78d
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0e493f39-a336-4f37-82bf-e7a822252071
last-modified: Fri, 09 Jun 2023 06:06:14 GMT
server: cloudflare
x-trace: 2B5224167EE7BC1DCAADBDCF299AABC1007D0793DE000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://redacted.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-4sb9f
cf-ray: 7d4acdcf786737e4-FRA
expires: Fri, 09 Jun 2023 16:39:16 GMT

GET
H2 200 Shentox-Medium.woff
redacted.com/fonts/shentox/ 58 KB
59 KB 870ms
869ms Font
font/woff 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redacted.com/fonts/shentox/Shentox-Medium.woff

Requested by

Host: redacted.com
URL: https://redacted.com/assets/css/style.7845693223299c9c398be6c67c91b768d3ba8bd5f0d130662b2a776bd92f6dea.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80aa1a6a8000dc8497e6b81db8135ae5eef3acbeb8589d369853c0a0be72af93

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redacted.com/assets/css/style.7845693223299c9c398be6c67c91b768d3ba8bd5f0d130662b2a776bd92f6dea.css
Origin: https://redacted.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:17 GMT
strict-transport-security: max-age=300; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 59530
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Jun 2023 07:04:41 GMT
server: cloudflare
etag: "6482cf09-e88a"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhpMLw%2BzuNukstSIyWhtLplWUJtoaZklB7SUMYBkcDs29CZddwutfjgFWR4%2F%2F9AP41JFcO72OfHA0TbW9n9d%2Bh5pPQWFruccxcetZcdy%2BoMH6Bo%2BZBXdiZQPYgFB76ibPNs6HLoyjHT0CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d4acdcf3b373813-FRA

GET
H2 200 Shentox-Regular.woff
redacted.com/fonts/shentox/ 59 KB
60 KB 846ms
845ms Font
font/woff 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redacted.com/fonts/shentox/Shentox-Regular.woff

Requested by

Host: redacted.com
URL: https://redacted.com/assets/css/style.7845693223299c9c398be6c67c91b768d3ba8bd5f0d130662b2a776bd92f6dea.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

991939c66b52b1124ac876c4d4be06e656180e5ec7e2bd0113abea0472ba20ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redacted.com/assets/css/style.7845693223299c9c398be6c67c91b768d3ba8bd5f0d130662b2a776bd92f6dea.css
Origin: https://redacted.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:17 GMT
strict-transport-security: max-age=300; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 60527
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Jun 2023 07:04:41 GMT
server: cloudflare
etag: "6482cf09-ec6f"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOPtz3A9mr3PRkZJOeRZlpcfRIDM6OiQkrKJjY7mlJ7tNWeqpzexQ3OzdpBFhZB3%2FEs%2Fjd%2BlyNzgw47Xy2FbCrqDOlj5yBOE2eGYDsHBsBYAsfnSRgMu793Kvw4hduEJWodjR%2FhyIE%2BH%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d4acdcf3b393813-FRA

GET
H2 200 IBMPlexSans-Light.woff2
redacted.com/fonts/ibm-plex-sans/ 59 KB
59 KB 885ms
884ms Font
font/woff2 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redacted.com/fonts/ibm-plex-sans/IBMPlexSans-Light.woff2

Requested by

Host: redacted.com
URL: https://redacted.com/assets/css/style.7845693223299c9c398be6c67c91b768d3ba8bd5f0d130662b2a776bd92f6dea.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60f2f7643acba444e69f57a945d7d81f097bd1642a40871797b11e5413e9e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redacted.com/assets/css/style.7845693223299c9c398be6c67c91b768d3ba8bd5f0d130662b2a776bd92f6dea.css
Origin: https://redacted.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:17 GMT
strict-transport-security: max-age=300; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 60036
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Jun 2023 07:04:41 GMT
server: cloudflare
etag: "6482cf09-ea84"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWHVBoEXdcUtH23LiHOxJGJSBnbMk56ST5qgz1JmeSRtGmSko1tg7AhVygvGBNUSK5I3nZH0IJ%2F3e9QO58cFQtWfYrOqgOCnBLnAXzwdo%2BbJ0iALQUHRlMF5qstJiZdSugRCSAS4eZMeEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d4acdcf3b3a3813-FRA

