qsafetytraining.com Open in urlscan Pro
2606:4700:20::ac43:4996 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://qsafetytraining.com/calendar/
Submission: On August 13 via api (August 13th 2023, 9:35:04 pm UTC) from US — Scanned from DE

Summary HTTP 89 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 31 IPs in 3 countries across 29 domains to perform 89 HTTP transactions. The main IP is 2606:4700:20::ac43:4996, located in United States and belongs to CLOUDFLARENET, US. The main domain is qsafetytraining.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 7th 2023. Valid for: a year.

This is the only time qsafetytraining.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:20:... 2606:4700:20::ac43:4996	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:863b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	168.235.82.161 168.235.82.161	3842 (RAMNODE) (RAMNODE)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:249... 2600:9000:2491:a200:17:1595:9ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:175e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	104.247.194.10 104.247.194.10	46261 (QUICKPACKET) (QUICKPACKET)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:6cc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:77be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:806e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:8cce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:18c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1f7c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d4f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
89	31

2 2606:4700:20::ac43:4996 (United States)

ASN13335 (CLOUDFLARENET, US)

qsafetytraining.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:863b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.235.82.161 (United States)

ASN3842 (RAMNODE, US)
PTR: 168-235-82-161.cloud.ramnode.com

bookeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:a200:17:1595:9ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.static.spiffy.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:175e (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.247.194.10 (Los Angeles, United States)

ASN46261 (QUICKPACKET, US)

www-1569q.bookeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:6cc7 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:77be (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:806e (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8cce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f7c (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4f3 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	tawk.to embed.tawk.to — Cisco Umbrella Rank: 9323 va.tawk.to — Cisco Umbrella Rank: 8821	203 KB
13	bookeo.com bookeo.com — Cisco Umbrella Rank: 136002 www-1569q.bookeo.com — Cisco Umbrella Rank: 861061	605 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	246 KB
4	gstatic.com fonts.gstatic.com	74 KB
4	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 96	84 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	18 KB
3	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 39576	1 KB
3	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2185	16 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 725	134 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5933	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 114	407 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2770 www.google.com — Cisco Umbrella Rank: 3	664 B
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4735 forms.hscollectedforms.net — Cisco Umbrella Rank: 4829	26 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	21 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 8338 prism.app-us1.com — Cisco Umbrella Rank: 8423	8 KB
2	center.io js.center.io — Cisco Umbrella Rank: 47646	8 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	154 KB
2	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 45930	90 KB
2	qsafetytraining.com qsafetytraining.com	47 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 356	39 KB
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4264	1016 B
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 8610	315 B
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2249	1 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2182	21 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4376	86 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3247	3 KB
1	spiffy.co js.static.spiffy.co — Cisco Umbrella Rank: 953992	12 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2442	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	2 KB
89	29

	Domain	Requested by
18	embed.tawk.to	qsafetytraining.com embed.tawk.to
12	www-1569q.bookeo.com	bookeo.com www-1569q.bookeo.com
5	va.tawk.to	embed.tawk.to
4	connect.facebook.net	qsafetytraining.com connect.facebook.net
4	fonts.gstatic.com	fonts.googleapis.com
4	lh3.googleusercontent.com	qsafetytraining.com
3	www.facebook.com	connect.facebook.net
3	api.leadpages.io	js.center.io
3	js.hs-banner.com	js.hs-scripts.com js.hs-banner.com
2	static.xx.fbcdn.net	www.facebook.com
2	www.google.de
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	js.center.io	qsafetytraining.com js.center.io
2	www.googletagmanager.com	qsafetytraining.com www.googletagmanager.com
2	static.leadpages.net	qsafetytraining.com static.leadpages.net
2	qsafetytraining.com	qsafetytraining.com
1	cdn.jsdelivr.net	embed.tawk.to
1	forms.hsforms.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	www.google.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	track.hubspot.com
1	region1.analytics.google.com	www.googletagmanager.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	diffuser-cdn.app-us1.com	qsafetytraining.com
1	js.static.spiffy.co	qsafetytraining.com
1	bookeo.com	qsafetytraining.com
1	js.hs-scripts.com	qsafetytraining.com
1	fonts.googleapis.com	qsafetytraining.com
89	34

This site contains links to these domains. Also see Links.

Domain
www.qsafetyacademy.com
qsafetypro.com
meetings.hubspot.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-07` - `2024-06-06`	a year	crt.sh
static.leadpages.net GTS CA 1D4	`2023-06-22` - `2023-09-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.bookeo.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-08` - `2024-03-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
js.center.io GTS CA 1D4	`2023-07-17` - `2023-10-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-23` - `2023-08-21`	3 months	crt.sh
static.spiffy.co Amazon RSA 2048 M02	`2023-02-23` - `2024-01-30`	a year	crt.sh
diffuser-cdn.app-us1.com E1	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.leadpages.io Go Daddy Secure Certificate Authority - G2	`2022-10-27` - `2023-10-22`	a year	crt.sh
prism.app-us1.com E1	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://qsafetytraining.com/calendar/
Frame ID: 33A59BE764809A4DA2A46B95249EA590
Requests: 66 HTTP requests in this frame

Frame: https://www-1569q.bookeo.com/-misc-widgetProvider.html?aguid=41569HXTM9T186964558CD&t=4xvS70ar10Ux%2FkgysCu8o5FbqTaCo0PAwPlkRu685ic%3D&c=03a&xdm_e=https%3A%2F%2Fqsafetytraining.com&xdm_c=default4136&xdm_p=1
Frame ID: A904B7FDA473B8238D7641457E8DDA9A
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5e0cf8f34d364%26domain%3Dqsafetytraining.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fqsafetytraining.com%252Ff19dbfcb39ab868%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fqsafetytraining.com%2Fcalendar%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large&width=225
Frame ID: 825B607D587BFD868D6B3BE22C492EC2
Requests: 3 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 90731F1D643D23FC9ED0FD719994FA95
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F1B1585CAA455CFA4840426F1EA7961C
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/64d21bf31fc/css/min-widget.css
Frame ID: E5974D94EF3275D44B1D4835A61AB6EA
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/64d21bf31fc/css/message-preview.css
Frame ID: 90F5A7BBBCD8D48480CF76AD580CEBA4
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/64d21bf31fc/css/max-widget.css
Frame ID: 465B4B001465FF0421D07126822E7B10
Requests: 1 HTTP requests in this frame

Frame: https://www-1569q.bookeo.com/bookeo/startroute_41569HXTM9T186964558CD?ralias=true&axiomframed=true&inwidget=true&a=41569HXTM9T186964558CD&aguid=41569HXTM9T186964558CD&axiom_bid=klpumpamaculejyk&w=2062654812&t=4xvS70ar10Ux%2FkgysCu8o5FbqTaCo0PAwPlkRu685ic%3D&c=03a&m=252c26362d39
Frame ID: AFE7C6FED95AE99F7AF49D078B2D257B
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detected technologies

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

89
Requests

100 %
HTTPS

87 %
IPv6

29
Domains

34
Subdomains

31
IPs

3
Countries

1904 kB
Transfer

6689 kB
Size

15
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.qsafetyacademy.com/subscription/q-safety-academy-career-pass
Title: LEARN MORE

