Submitted URL: https://sl.itsdandi.com/t/108113/c/7cde120b-9977-4fdb-a1ed-d692ea2b6bc8/NB2HI4DTHIXS6NLLMV4XG2DJMZ2HGLTJORZWIYLOMRUS4Y3P...
Effective URL: https://5keyshifts.itsdandi.com/
Submission Tags: falconsandbox
Submission: On August 01 via api from US — Scanned from DE

Summary

This website contacted 23 IPs in 2 countries across 20 domains to perform 54 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is 5keyshifts.itsdandi.com.
TLS certificate: Issued by R3 on June 28th 2023. Valid for: 3 months.
This is the only time 5keyshifts.itsdandi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.144.52.150 14618 (AMAZON-AES)
1 1 52.28.77.224 16509 (AMAZON-02)
1 3.126.202.50 16509 (AMAZON-02)
3 18.173.154.65 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:21f... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
20 52.222.250.57 16509 (AMAZON-02)
3 18.66.192.63 16509 (AMAZON-02)
1 34.192.61.144 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:26d... 16509 (AMAZON-02)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
54 23
Apex Domain
Subdomains
Transfer
22 cloudfront.net
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
162 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 384
www.linkedin.com — Cisco Umbrella Rank: 543
px4.ads.linkedin.com — Cisco Umbrella Rank: 5993
5 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 58
region1.google-analytics.com — Cisco Umbrella Rank: 1914
21 KB
3 ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 27312
52 KB
3 hubspot.com
js.hubspot.com — Cisco Umbrella Rank: 8467
track.hubspot.com — Cisco Umbrella Rank: 2289
forms.hubspot.com — Cisco Umbrella Rank: 4475
24 KB
3 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 22066
39 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4784
forms.hscollectedforms.net — Cisco Umbrella Rank: 4884
26 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 795
10 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
85 KB
2 itsdandi.com
sl.itsdandi.com
5keyshifts.itsdandi.com
13 KB
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4306
1016 B
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3571
1 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3354
3 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2221
20 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 4358
86 KB
1 hs-scripts.com
js-na1.hs-scripts.com — Cisco Umbrella Rank: 8026
1 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 876
373 B
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 30602
282 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
25 KB
1 salesloft.com
app.salesloft.com — Cisco Umbrella Rank: 34107
765 B
54 20
Domain Requested by
20 d9hhrg4mnvzow.cloudfront.net 5keyshifts.itsdandi.com
3 px.ads.linkedin.com 3 redirects
3 fonts.ub-assets.com builder-assets.unbounce.com
fonts.ub-assets.com
3 www.google-analytics.com 5keyshifts.itsdandi.com
www.google-analytics.com
3 builder-assets.unbounce.com 5keyshifts.itsdandi.com
2 region1.google-analytics.com www.googletagmanager.com
2 snap.licdn.com 5keyshifts.itsdandi.com
js.hsadspixel.net
2 www.googletagmanager.com 5keyshifts.itsdandi.com
2 d1wbjksx0xxdn3.cloudfront.net 5keyshifts.itsdandi.com
d1wbjksx0xxdn3.cloudfront.net
1 forms.hsforms.com
1 forms.hubspot.com js.hsleadflows.net
1 forms.hscollectedforms.net js.hscollectedforms.net
1 api.hubapi.com js.hsadspixel.net
1 js.hscollectedforms.net js-na1.hs-scripts.com
1 js.hsadspixel.net js-na1.hs-scripts.com
1 js.hs-banner.com js-na1.hs-scripts.com
1 js.hsleadflows.net js-na1.hs-scripts.com
1 track.hubspot.com
1 js-na1.hs-scripts.com js.hubspot.com
1 px4.ads.linkedin.com 5keyshifts.itsdandi.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 events.ub-analytics.com 5keyshifts.itsdandi.com
1 js.hubspot.com 5keyshifts.itsdandi.com
1 ajax.googleapis.com 5keyshifts.itsdandi.com
1 5keyshifts.itsdandi.com
1 app.salesloft.com 1 redirects
1 sl.itsdandi.com 1 redirects
54 28

This site contains no links.

Subject Issuer Validity Valid
5keyshifts.itsdandi.com
R3
2023-06-28 -
2023-09-26
3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M01
2023-02-21 -
2024-02-07
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2023-02-05 -
2024-02-05
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-02-01 -
2024-01-31
a year crt.sh
fonts.ub-assets.com
Amazon RSA 2048 M02
2023-06-01 -
2024-06-29
a year crt.sh
*.ub-analytics.com
Amazon RSA 2048 M01
2023-03-11 -
2024-04-08
a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01
2023-06-08 -
2024-07-07
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-03 -
2024-05-02
a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3
2023-04-07 -
2024-04-06
a year crt.sh

This page contains 1 frames:

Primary Page: https://5keyshifts.itsdandi.com/
Frame ID: 7EC5F5E02076A2E2D46C28F6A4A6CA26
Requests: 55 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://sl.itsdandi.com/t/108113/c/7cde120b-9977-4fdb-a1ed-d692ea2b6bc8/NB2HI4DTHIXS6NLLMV4XG2DJMZ2H... HTTP 302
    https://app.salesloft.com/t/108113/c/7cde120b-9977-4fdb-a1ed-d692ea2b6bc8/NB2HI4DTHIXS6NLLMV4XG2DJMZ2H... HTTP 302
    https://5keyshifts.itsdandi.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

96 %
HTTPS

68 %
IPv6

20
Domains

28
Subdomains

23
IPs

2
Countries

568 kB
Transfer

1637 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sl.itsdandi.com/t/108113/c/7cde120b-9977-4fdb-a1ed-d692ea2b6bc8/NB2HI4DTHIXS6NLLMV4XG2DJMZ2HGLTJORZWIYLOMRUS4Y3PNU======/5keyshifts-itsdandi-com HTTP 302
    https://app.salesloft.com/t/108113/c/7cde120b-9977-4fdb-a1ed-d692ea2b6bc8/NB2HI4DTHIXS6NLLMV4XG2DJMZ2HGLTJORZWIYLOMRUS4Y3PNU======/5keyshifts-itsdandi-com HTTP 302
    https://5keyshifts.itsdandi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4800129&time=1690905248236&url=https%3A%2F%2F5keyshifts.itsdandi.com%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4800129&time=1690905248236&url=https%3A%2F%2F5keyshifts.itsdandi.com%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4800129%26time%3D1690905248236%26url%3Dhttps%253A%252F%252F5keyshifts.itsdandi.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4800129&time=1690905248236&url=https%3A%2F%2F5keyshifts.itsdandi.com%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4800129&time=1690905248236&url=https%3A%2F%2F5keyshifts.itsdandi.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKiP47l0hWSWgAAAYmxzoPuY7_DZYHWlm5Sqj9u7ubz_UYBOOLCj9IYERisErAKhAi2VdTffzG5Bw