GET
H2 200 IBMPlexSans-Regular.woff2
redacted.com/fonts/ibm-plex-sans/ 55 KB
56 KB 854ms
853ms Font
font/woff2 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redacted.com/fonts/ibm-plex-sans/IBMPlexSans-Regular.woff2

Requested by

Host: redacted.com
URL: https://redacted.com/assets/css/style.7845693223299c9c398be6c67c91b768d3ba8bd5f0d130662b2a776bd92f6dea.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd60ec666854e6b5972b6003a50a4eeab8d6877accdcdaa897cc7bbfdbe39306

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redacted.com/assets/css/style.7845693223299c9c398be6c67c91b768d3ba8bd5f0d130662b2a776bd92f6dea.css
Origin: https://redacted.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:17 GMT
strict-transport-security: max-age=300; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 56584
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Jun 2023 07:04:41 GMT
server: cloudflare
etag: "6482cf09-dd08"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9ewFZUGwe1%2Bw6wjdh%2FkWtTXkhpeXnuNFIZc4nIoCqkQwCTArdmora%2FiJ29d2xE21zpoG5XyUx%2BuZtJtviTnO96XWa7pHFD4Yo0G9F6DbH4aFMtP3jA46XbxICC3eEEsfsOPyLheW6JXPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d4acdcf3b3b3813-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 81ms
21ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV9T8VC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Jun 2023 16:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 169
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 09 Jun 2023 18:35:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
88 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DEM21TCJED&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV9T8VC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4dd4b85150264e6f8a58b122e0120b2abcdbd185aaae4ab76eb2ced164075ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90181
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Jun 2023 16:38:16 GMT

POST
H2 202 event Show response
plausible.io/api/ 2 B
477 B 183ms
110ms XHR
text/plain 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/api/event
Requested by: Host: plausible.io
URL: https://plausible.io/js/plausible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://redacted.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 09 Jun 2023 16:38:16 GMT
cdn-edgestorageid: 1054
cdn-cachedat: 06/09/2023 16:38:16
cdn-pullzone: 682664
application: 10.0.0.3
content-length: 2
x-request-id: F2cLA8yIVQ9GBwAM_TEL
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: 1b336bb0350ce1a38cce305b5ef15697
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 modules.842e148a127be39dcaed.js Show response
script.hotjar.com/ 269 KB
69 KB 98ms
24ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.842e148a127be39dcaed.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3504122.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

4179ea59ca86f07d474bedf959a49c3f3fce5ccbabb4e0673996bc003a4946fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 13:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 10869
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69977
last-modified: Fri, 09 Jun 2023 13:37:05 GMT
etag: "5d95e6104846f0eff8897a265f973c2e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: pEmVgJALnM1l1d24hUW266AEDZkT-PjufhSxp15iAClRwBH2d-eeHQ==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 78ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DEM21TCJED&gtm=45je3671&_p=977653799&_gaz=1&cid=925488584.1686328696&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686328696&sct=1&seg=0&dl=https%3A%2F%2Fredacted.com%2F%3Fv11&dt=%5Bredacted%5D%20Cybersecurity%20that%20Outmaneuvers%20Attackers&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DEM21TCJED&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:38:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://redacted.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 84ms
28ms Ping
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DEM21TCJED&cid=925488584.1686328696&gtm=45je3671&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DEM21TCJED&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:38:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://redacted.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 99ms
47ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DEM21TCJED&cid=925488584.1686328696&gtm=45je3671&aip=1&z=1067954789

Requested by

Host: redacted.com
URL: https://redacted.com/?v11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:38:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
205 B 29ms
29ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=977653799&t=pageview&_s=1&dl=https%3A%2F%2Fredacted.com%2F%3Fv11&ul=en-us&de=UTF-8&dt=%5Bredacted%5D%20Cybersecurity%20that%20Outmaneuvers%20Attackers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=13551551&gjid=1747252495&cid=925488584.1686328696&tid=UA-124234466-1&_gid=1679968354.1686328696&_r=1&_slc=1&gtm=45He3671n81MV9T8VC&z=523727720