Search URL Search Domain Scan URL

URL: https://qsafetypro.com/register
Title: REGISTER ON QSAFETYPRO.COM

Search URL Search Domain Scan URL

URL: https://meetings.hubspot.com/q-safety-consultants/intro-with-q-safety
Title: IT DOESN'T COST YOU ANYTHING TO KNOW WHERE YOU STAND.BOOK A MEETING WITH US TODAY. LEARN HOW WE CAN HELP.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/QSafetyTraining
Title: .css-4e78w1{position:absolute;height:1px;width:1px;overflow:hidden;-webkit-clip:rect(1px 1px 1px 1px);clip:rect(1px 1px 1px 1px);-webkit-clip:rect(1px,1px,1px,1px);clip:rect(1px,1px,1px,1px);white-space:nowrap;}Share on Facebook.css-168f5rq{color:white;}

Search URL Search Domain Scan URL

URL: https://twitter.com/QSafetyTraining
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/qsafetytraining/
Title: Share on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/qsafetytraining/
Title: Share on Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@qsafetyconsultants
Title: Share on Youtube

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

89 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
qsafetytraining.com/calendar/ 222 KB
43 KB 515ms
447ms Document
text/html 2606:4700:20::ac43:4996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qsafetytraining.com/calendar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4996 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5517506ced67884100bf4d987ab88002364d1b91f5e6640e92f6ce5e101d93fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7f6415cd9cf61e4b-FRA
content-encoding: br
content-type: text/html
date: Sun, 13 Aug 2023 21:34:58 GMT
last-modified: Sat, 15 Jul 2023 00:02:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qu0MyM61GJfJ4t17vmGOcMLsd9Nav8IkY5i6%2F6F6NQFldJwZbZeJ5HZ9af0sCuJyoOQ9fO9zTmQhqebKMd1v%2FeR58NIVzwDaJDZLNGYVMxykaaCmysv4lomAlLq5%2BI8AJKEGW%2BxJsSYRFrRzEuzjxoM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 58 KB
15 KB 70ms
14ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: qsafetytraining.com
URL: https://qsafetytraining.com/calendar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 20:58:47 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 1470971
etag: "DIn4BQ"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: ad6695a2b64cfff46af02a6efcfb4820
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Fri, 26 Jul 2024 20:58:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 51 KB
2 KB 141ms
53ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: qsafetytraining.com
URL: https://qsafetytraining.com/calendar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9699318e4e82df12cab03d0a1f6543e9de872249c3a60d4fdce3588fbb2059bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 21:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 21:34:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 21:34:58 GMT

GET
H2 200 rocket-loader.min.js Show response
qsafetytraining.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
9ms Script
application/javascript 2606:4700:20::ac43:4996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qsafetytraining.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: qsafetytraining.com
URL: https://qsafetytraining.com/calendar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4996 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/calendar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Aug 2023 18:20:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64d135f1-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GIc7DASVo%2FF34hzc5ZJpZumYJhluvT8rrLZdkxVtNy5g1QdYkiemo11AffsloVLYd2jSAe9BshcpKnrBbiiqqNOiBBB6AC1NL6yDLc0BRSrFHv4vD7IeXQPLxEguSOEi4wTjkSQzAK57iE56xapwRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7f6415d078c11e4b-FRA
expires: Tue, 15 Aug 2023 21:34:58 GMT

GET
H2 200 jKUybvFPjP1WgCYmzk4sMN-XpIOhppDzYrMTqI16FMY7nxnimrOIwlKsejYMQXL0vSXnqdqIVo5aqpf4OaFv_kgiOoaafoCYmBw=s0
lh3.googleusercontent.com/ 36 KB
37 KB 610ms
489ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/jKUybvFPjP1WgCYmzk4sMN-XpIOhppDzYrMTqI16FMY7nxnimrOIwlKsejYMQXL0vSXnqdqIVo5aqpf4OaFv_kgiOoaafoCYmBw=s0

Requested by

Host: qsafetytraining.com
URL: https://qsafetytraining.com/calendar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b1bfd3adef0f635ce659012dae1fbb44ee8694f65c74c8b18dba3611af3e1646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37289
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 14 Aug 2023 21:34:59 GMT

GET
H2 200 GaqD8iXUeMZr2SBbDI3imZx1wqafbi0gax4ZU3JdGEntPFqqyb75AK9HWAVKIG45QP7YWPN6gkHjxuMdYhwZjs9ts50yD5a3N1t0=s0
lh3.googleusercontent.com/ 18 KB
18 KB 605ms
517ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/GaqD8iXUeMZr2SBbDI3imZx1wqafbi0gax4ZU3JdGEntPFqqyb75AK9HWAVKIG45QP7YWPN6gkHjxuMdYhwZjs9ts50yD5a3N1t0=s0

Requested by

Host: qsafetytraining.com
URL: https://qsafetytraining.com/calendar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f1a5c45341f92eb3a52514b47288c7fa097149210573bb32ba52d448623a602d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18001
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 14 Aug 2023 21:34:59 GMT

GET
H2 200 ulv7B2FpuBWPzTf7VbVQxMtw2CB7jJIgHnmIk-BKEiGgbCZU46CtmUlraGmKPY_k_KXrJIeIf4w62rdrK0AQZF_7Xx4zlXwtMeI=s0
lh3.googleusercontent.com/ 29 KB
29 KB 540ms
452ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ulv7B2FpuBWPzTf7VbVQxMtw2CB7jJIgHnmIk-BKEiGgbCZU46CtmUlraGmKPY_k_KXrJIeIf4w62rdrK0AQZF_7Xx4zlXwtMeI=s0

Requested by

Host: qsafetytraining.com
URL: https://qsafetytraining.com/calendar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ef7b1897c92933aba73b0091637b578e943e7ca14f897c33c49ae627355ffb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29851
x-xss-protection: 0
expires: Mon, 14 Aug 2023 21:34:59 GMT

GET
H2 200 e4Lq7cBeg2hpWws6x5jkq6m2NJWHWKzDcL3Qz_tIqoSh5c2YeKUDgcbgsSORCk45mSZj6DbECZ1n7NHYCmTvWcGix1iPfGkFo84=w16
lh3.googleusercontent.com/ 805 B
1 KB 487ms
411ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/e4Lq7cBeg2hpWws6x5jkq6m2NJWHWKzDcL3Qz_tIqoSh5c2YeKUDgcbgsSORCk45mSZj6DbECZ1n7NHYCmTvWcGix1iPfGkFo84=w16

Requested by

Host: qsafetytraining.com
URL: https://qsafetytraining.com/calendar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1de1eaa47235a36bf6abb881572290cc29cd2938c416202b0d2c0e95b291615f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 805
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 14 Aug 2023 21:34:59 GMT

GET
H3 200 fa-brands-400.woff2
static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/ 76 KB
76 KB 48ms
15ms Font
font/woff2 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/fa-brands-400.woff2
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d

Request headers

Referer: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Origin: https://qsafetytraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:14:22 GMT
via: 1.1 google
server: Google Frontend
age: 1646436
etag: "DIn4BQ"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: 07a45a0088121c5bebb7b709b26f59e3
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77400
expires: Wed, 24 Jul 2024 20:14:22 GMT

GET
H2 200 2696541.js Show response
js.hs-scripts.com/ 2 KB
1 KB 454ms
405ms Script
application/javascript 2606:4700::6812:863b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/2696541.js

Requested by

Host: qsafetytraining.com
URL: https://qsafetytraining.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:863b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