54 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
5keyshifts.itsdandi.com/
Redirect Chain
  • https://sl.itsdandi.com/t/108113/c/7cde120b-9977-4fdb-a1ed-d692ea2b6bc8/NB2HI4DTHIXS6NLLMV4XG2DJMZ2HGLTJORZWIYLOMRUS4Y3PNU======/5keyshifts-itsdandi-com
  • https://app.salesloft.com/t/108113/c/7cde120b-9977-4fdb-a1ed-d692ea2b6bc8/NB2HI4DTHIXS6NLLMV4XG2DJMZ2HGLTJORZWIYLOMRUS4Y3PNU======/5keyshifts-itsdandi-com
  • https://5keyshifts.itsdandi.com/
83 KB
13 KB
Document
General
Full URL
https://5keyshifts.itsdandi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
92fc4c59f65dac159554f7d3b1bfe7bb2e5981f7be52a4e6f9ad6f1879f96180

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
12139
content-location
https://5keyshifts.itsdandi.com/
content-type
text/html; charset=utf-8
date
Tue, 01 Aug 2023 15:54:07 GMT
etag
"a:f8354803ae4d4d1184effce544201fd9"
link
<https://5keyshifts.itsdandi.com/>; rel="canonical"
x-proxy-backend
page-server
x-unbounce-pageid
4872b9e3-17f1-4501-aeb1-3657c988fce6
x-unbounce-variant
a
x-unbounce-visitorid
f8354803-ae4d-4d11-84ef-fce544201fd9

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
97
Content-Security-Policy-Report-Only
default-src 'self' https: blob: data:; img-src 'self' https: http:; frame-ancestors 'none'
Content-Type
text/html; charset=utf-8
Date
Tue, 01 Aug 2023 15:54:07 GMT
Location
https://5keyshifts.itsdandi.com
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
0950370db9e9ef77e514df132eaedb2d
X-Runtime
0.178260
X-XSS-Protection
1; mode=block
vary
Origin
main-7b78720.z.css
builder-assets.unbounce.com/published-css/
15 KB
3 KB
Stylesheet
General
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-65.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 04:23:10 GMT
content-encoding
gzip
via
1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront)
x-amz-version-id
v7RHSjIEXjAcFjtPYXyCBMnxkUsZ1xP8
x-amz-cf-pop
MUC50-P3
age
3843058
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2902
last-modified
Fri, 09 Jun 2023 20:13:54 GMT
server
AmazonS3
etag
"1da7670281e151216991875a8a95b8e8"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
fIWWvzU9AIZA5HVQHULzGNWhwHpwXwpc7TtO4atyMIdO6yc3bIy96w==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/
70 KB
25 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 08:03:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24715
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jul 2024 08:03:12 GMT
jquery-shims.bundle-aa41391.z.js
builder-assets.unbounce.com/published-js/
6 KB
2 KB
Script
General
Full URL
https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-65.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 26 May 2023 06:24:54 GMT
content-encoding
gzip
via
1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront)
x-amz-version-id
go6NP.GLZbPC.C716LHmcB2f5hVernjS
x-amz-cf-pop
MUC50-P3
age
5822954
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1991
last-modified
Mon, 13 Mar 2023 16:18:43 GMT
server
AmazonS3
etag
"047e85385e0a5e3eab26ac2f0f013f96"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
jcnM4RGd_VBsUCZHRiDfmHoifa8VZtsbdI0OAsPWEWKiwAa-QjwwPQ==
ub.js
d1wbjksx0xxdn3.cloudfront.net/
5 KB
2 KB
Script
General
Full URL
https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799037
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d000:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 17:24:21 GMT
content-encoding
gzip
via
1.1 debe291145dc27044f50d04bac101cd8.cloudfront.net (CloudFront)
x-amz-version-id
DrDbRvFA9mO1umKMKkGWhgl31YCzXh7a
x-amz-cf-pop
FRA2-C2
age
3104988
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1864
last-modified
Mon, 26 Jun 2023 16:59:10 GMT
server
AmazonS3
etag
"118cee1e64f6b283233c55aee7da10da"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Zj3IlVA9PS7L6fBlDypMvMBgE1OeWN4W4SdAvaNdCtYmlFTXY2K4oA==
js
www.googletagmanager.com/gtag/
250 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DTQSR4S8PL
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9219ab104036b9450f3c753046109d895428c7683b01461d1f443412b128f55c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:54:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86691
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 01 Aug 2023 15:54:08 GMT
main.bundle-85a7477.z.js
builder-assets.unbounce.com/published-js/
104 KB
33 KB
Script
General
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-65.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 16:17:13 GMT
content-encoding
gzip
via
1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront)
x-amz-version-id
TbQKLyFxqupjak3Mea65SB0HvILXqPo2
x-amz-cf-pop
MUC50-P3
age
3886616
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33747
last-modified
Mon, 27 Feb 2023 19:12:56 GMT
server
AmazonS3
etag
"b4081a636463cc60b1faf49e579e8cb9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ZZVZv1rCkDDjobj1iG8UVUDm-VFP0ACg-yUxUeXWz_JFsgPzp2SfbA==
5088631.js
js.hubspot.com/analytics/
66 KB
22 KB
Script
General
Full URL
https://js.hubspot.com/analytics/5088631.js
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c357668a3d00f2e6cd49604bc10f57ddf35824b30ac25089d5c09bad0d8a528
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:54:08 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
W12YNVYBTC40GBYS
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
2005729f-f276-45a7-bdb6-e6d80f9c104b
x-envoy-upstream-service-time
47
alt-svc
h3=":443"; ma=86400
x-amz-id-2
A+JjSV27g0cOA5tUUZ1+xMvVoZRP5wreL2MEnJvGNe9jNjWhs+KOCVddA8+jTjVZigimmpr6TqI=
x-evy-trace-listener
listener_https
x-request-id
2005729f-f276-45a7-bdb6-e6d80f9c104b
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 20 Jul 2023 16:01:24 GMT
server
cloudflare
etag
W/"cdfc671b46aa6c70bc4c53f62dec1469"
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13N3YWorf8iDArKBI8jrvlSlMLje3JiNNpjxRh%2F3pygSxR9P2dc1PAuEhw9%2B0fWhixiuRQN2SdNjOZNBNl2NwwK6urRw8enjXfA%2BxTeJzAIF%2Bf3Zvpkt0oTa3MCkWNL6%2FD%2BSfgPemxdFFLqE"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-9vnjb
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
7eff42087ca9bbf5-FRA
expires
Tue, 01 Aug 2023 15:59:08 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 01 Aug 2023 15:44:24 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
584
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 01 Aug 2023 17:44:24 GMT
gtm.js
www.googletagmanager.com/
0
0
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=%20GTM-W869PT7
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
insight.min.js
snap.licdn.com/li.lms-analytics/
13 KB
5 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:28c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:54:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 Jul 2023 09:07:54 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=58857
accept-ranges
bytes
content-length
4862
1bcf483d-landing-hero_11hc0si00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
58 KB
58 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/1bcf483d-landing-hero_11hc0si00000000000001o.jpg
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c25ca27b80859dc1a81e627197ea40788f12afaa28b818b3d20aeae7258aeb0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
g6_isk8FAFjh6gtGQpF7wG99_wZ4gGsc
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"db5effa24ed0e3280416e08aa6d619f8"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
59153
x-amz-cf-id
yjoG_F6nMMbNfkFzB3UrdmJ8OVx4vwx36n97f9uV6JozrbidWuhszQ==
9885394b-aabb-47c2-ab2e-e230f2abc7eb
https://5keyshifts.itsdandi.com/
5 KB
0
Stylesheet
General
Full URL
blob:https://5keyshifts.itsdandi.com/9885394b-aabb-47c2-ab2e-e230f2abc7eb
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length
5523
Content-Type
text/css
css
fonts.ub-assets.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.ub-assets.com/css?family=Muli:700,regular%7CWork+Sans:600
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-63.muc50.r.cloudfront.net
Software
/
Resource Hash
fa18f14bc75081fe53429f2f3ce0c8cef876f5579a282d29dccf086ebbf507a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 2551fa016e0e39646c40c584001d7b4e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
39
x-amzn-requestid
0584ed8b-e6c7-4f6f-88fd-9ec5884e8c9d
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
I_OTAEbnIAMF0gw=
content-length
527
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-amzn-trace-id
Root=1-64c92a79-4f4ca27c7cb7941f105e0b94
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
x-amz-cf-id
8dg8b-kyWvjABBxU8Doxam9vVA5sgQlSrg3W7tJmqZcZGNO0z9x6FA==
d8533dcf-identify-bias-in-your-recruiting-process_10a704p08c04p007000028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
2 KB
2 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/d8533dcf-identify-bias-in-your-recruiting-process_10a704p08c04p007000028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e9dab635ff141d80baf5cf57f08a496f78040d035090b2e8fce264a8085c207