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://redacted.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Jun 2023 16:38:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://redacted.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/3504122/ 148 B
323 B 172ms
58ms XHR
application/json 185.48.120.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/3504122/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.842e148a127be39dcaed.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.48.120.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-185-48-120-161.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8bb4bb6cbba0b098d67a24992eb1180257f23f2cb38dd8cc4a9acfd99b1fd699

Request headers

Referer: https://redacted.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 09 Jun 2023 16:38:16 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 22166617.js Show response
js.hs-analytics.net/analytics/1686328500000/ 66 KB
21 KB 333ms
174ms Script
text/javascript 2606:4700::6810:8bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1686328500000/22166617.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22166617.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4643c4840cc925bd41120c38253125ee62c171844848acd511ce81b3263b8546

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:16 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: BY843BNNHAQWTX4V
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 17
x-amz-id-2: K1eaUDnv0lEYlvEW5+V96gZEkF8STWTfhXtJ+J4ZYcxplqzwwE+uF/RrvwtbzbD2IWYed+ICRMY=
x-evy-trace-listener: listener_https
x-request-id: fffb812b-f1a2-433a-936c-49106b0df6fa
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 31 May 2023 19:37:13 GMT
server: cloudflare
etag: W/"36a3c923fdaf59c323fdc864290ac928"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-ns2gd
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7d4acdd2fcb1bb74-FRA
expires: Fri, 09 Jun 2023 16:43:16 GMT

GET
H2 200 22166617.js Show response
js.hs-banner.com/ 60 KB
16 KB 584ms
425ms Script
text/javascript 2606:4700::6812:19c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/22166617.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22166617.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 502224cabcff9a8215d724bcfe2446a8876842f94adfb263e543676c0404b421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:17 GMT
x-amz-version-id: bk_UYDSza7Sa7iz2DE0LhZnyQR2gbHHO
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: RTM497MT0K3R0GWY
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 83
x-amz-id-2: w09O+bgghyUf657Im6pv/45R1HV0kEPOzu8I053/FMoFWABVey8W4SrjJyudNwCYzpx8UwBnQ5M=
x-evy-trace-listener: listener_https
x-request-id: 07bfd7a6-1c3a-448f-b670-c2c551cc1986
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 26 Apr 2023 23:34:44 GMT
server: cloudflare
etag: W/"3dbbfbf0fa8d28ce8e4cf67a23721960"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://redacted.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-ns2gd
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7d4acdd2fe881d96-FRA
expires: Fri, 09 Jun 2023 16:43:17 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 295ms
136ms Script
application/javascript 2606:4700::6811:6cc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22166617.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6cc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e1bce508370a6994bd3e0e67c257f06875e16ca2038c27f498616a0f0d55687

Request headers

Referer: https://redacted.com/
Origin: https://redacted.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:16 GMT
x-amz-version-id: SGo7xq5b6d1kUu6c8SU5YR.mobmUICUY
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.370/bundles/project.js&cfRay=7d4acdd2fa2c1c2a-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b7b218d5-93e1-43ce-9630-7c071c143af8
last-modified: Tue, 09 May 2023 08:44:18 UTC
server: cloudflare
etag: W/"d1b16df440198d59c993c4956b7fded6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-xjmf2
cf-ray: 7d4acdd2fa2c1c2a-FRA
x-amz-cf-id: vlp_EXSGFwwOiOh_yLBDi0do4iUb-XA_m7xUHw1crBEtws0wIfx65Q==
x-hs-target-asset: collected-forms-embed-js/static-1.370/bundles/project.js