989812a905f6593ad9753acfe8e4144be665523cb55c7bcb2bd6aa8b1f56ef59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6ce509ed-e4b1-45de-b2d7-33c943fd78c8
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6ce509ed-e4b1-45de-b2d7-33c943fd78c8
last-modified: Sun, 13 Aug 2023 21:34:59 GMT
server: cloudflare
x-trace: 2B2F065AA4B2FEAC3D7CA6E7B042B7934F1272FEE1000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://qsafetytraining.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6c94986c56-dcgvm
cf-ray: 7f6415d1bdef3a4f-FRA
expires: Sun, 13 Aug 2023 21:35:59 GMT

GET
H2 200 widget.js Show response
bookeo.com/ 121 KB
28 KB 311ms
100ms Script
text/javascript 168.235.82.161
RAMNODE

General

Check archive.org

Show headers Download Go to

Full URL

https://bookeo.com/widget.js?a=41569HXTM9T186964558CD

Requested by

Host: qsafetytraining.com
URL: https://qsafetytraining.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

168.235.82.161 , United States, ASN3842 (RAMNODE, US),

Reverse DNS

168-235-82-161.cloud.ramnode.com

Software

Resource Hash

f31b42fc3944926b4ca45e7c7a7d20685ecff52ab1f7dae707d5b9894bffd390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, User-Agent
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
65 KB 138ms
53ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-43303531-1

Requested by

Host: qsafetytraining.com
URL: https://qsafetytraining.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9a10523b5816c152278ca2b88e77d8e10e0dffa98ff0ca82e29ac4742d097f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66550
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 13 Aug 2023 21:34:58 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 122ms
37ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qsafetytraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 11:44:08 GMT
x-content-type-options: nosniff
age: 467450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Aug 2024 11:44:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 171ms
88ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qsafetytraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 235686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 04:06:52 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v30/ 14 KB
14 KB 182ms
100ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v30/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qsafetytraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 00:00:56 GMT
x-content-type-options: nosniff
age: 250442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14256
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 22:02:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 00:00:56 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v30/ 14 KB
14 KB 157ms
76ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v30/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c2a54278c4cb87438f4a1c73242d727fc3eea82dc59abb393dd3937b17ce1d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qsafetytraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 00:00:56 GMT
x-content-type-options: nosniff
age: 250442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14100
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 22:02:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 00:00:56 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 116ms
21ms Script
application/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: qsafetytraining.com
URL: https://qsafetytraining.com/calendar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:30:51 GMT
content-encoding: gzip
server: Google Frontend
age: 248
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: e359db8a33197b359ce13da118de24e8
cache-control: public, max-age=300
content-length: 5417
expires: Sun, 13 Aug 2023 21:35:51 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 33ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: qsafetytraining.com
URL: https://qsafetytraining.com/calendar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

07b896a6d0efd4c2b706477a0f2c2ada2dff59d654a3cd4bf2ed84333a90d7c7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 13 Aug 2023 21:34:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47245
x-xss-protection: 0
pragma: public
x-fb-debug: QIyqqpYn3X9hJLEL3r2FZ6ujtbXmI+gTgkT/2o7v1zuNDP+K22qh7p3AdxINVXzn/8mFpGnESBLSeXIuW9rnGQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 spiffy.js Show response
js.static.spiffy.co/ 38 KB
12 KB 109ms
8ms Script
application/javascript 2600:9000:2491:a200:17:1595:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.static.spiffy.co/spiffy.js?a=qsafetytraining
Requested by: Host: qsafetytraining.com
URL: https://qsafetytraining.com/calendar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a200:17:1595:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffc6f22b8fee0e5b073e5d5a560397a317b95f5d76c88f0de0f55b9ccc246072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: n7DZzTEIMyw6IwNrkPbbMUQTXogNdreB
content-encoding: gzip
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
date: Sun, 13 Aug 2023 03:12:43 GMT
last-modified: Sun, 23 Jul 2023 21:45:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 66137
x-amz-server-side-encryption: AES256
etag: W/"a31a647683c5b1ba1ca8964fe9a8dbdb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: ELWTfXF-5T2UDJaaikBmE0ah8sixTDDlgWZSoQzpuYxqGkbO4n3nWA==

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 31 KB
7 KB 64ms
22ms Script
application/javascript 2606:4700::6810:175e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: qsafetytraining.com
URL: https://qsafetytraining.com/calendar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:175e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
content-encoding: gzip
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P2
age: 212
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
server: cloudflare
etag: W/"613257bb316d347d9417023321c6d62f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 7f6415d54ada9137-FRA
x-amz-cf-id: vCN0QAerVkLqK7LsO-33OAmuBobBdfpIHvTKpJ5_qqp0_-QNlAudRw==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 12ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: qsafetytraining.com
URL: https://qsafetytraining.com/calendar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c5bf3fb4b660680736a4b05455a3bb1c0a3eb34b5260ee229f1b086b6a846ed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Aug 2023 21:34:59 GMT
content-md5: Y6q0qFK8qXQc2LuIzTciEg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-debug: YElGV1l9G5PvVasrrprpOzoLxO61Rz/JwsXqLEOoJzNFLvua6LFwBa1naL7HAyqa+qxdVEsvx3DQP9bA7p93lw==
x-fb-content-md5: a05dfe4830a0cc1c785d62cd09f75e10
cross-origin-opener-policy: same-origin-allow-popups
etag: "921574ffdebbe23084b501cf17d74ae1"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 13 Aug 2023 21:50:02 GMT

GET
H2 200 1g8pn9210 Show response
embed.tawk.to/62de118b37898912e95f6dfc/ 2 KB
923 B 497ms
470ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/62de118b37898912e95f6dfc/1g8pn9210

Requested by

Host: qsafetytraining.com
URL: https://qsafetytraining.com/calendar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3736cf7c2e75decbde0cf53d82918d702f484eb4459b875af595d02996a3e0f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qsafetytraining.com/
Origin: https://qsafetytraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"stable-v4-64d21bf31fc"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 7f6415d54ef63a76-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK -misc-widgetProvider.html Show response
www-1569q.bookeo.com/ Frame A904 840 B
912 B 651ms
157ms Document
text/html 104.247.194.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1569q.bookeo.com/-misc-widgetProvider.html?aguid=41569HXTM9T186964558CD&t=4xvS70ar10Ux%2FkgysCu8o5FbqTaCo0PAwPlkRu685ic%3D&c=03a&xdm_e=https%3A%2F%2Fqsafetytraining.com&xdm_c=default4136&xdm_p=1

Requested by

Host: bookeo.com
URL: https://bookeo.com/widget.js?a=41569HXTM9T186964558CD

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.247.194.10 Los Angeles, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

Software

Resource Hash

90e9f8331eaf3ee9def38f9098e6896c4c671768bf5f6f71c7affb773eb147fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://qsafetytraining.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 389
Content-Type: text/html;charset=utf-8
Date: Sun, 13 Aug 2023 21:34:59 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding, User-Agent
X-Bookeo-ResponseId: 1569q_189f0d2e379

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
88 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5QTRLVWQFY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-43303531-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bbca372b5a87777db54d450b75c7b61697d5545402470b49f715a697d9831008

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90271
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 13 Aug 2023 21:34:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 61ms
14ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-43303531-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Aug 2023 20:01:00 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5639
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 13 Aug 2023 22:01:00 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 160ms
119ms Script
application/javascript 2606:4700::6811:6cc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2696541.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6cc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