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
WjL2K4ImoRtWRNK4BNYqf87hbpXcChEM
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"4ee6cd3ac85ef0bc78a8e445cd93e8e5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2050
x-amz-cf-id
Iqlq1hjHUgCSGMxr9vC4JOId0u7NKl9KPSKDwy2NMO7rvat8RnPA8Q==
8a2419a0-meeting_108c04q08c04p00000001o.jpg
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
7 KB
7 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/8a2419a0-meeting_108c04q08c04p00000001o.jpg
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd75f9872d7dec87df22e01f5e4d0903dcf521e6696ddb74985795a90491c76f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
lv_JnQWzsOm3clIpTNYyOacQQRW.RgpI
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"94e02558cf5e1f73a5ddb252bf760850"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
7217
x-amz-cf-id
CAFB35sBF6sqcCuZRtyO43HC1HDvOv-NhpxLVlgtDcCrvzCRKJ9MQQ==
e629be6a-lock-1_108c04p000000000000028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
836 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/e629be6a-lock-1_108c04p000000000000028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09f68d811625904ff147c6ec3f62a7c75a8fee54285303f92a86ead65c125526

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
G4h23Iho0XZE1LKivH.wybMJ40nFv8vb
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"f7d69c8098660dd3836a3120055baaeb"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
836
x-amz-cf-id
fjUNS4M2_6d8te1j3aCp8zv4KOYlfLfpe-NwW45NfUllrgD8-msHcQ==
07f0e60f-logo-dark_100p02c000000000000028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
673 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/07f0e60f-logo-dark_100p02c000000000000028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1377fc7bb241f7fa5770339e1443c32dda63fe66c26e3d9301aad044fb2f8875

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
o8eVgxpK4_nvGKV42Qew9T53IVGUOQa3
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"7ad0cb83a9e4ceec5164704837b272f3"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
673
x-amz-cf-id
AWa_zdlEVAZnK5li1yG4xwnyADE-NlPrOiYT-m2ZjJJvYdVFAWtsMQ==
caf7607e-group-28852_10t60fs0q20fs01m000028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
21 KB
21 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/caf7607e-group-28852_10t60fs0q20fs01m000028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8a17d61ad772259249a0dc95c8fc53e451a34365a130621d77f85c6414f4ec2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
VFGhecwDn6gfACvYMAO9OjDgg5bbKOoj
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"d80c36e2d38b6a18fc7b2910382864ad"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
21319
x-amz-cf-id
Z_KtHoigpU1L3w-5uQH6wUK0phLP_u3O66nZFyb_h61ozTBuwRCtFg==
1e218569-screenshot-2023-02-07-at-13-56-1_101y01y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
3 KB
3 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/1e218569-screenshot-2023-02-07-at-13-56-1_101y01y000000000000028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d4ec235cc65b0287715a97e534b7d6f80bc0149042d9783fa90fbed2245831b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
4cEpb4jigMxNiCouarVU5GxDs1ToL5lI
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"2e74358c65e840bf5688b04e14cd99df"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2734
x-amz-cf-id
o0TT5ecA1dqa8FReWVkpLBC5kUKpf-rKDHhlvo7EPyU2v_2H6VURog==
7bef9654-dwight-phyall-headshot_101y01y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
3 KB
3 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/7bef9654-dwight-phyall-headshot_101y01y000000000000028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21bcf3c7aa9d7c6675385a67ecd0980fef32d1a0f0205eebc831673596bf1024