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 57 KB
18 KB 319ms
161ms Script
application/javascript 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22166617.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6786b55f4f61b07a775a6c594b17c2182c6989f189af41cbb36a324fae57b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://redacted.com/
Origin: https://redacted.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.326/bundles/project.js&cfRay=7d4acdd2fc5a18b5-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"22d5203b45fde91515e8a0ffc1df1fa6"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.326/bundles/project.js
date: Fri, 09 Jun 2023 16:38:16 GMT
x-amz-version-id: urM.bryEQmBxxJpqDsCd7VMxNLw.CeA0
via: 1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 755caa5e-0ef3-4d89-b25d-590ef7747ba9
last-modified: Fri, 02 Jun 2023 02:18:32 UTC
server: cloudflare
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Grg1xec2x2dd5AXN4oo%2FXZvMr%2B%2B2F%2B5eyvhR0DzhnjZaKahfkHoUwe9l0x%2FoZZvl9iAE7%2F7TBaigVdR25%2FCTDSnDSvezwHwSzONQB7gH17j%2BGZ%2BG8xRhb8DGPgnhjpx5t95JkerQz38PkxxL"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-x5fmx
cf-ray: 7d4acdd2fc5a18b5-FRA
x-amz-cf-id: I-2l1mQxO9L65zUpkCqK5aebw1x_uFkyTYZWwEZhQkO-Vu7Un3LjFg==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 186ms
27ms Script
application/javascript 2606:4700::6810:75be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22166617.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:75be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed334d1c96abd8c03aacf86a2a30fb9d391290f27e49b0fa456a7af8f1a1bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:16 GMT
x-amz-version-id: wXOaVt.1FYp5SJSGbufdokAhWgyD7J.j
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 378
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.381/bundles/pixels-release.js&cfRay=7d4ac4939b709180-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 67a2d026-01dd-4780-8e79-81d0e2f47059
last-modified: Mon, 05 Jun 2023 12:31:29 UTC
server: cloudflare
etag: W/"3907b3424cd18a581148905ead09299a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-x5fmx
cf-ray: 7d4acdd2f8e09b5e-FRA
x-amz-cf-id: XtKQh5xLVhwWxMqZpxZSWmUJN9MExhOyR083l051R_d_hW-fHUDkQA==
x-hs-target-asset: adsscriptloaderstatic/static-1.381/bundles/pixels-release.js

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 223ms
114ms XHR
application/json 18.202.72.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.842e148a127be39dcaed.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.202.72.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-72-98.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: df1530a93da44682596ee8bd1f86af3d2e271f8f3316af04034edfeab392370b

Request headers

Referer: https://redacted.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 09 Jun 2023 16:38:16 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 116 B
469 B 141ms
140ms XHR
application/json 2606:4700::6811:6cc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=22166617&utk=
Requested by: Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6cc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07bcfc1c37f63948072a40d2a22f54020142719134d1ce3bf73ccbe8b24836c2

Request headers

Accept: application/json, text/plain, */*
Referer: https://redacted.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 1a32c86d-f138-4180-9a89-b086245aa253
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2e19b428-ea8e-457d-a72e-d46d487bc1b5
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://redacted.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-nnm64
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7d4acdd40bba1c2a-FRA

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 61 B
946 B 164ms
147ms Fetch
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=22166617&currentUrl=https%3A%2F%2Fredacted.com%2F%3Fv11

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 7ae5345d-5b04-4036-a2f5-b128d678a5d2
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 11
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: af6f7291-368d-49ff-a1a3-99700b8ae422
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://redacted.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69jM04WIlJmCCV4hsqPT1FVrvqOGkTzc0LGKdRNNGXD%2FK%2FxZFiCmMIzlYtI5OVPK5T3WO3jItevJPVG5LRxiJVIZsL4%2B%2BIqEurS6wz9CTzdkytd%2BzMXLjS9hMIPgI2wJqVPr13IjikKr8YniWLGSlNPOcq4foH7PBoI%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7d4acdd43de718b5-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-llkhw

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 205ms
149ms Image
image/gif 2606:4700::6811:d4f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: redacted.com
URL: https://redacted.com/?v11

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d4f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Fri, 09 Jun 2023 16:38:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: MISS
X-HubSpot-Correlation-Id: 42106eb9-7f79-4baf-bfb9-7a72a8b5724f
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 5
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c18cb8f2-4b52-4a56-a6b5-34244dfe58ba
Last-Modified: Fri, 09 Jun 2023 16:38:17 GMT
Server: cloudflare
X-Trace: 2B2A2B57E3DACB65336121A799EEB60B3F414F5074000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-j4dtm
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 7d4acdd58b8d362f-FRA