026c249acda71b64fe2510542d88ae26073694f89b595b1fd0e9f3ad501bf6b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://qsafetytraining.com/
Origin: https://qsafetytraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
x-amz-version-id: EcjZkyUfgxNGQ.xnv1Vqq9Oda2f1T.dE
via: 1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 896832a8-2201-46ac-8d76-c5d9273033a2
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.394/bundles/project.js&cfRay=7f6415d59dea9956-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 896832a8-2201-46ac-8d76-c5d9273033a2
last-modified: Wed, 09 Aug 2023 09:05:38 UTC
server: cloudflare
etag: W/"6fb5b8aa66d730f2a49b41a9c712ffa7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-v9tfr
cf-ray: 7f6415d59dea9956-FRA
x-amz-cf-id: ekKt9fkSSOR3f85fCImwnEcZ0Tre2jnKhbiZJ4szbeuj7r2sGsF_Iw==
x-hs-target-asset: collected-forms-embed-js/static-1.394/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 61ms
21ms Script
application/javascript 2606:4700::6810:77be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2696541.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:77be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36a58b231f4bd34d323b5a7da9caf1a2706ecc87ca22a822763b96659043017e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
x-amz-version-id: jPXu6qi.g7uxBjG4s6uCQIhIPiNAy8nk
via: 1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 312
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.396/bundles/pixels-release.js&cfRay=7f640e350e861d8c-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 229cef6e-08bd-43b1-aa70-7d348957ebf2
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 229cef6e-08bd-43b1-aa70-7d348957ebf2
last-modified: Mon, 07 Aug 2023 08:57:08 UTC
server: cloudflare
etag: W/"c80164a2fdf0ea90248ff107d11fb350"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-v9tfr
cf-ray: 7f6415d59a658fdd-FRA
x-amz-cf-id: 1fiGAvmcXznURvlD69rj96O-x3Y6Yn-1pHl5UJ5c0abG18cbqC6L4w==
x-hs-target-asset: adsscriptloaderstatic/static-1.396/bundles/pixels-release.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 540 KB
86 KB 149ms
123ms Script
application/javascript 2606:4700::6811:806e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2696541.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:806e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96ea6b1e986879257e104371bf5f0cb0bf2bb9957a1aa73fa9df8be99aeeb157

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://qsafetytraining.com/
Origin: https://qsafetytraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1232/bundle/main/lead-flows-release.js&cfRay=7f6415d57cc61981-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"039461df2d1d43031520c7d3a853f79e"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1232/bundle/main/lead-flows-release.js
date: Sun, 13 Aug 2023 21:34:59 GMT
x-amz-version-id: RIqU3aMZg9szNHjfbC8NSxVkuKgO4.TB
via: 1.1 caafbc8a9aa04b09dd564a3ddef60622.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 0fd286d6-b655-4bdc-aef2-0d58f83bc79a
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-request-id: 0fd286d6-b655-4bdc-aef2-0d58f83bc79a
last-modified: Thu, 03 Aug 2023 01:17:49 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-6mr8p
cf-ray: 7f6415d57cc61981-FRA
x-amz-cf-id: xJjMbye6vZEz3-_XJlgFdmZlZxfUpuPmynWrzKx20jITNl95UcPO6w==

GET
H2 200 2696541.js Show response
js.hs-analytics.net/analytics/1691962200000/ 66 KB
21 KB 153ms
135ms Script
text/javascript 2606:4700::6810:8cce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1691962200000/2696541.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2696541.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8cce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7068e407be583f43d88fa51591c67f205383ca8fe8af88dd8cbc0a313cb2aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 1FK2KNEV0CDA13Z1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 42f0eb85-5631-4eec-a542-67f4d759de15
x-envoy-upstream-service-time: 13
x-amz-id-2: PQ6xK8pQqqir0LYLgNXr+oYaZyHoOKhEuJMYIdQ7eZyKugNVvw043TuP9oNv/AtW7pMbs3WMERA=
x-evy-trace-listener: listener_https
x-request-id: 42f0eb85-5631-4eec-a542-67f4d759de15
x-evy-trace-route-configuration: listener_https/all
last-modified: Sun, 23 Jul 2023 18:27:18 GMT
server: cloudflare
etag: W/"88b6d977dd4be03a035489c88216b44d"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-qh8zw
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7f6415d57aee3668-FRA
expires: Sun, 13 Aug 2023 21:39:59 GMT

GET
H2 200 2696541.js Show response
js.hs-banner.com/ 60 KB
16 KB 544ms
513ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2696541.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2696541.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e26d08e72a1a5f333f5ef95f00756a60bba4d324c96393a5df139650e7d226e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
x-amz-version-id: iDyt2pPzhGdx.aLnjCorwNz9HJknCAwZ
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 1FK5DYV6E1EJRYTX
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 8a5cd3be-f6a1-4ba5-af3d-68bf52e4171e
x-envoy-upstream-service-time: 33
x-amz-id-2: iGAoce35Uoi2IWHAsWp+SQhKg3gOYKztCtxSMyORQ2bzpTS6qhHW5+zGja7sWiUOx4ccSRNMvcE=
x-evy-trace-listener: listener_https
x-request-id: 8a5cd3be-f6a1-4ba5-af3d-68bf52e4171e
x-evy-trace-route-configuration: listener_https/all
last-modified: Sun, 23 Jul 2023 18:27:19 GMT
server: cloudflare
etag: W/"90f1f6928a34b629bd4c79bb3aa06445"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://qsafetytraining.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-5wnkk
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7f6415d5886a9bd4-FRA
expires: Sun, 13 Aug 2023 21:39:59 GMT

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
357 B 482ms
114ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=48,19,447,515,106,522,679,683,1254,1257
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 21:34:59 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 185.213.155.131
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 02orhur9k9arl81bg36g

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 307 KB
87 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=bbf4a4e1c79f75aee05d7173334e2773

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11aa2168c8688635b491940a43a59a7971f25f80169ef2719ef998d89370f584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://qsafetytraining.com/
Origin: https://qsafetytraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Aug 2023 21:34:59 GMT
content-md5: /5Q8wSSyiQGXIequ6J9vyg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88674
x-fb-debug: goUIsrifzGRiUJVqXVKA7/Y7ZP6ZpnTvz1aTGXqyDJBFOxLR4gQUxIlUID0vqNMOMijP6BeOez+HgiN3dU3GMw==
x-fb-content-md5: 8faf419079959e9961a1d578d4019c7b
cross-origin-opener-policy: same-origin-allow-popups
etag: "22a42d246adc584161210189a3c31af5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 12 Aug 2024 21:05:25 GMT

GET
H2 200 238412518108545 Show response
connect.facebook.net/signals/config/ 383 KB
110 KB 148ms
147ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/238412518108545?v=2.9.123&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

857a5f9d532d872323fae266f46b6e62c1ed055c0a2e778e34d93e6b0e30fa2e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 13 Aug 2023 21:34:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 0lIdVjCsSLkP230ViPBtzsiLYwurhlHOwRs6ThWxF+2iTffypntCwwuQdFDtgiYENvF9GG7iQGZKqsZvpMf5Gw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 248 B
489 B 243ms
192ms Script
application/javascript 2606:4700::6810:175e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=224766123&u=https%3A%2F%2Fqsafetytraining.com%2Fcalendar%2F

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:175e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.21

Resource Hash

37ba00732e9b24e7194936c5179e7c8ebccaa0f4323d4f4aa32f5a02c9a3bac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.21
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 58
cf-ray: 7f6415d5fd3c196a-FRA

GET
H2 200 like.php Show response
www.facebook.com/v5.0/plugins/ Frame 825B 48 KB
17 KB 276ms
258ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5e0cf8f34d364%26domain%3Dqsafetytraining.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fqsafetytraining.com%252Ff19dbfcb39ab868%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fqsafetytraining.com%2Fcalendar%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large&width=225