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
Ci_TbIJI_rghApZiYSxwpXTJMbvHJYQc
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"13115a298515fa8d4289309463f09713"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2923
x-amz-cf-id
8r5nsuGKjCR_3A_hmpKGYktad5mb-u0PDEWCVEtqSQGNw8LIIykSuQ==
c91686d0-dandi-meeting_10gv09h0e609h01c00001o.jpg
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
16 KB
17 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/c91686d0-dandi-meeting_10gv09h0e609h01c00001o.jpg
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81d64d817cf00d8695dd1476038bb00677fda8ad94028a10f68e22daeebc2b94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
WNCLETcvjNu448VtL8OCzjAkyF9NyQ_C
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"f98a037acd0da85c4fb1d7cb6ef6c7c4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
16857
x-amz-cf-id
KcwWm_z5JOl9joUxIZo9WIr49MKdrVBSo4KRJEFkGoJ4LjBbZkMOzw==
a6912289-dandi-logo-white-1_101v00k000000000000028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
637 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/a6912289-dandi-logo-white-1_101v00k000000000000028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec33a33d9dced9476ae49e08eeda8804ad7a04a9ca497c1107b102e04fea2ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
L57YzpzuBe.19ET_9JGxRjlsxioYtuHZ
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"9232a1f692d3e12b22b10c6c790cbf7d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
637
x-amz-cf-id
AeYYsZc1DEzWry8tGiW8WRBSh1tT_D9bYhlD0M5796vH_2g1hFzoYw==
6b34c1e3-oscar-light_104101d02w015000004028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
827 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/6b34c1e3-oscar-light_104101d02w015000004028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbbe8f80229b92bf9c41649cb02952aa702422703e3744acb2832ae82ce75d11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
y9JEEN6IlKzI40u4trkh7uAlmNtFHiSA
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"456fcaf1aae6f60481fb6fbc71429361"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
827
x-amz-cf-id
mFsWviZCyNri-yaD9AHQpbl3xnAD2ijEJjHpzkbj6lBd0AoH8RhhQw==
52abc037-miq-light_104401e01x01e000000028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
2 KB
2 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/52abc037-miq-light_104401e01x01e000000028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63ad201a622325ced6efa603fb613a027b65af21a90c1a835cd08100dd73c28b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
tesyfs3pCQBA4590UlbHuBrifhMWf5DC
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"1ead4df0f976fe8e825052f52b490a3a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1855
x-amz-cf-id
FmfOLcdD0Lq-7syPVqFGFbwHEosT6Ys7SwnQyOCZEM4PdqCZOjK5jg==
92f33888-jimdo-light_104301e02j01e000000028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
597 B
1016 B
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/92f33888-jimdo-light_104301e02j01e000000028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
305a2f1d37cca1b5f039fdaeed532cdf01449a3c5f83acf4b8ce81ee6b1ce38c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
jgzDlD8bNNBXZm9KOBqXgEh8VWL31P7m
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"2c1179ecd66cb9c9446744518d5840b7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
597
x-amz-cf-id
BKdZJAckQ37oWEFNXrBMma331EYbjRt4R0SH-hfZFH-S4yKfB7mkeQ==
40ad8535-better-light_103w01c02l01c000000028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
837 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/40ad8535-better-light_103w01c02l01c000000028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92cceb4c2b2d6e345ce6f4a317436872aaa35fcfc47d5928259e0f23fb114e1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
RAlVKilGsofshi3g7TpWOy3kn8F8pJzD
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"4f00a1e260c9c3a5703868ad391a8f37"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
837
x-amz-cf-id
QTavBRYM6IyC2l0zxzXduVpV2h_-EvseGeHSTec4Y3N32XD2dvpfWQ==
0e95a278-of-light_104501e03501e000000028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
1014 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/0e95a278-of-light_104501e03501e000000028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6034d6c1a19fa7d6a901a62fa13eb65933653a5ac38e84df40966096db396439