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
0 168ms
125ms Preflight
application/octet-stream 2606:4700::6812:19c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://redacted.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://redacted.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 7d4acdd5f9db364d-FRA
content-length: 0
content-type: application/octet-stream
date: Fri, 09 Jun 2023 16:38:17 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 0
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-f4w7q
x-evy-trace-virtual-host: all
x-request-id: d072415d-c101-4daf-a566-d0d8a0a5f203

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
167 B 136ms
136ms XHR
text/plain 2606:4700::6812:19c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/22166617.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://redacted.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Jun 2023 16:38:17 GMT
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: cc427736-fd5a-4bf7-b059-016dbb067ede
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 14
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e61980c5-22aa-4543-acdd-dd3b2399e1c2
server: cloudflare
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://redacted.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-2sbs7
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7d4acdd6baad364d-FRA

GET
H2 200 globe.json Show response
redacted.com/videos/ 80 KB
5 KB 185ms
184ms XHR
application/json 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redacted.com/videos/globe.json

Requested by

Host: redacted.com
URL: https://redacted.com/assets/js/lottie-player.59825e18ded5cd0013692b124360714f64aa53d0b4d67bef3da48189d35a343b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f437dce8cc10e86b4a2d988deed9c193a8f565d560f1537fc94f18d43ba17ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/?v11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:17 GMT
strict-transport-security: max-age=300; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 09 Jun 2023 07:04:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"6482cf09-13eed"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9yWWwnmpBkoLWWAodRgx%2FwledPUoKd%2Fqc%2F2Nam7RAVVm2dyi%2BmyMt%2FzsLTRbZzreIubTgmnMI%2BADVKfs4Y%2FNHVuoozcctE7WhMF85vQas5qu6JTNNN5ZKRO4svnxoJzs0M1zuwr%2FEi2rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 7d4acdd72be53813-FRA
x-xss-protection: 1; mode=block

GET
H2 200 globe.json Show response
redacted.com/videos/ 80 KB
5 KB 698ms
697ms Fetch
application/json 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redacted.com/videos/globe.json

Requested by

Host: redacted.com
URL: https://redacted.com/assets/js/lottie-player.59825e18ded5cd0013692b124360714f64aa53d0b4d67bef3da48189d35a343b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f437dce8cc10e86b4a2d988deed9c193a8f565d560f1537fc94f18d43ba17ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/?v11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:18 GMT
strict-transport-security: max-age=300; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 09 Jun 2023 07:04:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"6482cf09-13eed"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RognNkKJTau4HdqKEgwqT%2FTCcNjxR8sqf6smZHrRHEgOdDHmM1sSyA9OMhZBXP3w8KQ7xrNpvB5SngVCEyPCygepsE1zL%2Fb7OrylmlDwTm5oMwmUV5aTdi10FFrTTijxL1L%2B03yP7n8ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 7d4acdd72be93813-FRA
x-xss-protection: 1; mode=block

GET
H2 200 zi-tag.js Show response
js.zi-scripts.com/ 8 KB
3 KB 101ms
22ms Script
application/javascript 2600:9000:223e:1c00:11:1faa:8080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: redacted.com
URL: https://redacted.com/?v11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:1c00:11:1faa:8080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 965216e5aefbff8eb9979708c07a2414392ed6d780dfe53c27c356e317478727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: kLHcdItHLihWTOne3WThVFFe1AtpHRg8
content-encoding: br
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
date: Fri, 09 Jun 2023 08:01:20 GMT
last-modified: Fri, 28 Apr 2023 05:37:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 31018
etag: W/"d708741896b6af0f1908a95a605b4dec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: srK3wmy33H3q7VSTFCCn6q0GeUzj9n17eGZ9WRHNrcIl_8L0W-dGEQ==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 195ms
142ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=78086756&v=1.1&a=22166617&rcu=https%3A%2F%2Fredacted.com%2F&pu=https%3A%2F%2Fredacted.com%2F%3Fv11&t=%5Bredacted%5D+Cybersecurity+that+Outmaneuvers+Attackers&cts=1686328697470&vi=58ea7908b4bc723a7dbca75b04725def&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7245ac5c-4345-4cfd-bcc5-f783fd5eed4d
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9850af73-36ff-469d-ae87-83bc7dedf19f
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvwBo8qbe8OWJFmkmjJGMLYXF62PwC1CM0XPBGptU942zx56z%2B1%2BJjtEQvzaC7feKcjMD6It5FslthV1AEMpplPRJY7Ah%2BZ7jfVJh1%2BOEYPfoWurSwNFeP1RKIN%2Faiy6XdEEPwM0yUEvP5F4NkAs"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-2c4rt
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7d4acdd79ceb1daa-FRA
x-robots-tag: none