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=bbf4a4e1c79f75aee05d7173334e2773

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b51ef09ffd1ae7e883779fd2cf04119bac3a4ba743c64a5fdb7ff5a2e14654a7

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qsafetytraining.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 21:34:59 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v11.0
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: Bd9aAihs8WWGjPRl9JK+UX24sQZZfY3dBdbWcqpvqxCJdTssxkFJLg3cNhHPAILGJ0JK3KqYKjqJjViHkOKoBQ==
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 18ms
17ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1469719724&t=pageview&_s=1&dl=https%3A%2F%2Fqsafetytraining.com%2Fcalendar%2F&ul=en-us&de=UTF-8&dt=Q%20Safety%20Consultants%20%7C%20OSHA%20%7C%20MSHA%20%7C%20EM%20385%20%7C%20NCCER%20%7C%20DOT%20%7C%20HAZWOPER&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=945317681&gjid=755092613&cid=2019444282.1691962500&tid=UA-43303531-1&_gid=2041279169.1691962500&_r=1&gtm=457e3890&jsscut=1&z=1946556516

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://qsafetytraining.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 21:34:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qsafetytraining.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame 9073 4 KB
2 KB 19ms
19ms Document
text/html 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://qsafetytraining.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 112
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Sun, 13 Aug 2023 21:33:07 GMT
etag: "OMWYXg"
expires: Sun, 13 Aug 2023 21:38:07 GMT
server: Google Frontend
x-cloud-trace-context: 804a4c1fdb0ba347bbb9944c7b6790f5

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 55ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5QTRLVWQFY&_ono=1&gtm=45je3890&_p=1469719724&_gaz=1&cid=2019444282.1691962500&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1691962499&sct=1&seg=0&dl=https%3A%2F%2Fqsafetytraining.com%2Fcalendar%2F&dt=Q%20Safety%20Consultants%20%7C%20OSHA%20%7C%20MSHA%20%7C%20EM%20385%20%7C%20NCCER%20%7C%20DOT%20%7C%20HAZWOPER&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5QTRLVWQFY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 21:34:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qsafetytraining.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 69ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-5QTRLVWQFY&cid=2019444282.1691962500&gtm=45je3890&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5QTRLVWQFY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 21:34:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qsafetytraining.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 135ms
50ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-5QTRLVWQFY&cid=2019444282.1691962500&gtm=45je3890&aip=1&z=631405406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 21:34:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 67ms
18ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-43303531-1&cid=2019444282.1691962500&jid=945317681&gjid=755092613&_gid=2041279169.1691962500&_u=YEBAAUAAAAAAACAAI~&z=1113783470

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qsafetytraining.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 13 Aug 2023 21:34:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qsafetytraining.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
682 B 205ms
130ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=site&l=zrQU8JNA7zCrjWdSDqx3o8%3A9cbd9c5a-2bfd-4e9c-b549-199bd098930d&v=&e=&st=&lc=en-US&pid=3EpyRhW4GHoNYFBhYJ4cg4-default-prop&uid=P8muGaGcucZ2yYG3RKzVm6&sid=jbUozYP8Fgb4idKiV3v8ot&cid=site-zrQU8JNA7zCrjWdSDqx3o8%3A9cbd9c5a-2bfd-4e9c-b549-199bd098930d&uri=https%3A%2F%2Fqsafetytraining.com%2Fcalendar%2F&rf=&rx=1600&ry=1200&tz=%2B02%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 21:34:59 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://qsafetytraining.com
X-Forwarded-For: 185.213.155.131
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 02orhuq8puovu7epm510

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 186ms
144ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=249479340&v=1.1&a=2696541&rcu=https%3A%2F%2Fqsafetytraining.com%2Fcalendar%2F&pu=https%3A%2F%2Fqsafetytraining.com%2Fcalendar%2F&t=Q+Safety+Consultants+%7C+OSHA+%7C+MSHA+%7C+EM+385+%7C+NCCER+%7C+DOT+%7C+HAZWOPER&cts=1691962499592&vi=e88b3304fbd46c6183a85327e2fdac21&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 59fb5b7d-15d5-4a09-8924-d40a06e4d6ba
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 59fb5b7d-15d5-4a09-8924-d40a06e4d6ba
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpQ8YMnAuuiy%2Fwj315fx9R0pMhv2bbQ%2FO4hfnUXtZErlVJGssFAnWKvSKdjHq20BQV4TCQMkhP0Py8EIRM1gS6Y9a%2FRjucDanGveUf6EzP%2FabwXUCrtOAmM8Bz936Xs3AGGONECB1RD2b0nmcu0G"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-fmrhj
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7f6415d6bd724d38-FRA
x-robots-tag: none

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
432 B 135ms
119ms XHR
application/json 2606:4700::6811:6cc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=2696541&utk=e88b3304fbd46c6183a85327e2fdac21

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6cc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b7927170313315e1ca5e3b290e8ee278124f98080cde46cbf3330727ec394f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://qsafetytraining.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2eb38d74-65a8-47c6-b635-48e9d790a2f4
x-envoy-upstream-service-time: 1
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2eb38d74-65a8-47c6-b635-48e9d790a2f4
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://qsafetytraining.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-lhvpx
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7f6415d6bf0d9956-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 134ms
49ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-43303531-1&cid=2019444282.1691962500&jid=945317681&_u=YEBAAUAAAAAAACAAI~&z=413999087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 21:34:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 60ms
51ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-43303531-1&cid=2019444282.1691962500&jid=945317681&_u=YEBAAUAAAAAAACAAI~&z=413999087

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 21:34:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 9ms
9ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238412518108545&ev=PageView&dl=https%3A%2F%2Fqsafetytraining.com%2Fcalendar%2F&rl=&if=false&ts=1691962499702&sw=1600&sh=1200&v=2.9.123&r=stable&ec=0&o=30&fbp=fb.1.1691962499700.895729348&cs_est=true&it=1691962499435&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 13 Aug 2023 21:34:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
315 B 486ms
439ms Script
text/javascript 2606:4700::6812:1f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=224766123&prismid=9d7aaca7-872a-4bb2-a75a-e54a0b0d10a7&url=https%3A%2F%2Fqsafetytraining.com%2Fcalendar%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.21
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.21
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-envoy-upstream-service-time: 46
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 7f6415d78952bbb3-FRA
content-length: 0

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 825B 299 B
524 B 8ms
7ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5e0cf8f34d364%26domain%3Dqsafetytraining.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fqsafetytraining.com%252Ff19dbfcb39ab868%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fqsafetytraining.com%2Fcalendar%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large&width=225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-debug: foZa1nXkD9jFW7jfF25Swq9DejhpxncX1e9e9FbMv1rQrzS1RiByMQ3PvbsHCrX3YvSgEwoqDePoundwR2SDng==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 03 Aug 2024 03:12:16 GMT

GET
H3 200 PoBH1SQfI0A.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yf/l/en_US/ Frame 825B 519 KB
134 KB 11ms
11ms XHR
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yf/l/en_US/PoBH1SQfI0A.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

504160d25c7f9b933607055d6aa735215f90c71ea1204a7bb778964a050bb6c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4C/8LhcZKdPPHyheMd2aVA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 136814
x-fb-debug: VKta/Rt/4Mun9VaHzCkqzeE1ReKO9GvoPOBq+ZsId9fhhPeA1REeLqq1TmE1f0nN+bhGHIqwqTqJNxn+0U0y7Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1,i
expires: Sun, 11 Aug 2024 02:50:01 GMT