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
quojL4OxYmaf5.1Vn7VMFo64WRXJsDET
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"b13b4ac7709c887ee5d9fe13713b89d4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1014
x-amz-cf-id
UjXCMuFGepMnuWnnBcNaZf07PryCnXEGe5R6VUYuJISW-7n_3SJ52Q==
ff69a78d-chopt-light_104401e03601e000000028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
800 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/ff69a78d-chopt-light_104401e03601e000000028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
648dc570c1e9d69ea77a15461ba0caba6b057c1f3e6a80a1534f928df3790a29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
3tYPPXakI9CrbHrJ2CkXtl1d4aS5mAYY
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"7f94f781b94322b5248df8c12ac42682"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
800
x-amz-cf-id
1BemKkCGQH_FRR_SRafjWKXCkyqQz5zlGJWeaPsutblaxN9RnFShDQ==
df487c37-inspire-light_104401e03a01e000000028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
1 KB
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/df487c37-inspire-light_104401e03a01e000000028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b1dc0c822025e083c25b84a0e01775d267915b09617c95331eeb4397aec62df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
6Rrwo__NcVRHlouKObo.3EaqqqLo9tvj
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"76c619be669eea6acfe78fa060cbfdbf"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1071
x-amz-cf-id
HraqClcsSa7lbhirbzCTuDo-VZl6tHkWbwyhlyaWIgGOTMaG63xwEQ==
863ae1fd-braze-dark_104401e02j01e000000028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
1 KB
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/863ae1fd-braze-dark_104401e02j01e000000028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d0c0377e35f0e3966df864411a490e2b795d71fd2b73d73aeacd2dadbe2bbd3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
GOn_D3VCZEC1k05DLtRjS7wZAnW3svmr
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"d99150143bada6d4e391717547a694ff"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1046
x-amz-cf-id
T5LDmaJgbnGRcOLcluwPHUuPIKVuUUTaNmfGGNX7ClbisBMiaNG_IA==
7a2b2ed9-teachable_1046016000000000000028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
1 KB
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/7a2b2ed9-teachable_1046016000000000000028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83ae20f2ae0532927212ab2f6e7aa553ab5e53def110207c51069473d2a60a1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
oHS6t1PjVlI.UKpYxTDHKmFRlnXYggD2
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"be7f5c0ba59d3e316de0180c693bca7d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1111
x-amz-cf-id
k_o20mM5n1DZysN8bu4U5C5QmcqMBpPEw2xh3pwGY_qa2fC82eg9KA==
fc84f52b-jkr-light_104101e01l01e000000028.png
d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/
508 B
925 B
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/5keyshifts.itsdandi.com/fc84f52b-jkr-light_104101e01l01e000000028.png
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
216ef06aa5b36236b965f3f39521e034ab81f6647366b433f883a166e4694b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:30 GMT
x-amz-version-id
pPlVrFTdbsiUUSj4yT7BMHH4rWVc6zwL
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 14:45:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39
etag
"cda916ef3efbe7b388f90aa9e4899dad"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
508
x-amz-cf-id
Uxr7agPF_UlIG28CubcBx4ogwTd64RVMKgHboRRyw1p-NQygPMRFmQ==
sp-2.14.0.js
d1wbjksx0xxdn3.cloudfront.net/
98 KB
30 KB
Script
General
Full URL
https://d1wbjksx0xxdn3.cloudfront.net/sp-2.14.0.js
Requested by
Host: d1wbjksx0xxdn3.cloudfront.net
URL: https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d000:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 17:20:26 GMT
content-encoding
gzip
via
1.1 debe291145dc27044f50d04bac101cd8.cloudfront.net (CloudFront)
x-amz-version-id
0Jz2Bo4sfVFEftEdSoFX9n5OCEdIO6kj
x-amz-cf-pop
FRA2-C2
age
3105223
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30399
last-modified
Mon, 26 Jun 2023 16:59:50 GMT
server
AmazonS3
etag
"73de733c308b8b5e44d2a6242dc4bd99"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
cCU0I6n2D9IqmSDqMGbgpzx-U1hi-X5TRy2WFB7pyQrCD94k9YFayw==
collect
www.google-analytics.com/j/
3 B
213 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1482989372&t=pageview&_s=1&dl=https%3A%2F%2F5keyshifts.itsdandi.com%2F&dp=%2Fa&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1882005257&gjid=2014224544&cid=1624402902.1690905248&tid=UA-122455802-3&_gid=640086999.1690905248&_r=1&_slc=1&z=362488536
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://5keyshifts.itsdandi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 15:54:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://5keyshifts.itsdandi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
events.ub-analytics.com/
43 B
282 B
Image
General
Full URL
https://events.ub-analytics.com/i?stm=1690905248129&e=pv&url=https%3A%2F%2F5keyshifts.itsdandi.com%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=a527db8c-ed36-4990-9ce7-68bd221f04ab&dtm=1690905248127&vp=1600x1200&ds=1600x4513&vid=1&sid=ac7354bc-d424-4ba5-aea3-793aad7c51aa&duid=3b8dd364-aad6-4b23-a6ea-366a94ae1dd6&uid=f8354803-ae4d-4d11-84ef-fce544201fd9&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNDg3MmI5ZTMtMTdmMS00NTAxLWFlYjEtMzY1N2M5ODhmY2U2IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.61.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-61-144.compute-1.amazonaws.com
Software
akka-http/10.2.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:54:08 GMT
server
akka-http/10.2.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
collect
region1.google-analytics.com/g/
0
259 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DTQSR4S8PL&gtm=45je37q0&_p=1482989372&cid=1624402902.1690905248&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690905248&sct=1&seg=0&dl=https%3A%2F%2F5keyshifts.itsdandi.com%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1&epn.siteSpeedSampleRate=100
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DTQSR4S8PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 15:54:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://5keyshifts.itsdandi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.ub-assets.com/fonts/s/muli/v28/
30 KB
31 KB
Font
General
Full URL
https://fonts.ub-assets.com/fonts/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Muli:700,regular%7CWork+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-63.muc50.r.cloudfront.net
Software
/
Resource Hash
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Muli:700,regular%7CWork+Sans:600
Origin
https://5keyshifts.itsdandi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 07:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
31196
via
1.1 badff53d2116a4b3d32a2dd1eb918a48.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
21629924
x-amzn-requestid
d9441efc-e502-4e2e-b4d1-396f84ff80f4
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
cGG9dH4SIAMFx1A=
content-length
31224
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:43:05 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-637f1ebc-0323dee714601b213b986974
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
HAwt-4nfJMCOHmVYSnn9pr7BFcEJutf9-V9jQdhJhsSHP2QXZDAkDA==
QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8Jpg.woff2
fonts.ub-assets.com/fonts/s/worksans/v18/
18 KB
19 KB
Font
General
Full URL
https://fonts.ub-assets.com/fonts/s/worksans/v18/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8Jpg.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Muli:700,regular%7CWork+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-63.muc50.r.cloudfront.net
Software
/
Resource Hash
b5595a0f4045f98ff785b89e3f12ad747b441a0622a41710cdf42163f35d325e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Muli:700,regular%7CWork+Sans:600
Origin
https://5keyshifts.itsdandi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 06:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
18848
via
1.1 badff53d2116a4b3d32a2dd1eb918a48.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
21633294
x-amzn-requestid
7039f815-adef-4d45-b4dd-cfc18d9e1f59
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
cF-u6FA1oAMF2xQ=
content-length
18843
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:28 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-637f1192-608a5fce640c79b10248cd10
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
CJyQPeb1sNNwSX29i654d7y7g-M7rXxIuhHWOno6JjKZILN1YcI_Dg==
token
cdn.linkedin.oribi.io/partner/4800129/domain/5keyshifts.itsdandi.com/
36 B
373 B
XHR
General
Full URL
https://cdn.linkedin.oribi.io/partner/4800129/domain/5keyshifts.itsdandi.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:e400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://5keyshifts.itsdandi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:29 GMT
content-encoding
gzip
via
1.1 d11d7fba872e54649066e59f703ad3e6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
39
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=11232
x-amz-cf-id
i5nyHb1YVfheB7L92VlfyHI764hbpwarE3T7amo02hhzoh5Jpku69w==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4800129&time=1690905248236&url=https%3A%2F%2F5keyshifts.itsdandi.com%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4800129&time=1690905248236&url=https%3A%2F%2F5keyshifts.itsdandi.com%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4800129%26time%3D1690905248236%26url%3Dhttps%253A%252F%252F5keyshifts.itsdandi.co...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4800129&time=1690905248236&url=https%3A%2F%2F5keyshifts.itsdandi.com%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4800129&time=1690905248236&url=https%3A%2F%2F5keyshifts.itsdandi.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKiP47l0hWSWgAAAYmxzoPuY7_DZYHWlm5Sq...
0
266 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4800129&time=1690905248236&url=https%3A%2F%2F5keyshifts.itsdandi.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKiP47l0hWSWgAAAYmxzoPuY7_DZYHWlm5Sqj9u7ubz_UYBOOLCj9IYERisErAKhAi2VdTffzG5Bw
Requested by
Host: 5keyshifts.itsdandi.com
URL: https://5keyshifts.itsdandi.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:54:08 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: D7F784B748C0450392EA67B996DFF2C8 Ref B: DUS30EDGE0913 Ref C: 2023-08-01T15:54:08Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYB3o62VzpH6paI/dzGmQ==