GET
H2 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 172 B
534 B 450ms
450ms Fetch
application/json 2600:9000:223e:1c00:11:1faa:8080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:1c00:11:1faa:8080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 36af40a15578362affee737249e77812d7c8fe556bbd4c5fca8ba132b5190919

Request headers

Content-Type: application/json
Referer: https://redacted.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer 698130849c1669828051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
visited_url: https://redacted.com/?v11

Response headers

date: Fri, 09 Jun 2023 16:38:18 GMT
via: 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-powered-by: Express
etag: W/"ac-WtOnLmDiiszwx20h5UQtvBMI6bc"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 172
apigw-requestid: GQpLIi0vPHcES8Q=
x-amz-cf-id: 5GZx0sckaGVXneG48m5GiPNq6Z84fodGQCfVI-ihHTOpxoyG8YnjFQ==

OPTIONS
H2 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ 0
0 212ms
168ms Preflight 2600:9000:223e:1c00:11:1faa:8080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:1c00:11:1faa:8080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://redacted.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: GQpLDhiAPHcESww=
date: Fri, 09 Jun 2023 16:38:17 GMT
vary: Access-Control-Request-Headers
via: 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
x-amz-cf-id: fhOqX2hgmEaQc6ZtnH_odk6ZSCsZoJpeYG8rZ-I54-4oImRG8j79SQ==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-powered-by: Express

OPTIONS
H2 200 /
ws.zoominfo.com/pixel/6329d13596ac02cdefe279b8/ 0
0 240ms
181ms Preflight
text/html 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6329d13596ac02cdefe279b8/?iszitag=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _zitok,content-type
Access-Control-Request-Method: GET
Origin: https://redacted.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
access-control-allow-origin: https://redacted.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d4acddc68563688-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 09 Jun 2023 16:38:18 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

GET
H2 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 56 KB
18 KB 127ms
65ms Script
application/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f03450bb6efbf09d31b7d62bd7b5ebe3e21ca4c132341b929dcfd2d0e21f133e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redacted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 16:38:18 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 2422
x-guploader-uploadid: ADPycdtmuEOaTUsMMm-giilehQUwQAAPlzVyVMxiD9wrA5OIFikgBe-s9qRzaMwVWtDv0-_0sfPuorUZlTJTQIv_Eee7qgMUwERq
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 May 2023 09:01:21 GMT
server: cloudflare
etag: W/"98af2c9e21e222c751d8c61f27ca2f67"
x-goog-hash: crc32c=hquDPQ==, md5=mK8sniHiIsdR2MYfJ8ovZw==
x-goog-generation: 1684227681426057
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 57282
cf-ray: 7d4acddc6de830c9-FRA
expires: Fri, 09 Jun 2023 16:57:56 GMT

GET
H3 200 / Show response
ws.zoominfo.com/pixel/6329d13596ac02cdefe279b8/ 3 KB
2 KB 206ms
178ms Fetch
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6329d13596ac02cdefe279b8/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e745a068697b41b011689ad66da042e492c2af704a8c32ae1ae1611ff218215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://redacted.com/?v11
_zitok: c02e7d1f1151c708c9071686328698
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/javascript