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/64d21bf31fc/js/ 121 B
263 B 126ms
125ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62de118b37898912e95f6dfc/1g8pn9210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qsafetytraining.com/
Origin: https://qsafetytraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:34:59 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 08 Aug 2023 10:43:09 GMT
server: cloudflare
content-encoding: br
etag: W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415d84a6e3a76-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/64d21bf31fc/js/ 81 KB
29 KB 237ms
236ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62de118b37898912e95f6dfc/1g8pn9210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qsafetytraining.com/
Origin: https://qsafetytraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 08 Aug 2023 10:43:09 GMT
server: cloudflare
content-encoding: br
etag: W/"ce3014b09c6dfbd6f92bc585fd840580"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415d84a6f3a76-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/64d21bf31fc/js/ 210 KB
62 KB 349ms
348ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62de118b37898912e95f6dfc/1g8pn9210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12910d231924572ea1558bad498b78020aab5dbd3fb9b9d8010dbde323ef322

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qsafetytraining.com/
Origin: https://qsafetytraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 08 Aug 2023 10:43:09 GMT
server: cloudflare
content-encoding: br
etag: W/"5e7e7f8de34612cc4e83002b2554c15d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415d84a713a76-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/64d21bf31fc/js/ 206 KB
41 KB 417ms
416ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62de118b37898912e95f6dfc/1g8pn9210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

720651e68f5b9771ca3df6c7ff0dcc0e001caff18c106bb349a3eb1606b9be8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qsafetytraining.com/
Origin: https://qsafetytraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 08 Aug 2023 10:43:09 GMT
server: cloudflare
content-encoding: br
etag: W/"faaf68e7eca9c1f4d73119cc1fbdcc31"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415d84a733a76-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/64d21bf31fc/js/ 2 KB
1 KB 130ms
129ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62de118b37898912e95f6dfc/1g8pn9210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33c4aa238c200e235e4e4cd3f2fc622fc11c209806dc22c550c090c8cf6a01ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qsafetytraining.com/
Origin: https://qsafetytraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 08 Aug 2023 10:43:09 GMT
server: cloudflare
content-encoding: br
etag: W/"e7848806768a60f42dc5bb9f38d5f27e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415d84a743a76-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/64d21bf31fc/js/ 151 B
206 B 130ms
130ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62de118b37898912e95f6dfc/1g8pn9210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qsafetytraining.com/
Origin: https://qsafetytraining.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 08 Aug 2023 10:43:09 GMT
server: cloudflare
content-encoding: br
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415d84a763a76-FRA
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 124ms
107ms Preflight
application/octet-stream 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://qsafetytraining.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://qsafetytraining.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 7f6415d8e9939196-FRA
content-length: 0
content-type: application/octet-stream
date: Sun, 13 Aug 2023 21:35:00 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 0
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-5wnkk
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 0aae33f1-71b6-4e61-9a77-d6936ce17584
x-request-id: 0aae33f1-71b6-4e61-9a77-d6936ce17584

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
174 B 119ms
119ms XHR
text/plain 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-banner.com/cookie-banner-public/v1/activity/view

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/2696541.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://qsafetytraining.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 13 Aug 2023 21:35:00 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 41b8a51c-39b8-4128-a952-49e1e7225706
x-envoy-upstream-service-time: 15
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 41b8a51c-39b8-4128-a952-49e1e7225706
server: cloudflare
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://qsafetytraining.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-ww4tr
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7f6415d99a179196-FRA

GET
H/1.1 200
OK easyXDM.min.js Show response
www-1569q.bookeo.com/bookeo/js-14.2.31/widgetcomm/ Frame A904 99 KB
19 KB 310ms
310ms Script
text/javascript 104.247.194.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1569q.bookeo.com/bookeo/js-14.2.31/widgetcomm/easyXDM.min.js

Requested by

Host: www-1569q.bookeo.com
URL: https://www-1569q.bookeo.com/-misc-widgetProvider.html?aguid=41569HXTM9T186964558CD&t=4xvS70ar10Ux%2FkgysCu8o5FbqTaCo0PAwPlkRu685ic%3D&c=03a&xdm_e=https%3A%2F%2Fqsafetytraining.com&xdm_c=default4136&xdm_p=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.247.194.10 Los Angeles, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

Software

Resource Hash

fc04b80f5a7eeeb3391c9fea0774796209b50041a7044ae34b6bc2a7a6e8de55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-1569q.bookeo.com/-misc-widgetProvider.html?aguid=41569HXTM9T186964558CD&t=4xvS70ar10Ux%2FkgysCu8o5FbqTaCo0PAwPlkRu685ic%3D&c=03a&xdm_e=https%3A%2F%2Fqsafetytraining.com&xdm_c=default4136&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 21:35:00 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Sun, 13 Aug 2023 08:35:24 GMT
X-Bookeo-ResponseId: 1569q_189f0d2e41e
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 19528
Expires: Mon, 12 Aug 2024 08:35:24 GMT

GET
H/1.1 200
OK bundle_customer_ui2.js Show response
www-1569q.bookeo.com/bookeo/js-14.2.31/ Frame A904 762 KB
209 KB 601ms
300ms Script
text/javascript 104.247.194.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1569q.bookeo.com/bookeo/js-14.2.31/bundle_customer_ui2.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.247.194.10 Los Angeles, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

Software

Resource Hash

e85779843cbe5e4c595e3390a52e3b3be22dfabdae5329fda68a66025b8cddf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-1569q.bookeo.com/-misc-widgetProvider.html?aguid=41569HXTM9T186964558CD&t=4xvS70ar10Ux%2FkgysCu8o5FbqTaCo0PAwPlkRu685ic%3D&c=03a&xdm_e=https%3A%2F%2Fqsafetytraining.com&xdm_c=default4136&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 21:35:00 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Sun, 13 Aug 2023 08:35:24 GMT
X-Bookeo-ResponseId: 1569q_189f0d2e547
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 213920
Expires: Mon, 12 Aug 2024 08:35:24 GMT

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
1016 B 179ms
136ms Image
image/gif 2606:4700::6811:d4f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d4f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 21:35:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 54ecc5f2-1787-4ceb-9e53-1c718e013180
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 54ecc5f2-1787-4ceb-9e53-1c718e013180
Server: cloudflare
X-Trace: 2BACCE9DCA8CF92801E0A4E4C18B58D5F20E8E44C7000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-bb7f4
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7f6415daae11367e-FRA

POST
H2 200 / Show response
www.facebook.com/tr/ Frame F1B1 0
74 B 11ms
5ms Document
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://qsafetytraining.com
Referer: https://qsafetytraining.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://qsafetytraining.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 21:35:00 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 506ms
491ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=62de118b37898912e95f6dfc&widgetId=1g8pn9210&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47d62854eafc14d88ff3ac23693bc06e3266f3be8881d6805742a1330023018f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-kdwd
server: cloudflare
etag: W/"2-102-1"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 7f6415dbbe923a76-FRA
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1 KB
1 KB 465ms
453ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a9d940dd7c66da4179a4821b1979556f2e581b11c7743a41af1d49dd4af92c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qsafetytraining.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 13 Aug 2023 21:35:01 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://qsafetytraining.com
access-control-allow-credentials: true
cf-ray: 7f6415dccdde9b82-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-jw3b