Redirect headers

date
Tue, 01 Aug 2023 15:54:08 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 2AAE6769D1154460BF06B93318A25FC7 Ref B: FRAEDGE1314 Ref C: 2023-08-01T15:54:08Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4800129&time=1690905248236&url=https%3A%2F%2F5keyshifts.itsdandi.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKiP47l0hWSWgAAAYmxzoPuY7_DZYHWlm5Sqj9u7ubz_UYBOOLCj9IYERisErAKhAi2VdTffzG5Bw
x-li-proto
http/2
content-length
0
x-li-uuid
AAYB3o6zQNS6CMYi9mlTMw==
5088631.js
js-na1.hs-scripts.com/
2 KB
1 KB
Script
General
Full URL
https://js-na1.hs-scripts.com/5088631.js
Requested by
Host: js.hubspot.com
URL: https://js.hubspot.com/analytics/5088631.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:863b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c729114dfc31749256709c9a451eaeeab61a8c1c06624964e02025382f42658
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:54:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
3140e3cd-7198-4262-adb6-a58afcbb8572
x-envoy-upstream-service-time
10
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3140e3cd-7198-4262-adb6-a58afcbb8572
last-modified
Tue, 01 Aug 2023 15:54:09 GMT
server
cloudflare
x-trace
2BD39A7FD8095138FA4EFB3829AA88EE0A5F48A96A000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://5keyshifts.itsdandi.com
x-evy-trace-virtual-host
all
cache-control
public, max-age=30
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-mv678
cf-ray
7eff420eff733650-FRA
__ptq.gif
track.hubspot.com/
45 B
575 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=600004306&v=1.1&a=5088631&pu=https%3A%2F%2F5keyshifts.itsdandi.com%2F&cts=1690905249024&vi=f890182c137c2b6e7cbad628f5bb085d&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:54:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
fde3f83e-525c-4301-9090-0cde492e8d46
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=86400
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
fde3f83e-525c-4301-9090-0cde492e8d46
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIyOR9Hmbwlf0xlvcuXOvRUW9tWsQlgWnj%2FZHyo1kG7sWvxlfK1qbe1PeEVx%2B3zZ6ogDN0gRSatWLKeQ8rLVZvlsixlwX3gYzdHfgOrI1WRcH0qBMq76zmCJjVhua2F67YVQI259km74%2F6g9%2Fa1I"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-5f6448c676-pwxm2
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7eff420e8d9fbbf5-FRA
x-robots-tag
none
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1482989372&t=timing&_s=2&dl=https%3A%2F%2F5keyshifts.itsdandi.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2281&pdt=2&dns=82&rrt=962&srt=45&tcp=48&dit=1297&clt=1297&_gst=1277&_gbt=1363&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1624402902.1690905248&tid=UA-122455802-3&_gid=640086999.1690905248&z=1906399180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jul 2023 19:48:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72329
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
leadflows.js
js.hsleadflows.net/
539 KB
86 KB
Script
General
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/5088631.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:806e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34e8744466c5ff918e7c5dc146e8dec70cfcdbdd60b773f2bcaa5e5409d7512b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://5keyshifts.itsdandi.com/
Origin
https://5keyshifts.itsdandi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-encoding
br
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1223/bundle/main/lead-flows-release.js&cfRay=7eff4211db0d198f-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"ec18ee4dbbad7ceab888c3cda4eb9705"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=86400, max-age=0
x-hs-target-asset
lead-flows-js/static-1.1223/bundle/main/lead-flows-release.js
date
Tue, 01 Aug 2023 15:54:09 GMT
x-amz-version-id
RJnwkomo1rBqmkgtVuuzVEpsjxOWMbB.
via
1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
0ebca8c5-b284-4a6b-98e3-9c503afe8905
x-cache
Hit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
x-evy-trace-route-configuration
listener_https/all
x-request-id
0ebca8c5-b284-4a6b-98e3-9c503afe8905
last-modified
Tue, 18 Jul 2023 09:47:02 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-qrxbq
cf-ray
7eff4211db0d198f-FRA
x-amz-cf-id
pYHpxQXIDbMCo28AiMO1r3QNeCG63ED3bzEnJJD2AIxtH13ERDj99w==
banner.js
js.hs-banner.com/v2/5088631/
65 KB
20 KB
Script
General
Full URL
https://js.hs-banner.com/v2/5088631/banner.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/5088631.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6b5bc48f29a3baa3c6bad6bb92a1c130d81d521d6433dc9a977c2fe144ac4a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:54:09 GMT
x-amz-version-id
6RJKvhJaWy8b2zuiBK1Yigm0nIm_5CZy
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
9J2QXK5FTJRYYQ5P
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
eca3c3d9-7df0-46b3-95d6-2037cd4e6bac
age
31
x-envoy-upstream-service-time
26
x-amz-id-2
jiP400lpToNm4B6pBtKYY+UaoYXFfM1vP+R17z1Z9yadOkNxBs1j64qbowG4/Nxd56mHxzzfPCg=
x-evy-trace-listener
listener_https
x-request-id
eca3c3d9-7df0-46b3-95d6-2037cd4e6bac
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 31 Jul 2023 22:04:21 GMT
server
cloudflare
etag
W/"e360d3a9e8ba2c5cf2b9b1d916a531b7"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.dandiweekly.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-9vnjb
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7eff4211df7a6931-FRA
expires
Tue, 01 Aug 2023 15:58:38 GMT
fb.js
js.hsadspixel.net/
6 KB
3 KB
Script
General
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/5088631.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:79be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e10ce26ead0eca58cd5346843538415611b745bfd29825322efad56424a4c911
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:54:09 GMT
x-amz-version-id
aAzOiTTzU7.XykyGrcpmeR7PTeB2LyLv
via
1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
78
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.387/bundles/pixels-release.js&cfRay=7eff40281ea23626-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
45a7c99a-5cf1-426d-96b8-18ad036b1d8f
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
45a7c99a-5cf1-426d-96b8-18ad036b1d8f
last-modified
Tue, 18 Jul 2023 03:27:27 UTC
server
cloudflare
etag
W/"784f994871e489c9943a65326d43e875"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-8rxrz
cf-ray
7eff4211ece53654-FRA
x-amz-cf-id
Ne-cbUxKhqP4ebSbZjeZWurd9lG9WztPNQNOEYfoJxmz2tI6s3zbkQ==
x-hs-target-asset
adsscriptloaderstatic/static-1.387/bundles/pixels-release.js
collectedforms.js
js.hscollectedforms.net/
69 KB
25 KB
Script
General