Response headers

date: Fri, 09 Jun 2023 16:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://redacted.com
access-control-allow-credentials: true
cf-ray: 7d4acdddb80c190d-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 forms
ws.zoominfo.com/formcomplete-v2/ 0
0 157ms
156ms Preflight
text/html 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://redacted.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://redacted.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d4acddce8ee3688-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 09 Jun 2023 16:38:18 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 2 B
316 B 157ms
157ms Fetch
application/json 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://redacted.com/
accept-language: de-DE,de;q=0.9
Authorization: bearer 2a5f325f69bdc0113249cc2cc5443f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Jun 2023 16:38:18 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://redacted.com
access-control-allow-credentials: true
cf-ray: 7d4acdddd83d190d-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
content-length: 2
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.redacted.com/	1970-01-20 12:26:51	Name: __cflb Value: 0H28vNfMbtuyQ6vcWZoApQe7D483e7pRGxfnoR3v32U
redacted.com/	1970-01-20 12:26:51	Name: __cflb Value: 0H28vNfMbtuyQ6vcWZoApQe7D483e7pS1nBzN4gBhWt
.redacted.com/	1970-01-20 14:35:04	Name: _gcl_au Value: 1.1.1650594730.1686328696
.redacted.com/	1970-01-20 22:01:28	Name: _ga_DEM21TCJED Value: GS1.1.1686328696.1.0.1686328696.60.0.0
.redacted.com/	1970-01-20 22:01:28	Name: _ga Value: GA1.2.925488584.1686328696
.redacted.com/	1970-01-20 12:26:55	Name: _gid Value: GA1.2.1679968354.1686328696
.redacted.com/	1970-01-20 12:25:28	Name: _gat_UA-124234466-1 Value: 1
.redacted.com/	1970-01-20 21:11:04	Name: _hjSessionUser_3504122 Value: eyJpZCI6IjBmN2ViNGZhLTcxNzEtNTU4NS05YWY2LTMzNjE3OGIzZjBjOCIsImNyZWF0ZWQiOjE2ODYzMjg2OTY0OTEsImV4aXN0aW5nIjpmYWxzZX0=
.redacted.com/	1970-01-20 12:25:30	Name: _hjFirstSeen Value: 1
.redacted.com/	1970-01-20 12:25:28	Name: _hjIncludedInSessionSample_3504122 Value: 1
.redacted.com/	1970-01-20 12:25:30	Name: _hjSession_3504122 Value: eyJpZCI6IjFjODhmYjY0LTEwMjgtNDQ2ZC04NjEwLTdjMjk4YWY0NTMwMSIsImNyZWF0ZWQiOjE2ODYzMjg2OTY1MDUsImluU2FtcGxlIjp0cnVlfQ==
.redacted.com/	1970-01-20 12:25:30	Name: _hjAbsoluteSessionInProgress Value: 0
.hubspot.com/	1970-01-20 12:25:30	Name: __cf_bm Value: l6384_ekPPVTP4IwQvgTd0iD1YLbjHUm9G77ZfT7gWE-1686328697-0-AX9yoJUR0P51FwiKY86I/S1q87e4LLWO2EAfh5ADRe2NvFfhSq4tZh2M2x8xU5hV0joZtEn4LhFkuc0k65qduVg=
.redacted.com/	1970-01-20 22:01:28	Name: _zitok Value: c02e7d1f1151c708c9071686328698
.zoominfo.com/	1970-01-20 12:25:30	Name: __cf_bm Value: yB078VzxLkK2ff8GDPE1VUxPwLC6OGIxSvQP.N5KGTQ-1686328698-0-AeGiDL5nXvD4HYLR1XyJAijCsk6eZIKdCh8MD+rG25fOMJTEsbZatHR5+JcQe/ozX7QN5G+oSEGfLVYdLvt1B7o=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 3TVmxUkYJqDmBsBWwwraxp_KsS4Lftxu8K.hlGuah8M-1686328698351-0-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content.hotjar.io
cta-service-cms2.hubspot.com
forms.hscollectedforms.net
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hubspot.com
js.zi-scripts.com
perf-na1.hsforms.com
plausible.io
redacted.com
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
track.hubspot.com
ws-assets.zoominfo.com