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 146ms
146ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://qsafetytraining.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://qsafetytraining.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f6415dbcea53a76-FRA
date: Sun, 13 Aug 2023 21:35:00 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-84mw

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/64d21bf31fc/languages/ 16 KB
4 KB 16ms
16ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:00 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 467510
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 10:43:09 GMT
server: cloudflare
etag: W/"585ba00b2c167b90c210161454f843b5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415dec8a49b82-FRA

GET
H3 200 twk-chunk-2c78ba82.js Show response
embed.tawk.to/_s/v4/app/64d21bf31fc/js/ 8 KB
3 KB 17ms
17ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-2c78ba82.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda3a940b53dd58a8fd2b219dada689959db76a483ed394cc2843f60559866c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:01 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 467511
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 10:43:09 GMT
server: cloudflare
etag: W/"940b50b62d332ac06770a9c45b1e60b0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415dfa9bc9b82-FRA

GET
H3 200 twk-chunk-696bc286.js Show response
embed.tawk.to/_s/v4/app/64d21bf31fc/js/ 18 KB
5 KB 19ms
19ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-696bc286.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b24b6db671694e8a67382fc3b4d3bafdfa37da0762b4afb683565555fb8d72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:01 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 467511
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 10:43:09 GMT
server: cloudflare
etag: W/"4584338ce93115b98d779275b8a6926a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415dfa9c19b82-FRA

GET
H3 200 twk-chunk-2d0b383d.js Show response
embed.tawk.to/_s/v4/app/64d21bf31fc/js/ 689 B
673 B 17ms
17ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-2d0b383d.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72deb01333692d6942fe77383825537b0dac6653af9b50312a53fdf3b31efa09

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:01 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 467510
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 10:43:09 GMT
server: cloudflare
etag: W/"a6432972b93f7d0476635e7ac224d718"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415dfa9c39b82-FRA

GET
H3 200 twk-chunk-48f46bef.js Show response
embed.tawk.to/_s/v4/app/64d21bf31fc/js/ 19 KB
5 KB 19ms
19ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-48f46bef.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67e87b394ca6b3cfaed0e1121232cbe95f7b3399967c5a37664d648f051d0665

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:01 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 467510
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 10:43:09 GMT
server: cloudflare
etag: W/"e3d718565a988ede101d5aa64572d293"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415dfa9c49b82-FRA

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/64d21bf31fc/js/ 906 B
662 B 16ms
15ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:01 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 467511
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 10:43:09 GMT
server: cloudflare
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415dfa9c59b82-FRA

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/64d21bf31fc/js/ 535 B
574 B 22ms
21ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:01 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 467510
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 10:43:09 GMT
server: cloudflare
etag: W/"c506281367048d4a134c9affbc68c8c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415dfa9c69b82-FRA

GET
H3 200 twk-chunk-07cad36d.js Show response
embed.tawk.to/_s/v4/app/64d21bf31fc/js/ 93 KB
20 KB 22ms
22ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-07cad36d.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3af2f2a9d2a32f3673b13f5c300e883b092df4824fafe5d79e74e294452e63d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:01 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 467510
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 10:43:09 GMT
server: cloudflare
etag: W/"8bdc861f325ab01594de879a1e153e55"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415dfa9c89b82-FRA

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/64d21bf31fc/css/ Frame E597 24 KB
5 KB 18ms
18ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:01 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 467510
cf-polished: origSize=24831
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 08 Aug 2023 10:43:08 GMT
server: cloudflare
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415dfda0b9b82-FRA

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/64d21bf31fc/css/ Frame 90F5 37 KB
8 KB 21ms
21ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98f3004edce9989eb1410055c57772a2be9c7810ab5811261fff0487cd4645b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:01 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 467510
cf-polished: origSize=38360
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 08 Aug 2023 10:43:08 GMT
server: cloudflare
etag: W/"03fb642386334234f457befc22111bea"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415dffa349b82-FRA

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/64d21bf31fc/css/ Frame 465B 73 KB
14 KB 15ms
15ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64d21bf31fc/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0184fbee1d098b9d08dd83c0a45b9a053ccee598adf89615c3931c06dca09c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:01 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 467510
cf-polished: origSize=74869
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 08 Aug 2023 10:43:08 GMT
server: cloudflare
etag: W/"e403409940fa900260225b2e7b303010"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7f6415e02a859b82-FRA

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
39 KB 44ms
21ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 21:35:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14907685
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-yyz4525-YYZ
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4%2BfwLdJx5hRsqzJKrgraQaCFH95yoIgqe5HpQioevFVottEM8ybtG8L5hyJRH2P9M0fuYffTdGfohn%2BWF457f20maw3rZGmLqtwhxtmwtmkPFJen4mmRBZxuhGt9oKa2qbVZhLZKeYaHiX6wxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7f6415e09c1235e5-FRA

GET
H/1.1 200
OK startroute_41569HXTM9T186964558CD Show response
www-1569q.bookeo.com/bookeo/ Frame AFE7 136 KB
19 KB 187ms
187ms Document
text/html 104.247.194.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1569q.bookeo.com/bookeo/startroute_41569HXTM9T186964558CD?ralias=true&axiomframed=true&inwidget=true&a=41569HXTM9T186964558CD&aguid=41569HXTM9T186964558CD&axiom_bid=klpumpamaculejyk&w=2062654812&t=4xvS70ar10Ux%2FkgysCu8o5FbqTaCo0PAwPlkRu685ic%3D&c=03a&m=252c26362d39

Requested by

Host: www-1569q.bookeo.com
URL: https://www-1569q.bookeo.com/bookeo/js-14.2.31/bundle_customer_ui2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.247.194.10 Los Angeles, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

Software

Resource Hash

59f9ddd5740770dd2c462d0652722195dcf8e70fad79e299412ed3c9eaa765fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1569q.bookeo.com/-misc-widgetProvider.html?aguid=41569HXTM9T186964558CD&t=4xvS70ar10Ux%2FkgysCu8o5FbqTaCo0PAwPlkRu685ic%3D&c=03a&xdm_e=https%3A%2F%2Fqsafetytraining.com&xdm_c=default4136&xdm_p=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Language: de-DE
Content-Type: text/html;charset=utf-8
Date: Sun, 13 Aug 2023 21:35:01 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding, User-Agent
X-Bookeo-ResponseId: 1569q_189f0d2e894

GET
H/1.1 200
OK css
www-1569q.bookeo.com/bookeo/googlefonts/5vg9eDeJ/ Frame AFE7 11 KB
1 KB 184ms
184ms Stylesheet
text/css 104.247.194.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1569q.bookeo.com/bookeo/googlefonts/5vg9eDeJ/css?family=Open+Sans:300,400,600,700

Requested by

Host: www-1569q.bookeo.com
URL: https://www-1569q.bookeo.com/bookeo/startroute_41569HXTM9T186964558CD?ralias=true&axiomframed=true&inwidget=true&a=41569HXTM9T186964558CD&aguid=41569HXTM9T186964558CD&axiom_bid=klpumpamaculejyk&w=2062654812&t=4xvS70ar10Ux%2FkgysCu8o5FbqTaCo0PAwPlkRu685ic%3D&c=03a&m=252c26362d39

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.247.194.10 Los Angeles, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

Software

Resource Hash

b169facc1ed65882b9fc16f15a67fd166a1423590a18655848922cf8f00f0d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-1569q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 21:35:01 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Bookeo-ResponseId: 1569q_189f0d2e95b
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400, no-transform
Expires: Mon, 14 Aug 2023 21:35:01 GMT