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/5088631.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6dc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f54b61a120e0240c98428d76beab031099f4f0379cbc623de071277255088fdc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://5keyshifts.itsdandi.com/
Origin
https://5keyshifts.itsdandi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:54:09 GMT
x-amz-version-id
3rNMTio6eswfsQ6sgXOFNNmyULDAVi34
via
1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
580cb687-459e-4275-a22f-6db5b736087b
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.380/bundles/project.js&cfRay=7eff4211dc113a7f-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
580cb687-459e-4275-a22f-6db5b736087b
last-modified
Mon, 10 Jul 2023 09:43:19 UTC
server
cloudflare
etag
W/"85b7f9af32b27bd6cc93e80bfb2911df"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-qrxbq
cf-ray
7eff4211dc113a7f-FRA
x-amz-cf-id
iQC264_VuFUEHviOKVy_DF7w3nAIRH_odPPyXf1dRRVEMrSO48JRWw==
x-hs-target-asset
collected-forms-embed-js/static-1.380/bundles/project.js
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/
114 B
1 KB
XHR
General
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=5088631
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc08b015e76c2c1de73d42205fea469a5fa364781adf4a8d9cdbf191cdd806a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:54:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
32326f44-942f-4ca0-8f70-3f15b6af71bf
content-encoding
br
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
32326f44-942f-4ca0-8f70-3f15b6af71bf
server
cloudflare
x-trace
2BE84B28DB8E1AC5F347F836DE8CF3A15141B7393E000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://5keyshifts.itsdandi.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-xrsrb
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyhabQMgRzX8hJrO14m6LDfOa5DZmm7LMuM1RzO4HkXiH3gL1kiemU3oeITEqYT0iOUPVSsUUkuBbNc94XLKKrquCiN71eOA3%2BvGzv7lWa1Rzz76G%2BxO60fLsBPHRBBUMxUtXEtcTUE%2BPnhm"}],"group":"cf-nel","max_age":604800}
cf-ray
7eff42126ed930e4-FRA
access-control-allow-headers
*
json
forms.hscollectedforms.net/collected-forms/v1/config/
115 B
438 B
XHR
General
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=5088631&utk=f890182c137c2b6e7cbad628f5bb085d
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6dc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a115c27f96ffbc0d29c8e72bac8af0e074b38b7062bad00f70ca306d73bd2c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://5keyshifts.itsdandi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:54:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
a61b5587-89b0-4f97-82a5-6d433bb32242
x-envoy-upstream-service-time
2
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
a61b5587-89b0-4f97-82a5-6d433bb32242
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://5keyshifts.itsdandi.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-xhv87
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
7eff4212fdb93a7f-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/
13 KB
5 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:28c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:54:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 Jul 2023 09:07:54 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=58856
accept-ranges
bytes
content-length
4862
json
forms.hubspot.com/lead-flows-config/v1/config/
178 B
1 KB
XHR
General
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5088631&utk=f890182c137c2b6e7cbad628f5bb085d&__hstc=139417196.f890182c137c2b6e7cbad628f5bb085d.1690905249019.1690905249019.1690905249019.1&__hssc=139417196.1.1690905249019&currentUrl=https%3A%2F%2F5keyshifts.itsdandi.com%2F
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c08b6b433fbdca8b68a222d544e93ed8c0b8a1bd2d39aadbef6ccec5f9901de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:54:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
c2badb3c-2575-48a0-ba00-29e102999081
content-encoding
br
x-envoy-upstream-service-time
25
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c2badb3c-2575-48a0-ba00-29e102999081
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://5keyshifts.itsdandi.com
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
false
cache-control
max-age=0, no-cache, no-store
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLoXLiSuoQR91P1c89RuNehMt0zTiUZfLhxRWdykjVQMPJFFznwPxS4ef6fVFlo3Gfvw210qYmps4A3NC2E8vQKCc2TV4SYti8eAm%2BMPN6cUh%2BdCT9Rg6%2FiRJse4N%2F0PcVjI9uZWNIkoW8PS9wrV"}],"group":"cf-nel","max_age":604800}
x-robots-tag
none
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
7eff42142a104d46-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-759c64d45c-g2zls
counters.gif
forms.hsforms.com/embed/v3/
35 B
1016 B
Image
General
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 15:54:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
3460e59d-3264-4fca-b1b2-7b37b58101e1
x-envoy-upstream-service-time
4
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3460e59d-3264-4fca-b1b2-7b37b58101e1
Server
cloudflare
X-Trace
2BA141E0B7441D78CBE9736ACF60044D3CA8ACC010000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-759c64d45c-zlsgj
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7eff42142a721c13-FRA
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DTQSR4S8PL&gtm=45je37q0&_p=1482989372&cid=1624402902.1690905248&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1690905248&sct=1&seg=0&dl=https%3A%2F%2F5keyshifts.itsdandi.com%2F&dt=&en=page_variant&_ee=1&epn.siteSpeedSampleRate=100&ep.variant_id=a&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DTQSR4S8PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5keyshifts.itsdandi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 15:54:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://5keyshifts.itsdandi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| lp object| ub object| module string| GoogleAnalyticsObject function| ga object| eventTracker object| dataLayer function| gtag string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ object| UnbounceSnowplowNamespace function| ubSnowplow object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| google_tag_manager function| onYouTubeIframeAPIReady boolean| _already_called_lintrk object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hstc_ran object| _hsp string| __hsUserToken number| expireDateTime object| e boolean| PIXELS_RAN object| enabledEventSettings boolean| _hspb_loaded boolean| _hspb_ran object| __hsCollectedFormsDebug object| globalRoot undefined| hns function| bindToWindowOnError object| leadflows object| hubspot function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN boolean| LEAD_FLOW_DOCUMENT_READY_RAN