ws.zoominfo.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.redacted.com
108.138.7.31
18.202.72.98
185.48.120.161
2001:4860:4802:34::36
2400:52e0:1e00::1054:1
2600:9000:223e:1c00:11:1faa:8080:93a1
2606:4700:20::681a:264
2606:4700::6810:650c
2606:4700::6810:75be
2606:4700::6810:8bce
2606:4700::6810:a852
2606:4700::6811:6cc7
2606:4700::6811:d4f3
2606:4700::6812:19c4
2606:4700::6812:863b
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:810::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c02::9c
52.222.236.74
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
07bcfc1c37f63948072a40d2a22f54020142719134d1ce3bf73ccbe8b24836c2
131fda0a3f6fef7f22896be54dc717171a10ff971150f296fafcd780feeea60a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e1bce508370a6994bd3e0e67c257f06875e16ca2038c27f498616a0f0d55687
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3169fd0ded507bafa79edb2c8d427a97d9f5dfd9fb7376e537b961b52e2c0031
36af40a15578362affee737249e77812d7c8fe556bbd4c5fca8ba132b5190919
3f437dce8cc10e86b4a2d988deed9c193a8f565d560f1537fc94f18d43ba17ef
4179ea59ca86f07d474bedf959a49c3f3fce5ccbabb4e0673996bc003a4946fc
4643c4840cc925bd41120c38253125ee62c171844848acd511ce81b3263b8546
4dd4b85150264e6f8a58b122e0120b2abcdbd185aaae4ab76eb2ced164075ef3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
502224cabcff9a8215d724bcfe2446a8876842f94adfb263e543676c0404b421
59825e18ded5cd0013692b124360714f64aa53d0b4d67bef3da48189d35a343b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7845693223299c9c398be6c67c91b768d3ba8bd5f0d130662b2a776bd92f6dea
803c1e7d301bf70dc2fd688639274ed1b876c1c210ff32ad9a6266b92e08da14
80aa1a6a8000dc8497e6b81db8135ae5eef3acbeb8589d369853c0a0be72af93
8bb4bb6cbba0b098d67a24992eb1180257f23f2cb38dd8cc4a9acfd99b1fd699
965216e5aefbff8eb9979708c07a2414392ed6d780dfe53c27c356e317478727
991939c66b52b1124ac876c4d4be06e656180e5ec7e2bd0113abea0472ba20ec
b60f2f7643acba444e69f57a945d7d81f097bd1642a40871797b11e5413e9e7f
c49024a6a798982486a9201dac7f806cc31478e1a6fee82308bdb3790fd428e5
d3019a36f860fa6522b2f873509abef3645f948363dbc0322bffc65ce2e96b1c
d4ae362bd43d5ff13b856f73016acfa8f7010144ddd51e86e2af7ccc4fe45889
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd60ec666854e6b5972b6003a50a4eeab8d6877accdcdaa897cc7bbfdbe39306
df1530a93da44682596ee8bd1f86af3d2e271f8f3316af04034edfeab392370b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e745a068697b41b011689ad66da042e492c2af704a8c32ae1ae1611ff218215e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
edf2952766d40e9a7a70fd436156e5631c4fd0c6f3b4543753258be19ea292c1
eed334d1c96abd8c03aacf86a2a30fb9d391290f27e49b0fa456a7af8f1a1bf8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03450bb6efbf09d31b7d62bd7b5ebe3e21ca4c132341b929dcfd2d0e21f133e
f6786b55f4f61b07a775a6c594b17c2182c6989f189af41cbb36a324fae57b97

redacted.com Open in urlscan Pro 2606:4700:20::681a:264 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

82 %IPv6

18 Domains

25 Subdomains

22 IPs

4 Countries

800 kBTransfer

2267 kBSize

16 Cookies

4 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

redacted.com Open in urlscan Pro
2606:4700:20::681a:264 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

82 %
IPv6

18
Domains

25
Subdomains

22
IPs

4
Countries

800 kB
Transfer

2267 kB
Size

16
Cookies

45 HTTP transactions
0 data transactions