20 Cookies

Domain/Path Name / Value
5keyshifts.itsdandi.com/ Name: ubvs
Value: f8354803-ae4d-4d11-84ef-fce544201fd9
.itsdandi.com/ Name: ubvt
Value: v2%7Cf8354803-ae4d-4d11-84ef-fce544201fd9%7C4872b9e3-17f1-4501-aeb1-3657c988fce6%3Aa%3Asingle
5keyshifts.itsdandi.com/ Name: ubpv
Value: a%2C4872b9e3-17f1-4501-aeb1-3657c988fce6
.itsdandi.com/ Name: _gid
Value: GA1.2.640086999.1690905248
.itsdandi.com/ Name: _gat
Value: 1
.itsdandi.com/ Name: _ga
Value: GA1.1.1624402902.1690905248
.itsdandi.com/ Name: _ga_DTQSR4S8PL
Value: GS1.1.1690905248.1.0.1690905248.0.0.0
.hubspot.com/ Name: __cf_bm
Value: kef5EfepxFruRykCLGdiIBpxHTEuENpIW_Gd3Jbx9K4-1690905248-0-AdWQ8fqpcv6znMVF/02q9YNdDxNQg0mHa4i2BWYLmTFgg4DRo3G8t/DL6Vnu3zvyXnYIXL4DDVBjh6qpO9hV8Vk=
5keyshifts.itsdandi.com/ Name: ln_or
Value: eyI0ODAwMTI5IjoiZCJ9
.linkedin.com/ Name: li_sugr
Value: c16a01ba-b89f-41b8-802c-56e5671a6ee6
.linkedin.com/ Name: bcookie
Value: "v=2&e849810c-dba6-4ebc-86d0-8daab1e1ceb0"
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2968:u=1:x=1:i=1690905248:t=1690991648:v=2:sig=AQEy4REr1D38BpcuTEPU02N2m1Hpgla8"
.linkedin.com/ Name: UserMatchHistory
Value: AQLHhRmg2KgkqAAAAYmxzoLnGVJTFSFBvfSrzkfUcOo4oKfVsvN_2BwhjL-HSoqh0igY2fSqr_lKCg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQILdm1sQUgGGgAAAYmxzoLnXVfhReJjn02ZdbCLzTSsn_h23Cpq32-Gjj2R3SYEOJ0pU0hemlApJ4ZWfkXSqg
.www.linkedin.com/ Name: bscookie
Value: "v=1&2023080115540877454f1d-c223-4caa-8616-3d21409d831cAQEFPgwgpJ4QhQgOLZ_1jmnlEhOlYWtC"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTA5MDUyNDg7MjswMjE2/GfPi4t7NUrpl+GwqmZj3+7VXkf4Qim2CnSV2Gmwtg==
.itsdandi.com/ Name: __hstc
Value: 139417196.f890182c137c2b6e7cbad628f5bb085d.1690905249019.1690905249019.1690905249019.1
.itsdandi.com/ Name: hubspotutk
Value: f890182c137c2b6e7cbad628f5bb085d
.itsdandi.com/ Name: __hssrc
Value: 1
.itsdandi.com/ Name: __hssc
Value: 139417196.1.1690905249019

1 Console Messages

Source Level URL
Text
network error URL: https://www.googletagmanager.com/gtm.js?id=%20GTM-W869PT7
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5keyshifts.itsdandi.com
ajax.googleapis.com
api.hubapi.com
app.salesloft.com
builder-assets.unbounce.com
cdn.linkedin.oribi.io
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.ub-assets.com
forms.hscollectedforms.net
forms.hsforms.com
forms.hubspot.com
js-na1.hs-scripts.com
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
js.hubspot.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
sl.itsdandi.com
snap.licdn.com
track.hubspot.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
13.107.42.14
18.173.154.65
18.66.192.63
2001:4860:4802:34::36
2600:9000:21f3:d000:b:3165:13c0:21
2600:9000:26db:e400:2:53b2:240:93a1
2606:4700::6810:79be
2606:4700::6811:6dc7
2606:4700::6811:806e
2606:4700::6811:cccc
2606:4700::6811:d6f3
2606:4700::6812:19c4
2606:4700::6812:863b
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a02:26f0:3100::1735:28c0
3.126.202.50
34.192.61.144
52.222.250.57
52.28.77.224
54.144.52.150
09f68d811625904ff147c6ec3f62a7c75a8fee54285303f92a86ead65c125526
1377fc7bb241f7fa5770339e1443c32dda63fe66c26e3d9301aad044fb2f8875
1c08b6b433fbdca8b68a222d544e93ed8c0b8a1bd2d39aadbef6ccec5f9901de
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
216ef06aa5b36236b965f3f39521e034ab81f6647366b433f883a166e4694b86
21bcf3c7aa9d7c6675385a67ecd0980fef32d1a0f0205eebc831673596bf1024
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
2a115c27f96ffbc0d29c8e72bac8af0e074b38b7062bad00f70ca306d73bd2c7
2b1dc0c822025e083c25b84a0e01775d267915b09617c95331eeb4397aec62df
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
305a2f1d37cca1b5f039fdaeed532cdf01449a3c5f83acf4b8ce81ee6b1ce38c
34e8744466c5ff918e7c5dc146e8dec70cfcdbdd60b773f2bcaa5e5409d7512b
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15
4c729114dfc31749256709c9a451eaeeab61a8c1c06624964e02025382f42658
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
5d4ec235cc65b0287715a97e534b7d6f80bc0149042d9783fa90fbed2245831b
6034d6c1a19fa7d6a901a62fa13eb65933653a5ac38e84df40966096db396439
63ad201a622325ced6efa603fb613a027b65af21a90c1a835cd08100dd73c28b
648dc570c1e9d69ea77a15461ba0caba6b057c1f3e6a80a1534f928df3790a29
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e9dab635ff141d80baf5cf57f08a496f78040d035090b2e8fce264a8085c207
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
81d64d817cf00d8695dd1476038bb00677fda8ad94028a10f68e22daeebc2b94
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ae20f2ae0532927212ab2f6e7aa553ab5e53def110207c51069473d2a60a1c
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86
8c357668a3d00f2e6cd49604bc10f57ddf35824b30ac25089d5c09bad0d8a528
9219ab104036b9450f3c753046109d895428c7683b01461d1f443412b128f55c
92cceb4c2b2d6e345ce6f4a317436872aaa35fcfc47d5928259e0f23fb114e1f
92fc4c59f65dac159554f7d3b1bfe7bb2e5981f7be52a4e6f9ad6f1879f96180
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab
b5595a0f4045f98ff785b89e3f12ad747b441a0622a41710cdf42163f35d325e
c25ca27b80859dc1a81e627197ea40788f12afaa28b818b3d20aeae7258aeb0a
c6b5bc48f29a3baa3c6bad6bb92a1c130d81d521d6433dc9a977c2fe144ac4a5
c8a17d61ad772259249a0dc95c8fc53e451a34365a130621d77f85c6414f4ec2
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d0c0377e35f0e3966df864411a490e2b795d71fd2b73d73aeacd2dadbe2bbd3d
dbbe8f80229b92bf9c41649cb02952aa702422703e3744acb2832ae82ce75d11
dc08b015e76c2c1de73d42205fea469a5fa364781adf4a8d9cdbf191cdd806a0
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd75f9872d7dec87df22e01f5e4d0903dcf521e6696ddb74985795a90491c76f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e10ce26ead0eca58cd5346843538415611b745bfd29825322efad56424a4c911
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec33a33d9dced9476ae49e08eeda8804ad7a04a9ca497c1107b102e04fea2ac1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f54b61a120e0240c98428d76beab031099f4f0379cbc623de071277255088fdc
fa18f14bc75081fe53429f2f3ce0c8cef876f5579a282d29dccf086ebbf507a6
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25