GET
H/1.1 200
OK bundle_customer_ui2.css
www-1569q.bookeo.com/bookeo/css-14.2.31/customerui2/ Frame AFE7 227 KB
38 KB 309ms
308ms Stylesheet
text/css 104.247.194.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1569q.bookeo.com/bookeo/css-14.2.31/customerui2/bundle_customer_ui2.css?bp_a=41569HXTM9T186964558CD&bp_v=1677623458841

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.247.194.10 Los Angeles, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

Software

Resource Hash

04d1da157b9357e826c54a3f4831850bf52945b9852e99868f7d8d60650b1092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-1569q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 21:35:01 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Sun, 13 Aug 2023 08:35:24 GMT
X-Bookeo-ResponseId: 1569q_189f0d2e95f
Content-Type: text/css;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 38218
Expires: Mon, 12 Aug 2024 08:35:24 GMT

GET
H/1.1 200
OK bundle_customer_ui2.js Show response
www-1569q.bookeo.com/bookeo/js-14.2.31/ Frame AFE7 762 KB
209 KB 335ms
150ms Script
text/javascript 104.247.194.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1569q.bookeo.com/bookeo/js-14.2.31/bundle_customer_ui2.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.247.194.10 Los Angeles, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

Software

Resource Hash

e85779843cbe5e4c595e3390a52e3b3be22dfabdae5329fda68a66025b8cddf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-1569q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 21:35:01 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Sun, 13 Aug 2023 08:35:24 GMT
X-Bookeo-ResponseId: 1569q_189f0d2ea13
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 213920
Expires: Mon, 12 Aug 2024 08:35:24 GMT

GET
H/1.1 200
OK axiom_en_US.js Show response
www-1569q.bookeo.com/bookeo/js-14.2.31/i18n/ Frame AFE7 66 KB
13 KB 603ms
301ms Script
text/javascript 104.247.194.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1569q.bookeo.com/bookeo/js-14.2.31/i18n/axiom_en_US.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.247.194.10 Los Angeles, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

Software

Resource Hash

44e2683eb76dbdf0387c00c5a28ebf6ec2d6684da9444a3f694c415ec5a272ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-1569q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 21:35:01 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Sun, 13 Aug 2023 08:35:24 GMT
X-Bookeo-ResponseId: 1569q_189f0d2ea8c
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 13145
Expires: Mon, 12 Aug 2024 08:35:24 GMT

GET
H/1.1 200
OK cbpreferences.js Show response
www-1569q.bookeo.com/bookeo/dynjs/ Frame AFE7 12 KB
5 KB 465ms
157ms Script
text/javascript 104.247.194.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1569q.bookeo.com/bookeo/dynjs/cbpreferences.js?ver=1690816290514&aid=26213800&languageCode=en_US&v=14.2.31

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.247.194.10 Los Angeles, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

Software

Resource Hash

e55ee3e7e66304e5ea66c4b9378180b0122ffc16e0bbfc7b4d4c70ded903dacd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-1569q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 21:35:01 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Sun, 13 Aug 2023 08:35:24 GMT
X-Bookeo-ResponseId: 1569q_189f0d2ea8e
Vary: Accept-Encoding, User-Agent
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 5202
Expires: Mon, 12 Aug 2024 08:35:24 GMT

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 136ms
135ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://qsafetytraining.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://qsafetytraining.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f6415e2daff1c19-FRA
date: Sun, 13 Aug 2023 21:35:01 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-dfmp

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
263 B 137ms
136ms Fetch
text/html 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64d21bf31fc/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qsafetytraining.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 13 Aug 2023 21:35:01 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://qsafetytraining.com
access-control-allow-credentials: true
cf-ray: 7f6415e3bbc41c19-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-kdwd

GET
H/1.1 200
OK select-arrow-round-light.png
www-1569q.bookeo.com/bookeo/css-14.2.31/customerui2/cssimages/ Frame AFE7 289 B
652 B 151ms
150ms Image
image/png 104.247.194.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-1569q.bookeo.com/bookeo/css-14.2.31/customerui2/cssimages/select-arrow-round-light.png

Requested by

Host: www-1569q.bookeo.com
URL: https://www-1569q.bookeo.com/bookeo/css-14.2.31/customerui2/bundle_customer_ui2.css?bp_a=41569HXTM9T186964558CD&bp_v=1677623458841

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.247.194.10 Los Angeles, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

Software

Resource Hash

e32fe2a147b5913b78b99ff6f043b88ba2cf57cd968c9814e65a95c4b1f097c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www-1569q.bookeo.com/bookeo/css-14.2.31/customerui2/bundle_customer_ui2.css?bp_a=41569HXTM9T186964558CD&bp_v=1677623458841
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 21:35:02 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 13 Aug 2023 06:47:58 GMT
X-Bookeo-ResponseId: 1569q_189f0d2ebd2
Content-Type: image/png;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Accept-Ranges: bytes
Content-Length: 289
Expires: Mon, 12 Aug 2024 08:35:24 GMT

GET
H/1.1 200
OK emu.ttf
www-1569q.bookeo.com/bookeo/css-14.2.31/customerui2/cssfonts/ Frame AFE7 21 KB
13 KB 154ms
153ms Font
application/octet-stream 104.247.194.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1569q.bookeo.com/bookeo/css-14.2.31/customerui2/cssfonts/emu.ttf

Requested by

Host: www-1569q.bookeo.com
URL: https://www-1569q.bookeo.com/bookeo/css-14.2.31/customerui2/bundle_customer_ui2.css?bp_a=41569HXTM9T186964558CD&bp_v=1677623458841

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.247.194.10 Los Angeles, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

Software

Resource Hash

0fda8015d7310e7366d1909b488ac5597053822a76c4999ec3120b7af0890c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1569q.bookeo.com/bookeo/css-14.2.31/customerui2/bundle_customer_ui2.css?bp_a=41569HXTM9T186964558CD&bp_v=1677623458841
Origin: https://www-1569q.bookeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 21:35:02 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Sun, 13 Aug 2023 06:47:58 GMT
X-Bookeo-ResponseId: 1569q_189f0d2ebd0
Vary: Accept-Encoding, User-Agent
Cache-Control: public, max-age=7776000, no-transform
Accept-Ranges: bytes
Content-Length: 13087
Expires: Mon, 12 Aug 2024 08:35:24 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
www-1569q.bookeo.com/bookeo/googlefonts/5vg9eDeJ/s/opensans/v35/ Frame AFE7 47 KB
48 KB 308ms
308ms Font
font/woff2 104.247.194.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1569q.bookeo.com/bookeo/googlefonts/5vg9eDeJ/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www-1569q.bookeo.com
URL: https://www-1569q.bookeo.com/bookeo/googlefonts/5vg9eDeJ/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.247.194.10 Los Angeles, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

Software

Resource Hash

8c3996b15dc5ca5c24808d2c15199c3bffc17ef630f0fb44f7ad5f245299c5d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1569q.bookeo.com/bookeo/googlefonts/5vg9eDeJ/css?family=Open+Sans:300,400,600,700
Origin: https://www-1569q.bookeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires: Mon, 12 Aug 2024 21:35:02 GMT
Date: Sun, 13 Aug 2023 21:35:02 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1569q_189f0d2ebd0
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
444 B 115ms
114ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=xzFqzy2G2K5LvAokxxVf6w&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=119,73,1,205.70000076293945
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qsafetytraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 21:35:03 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://qsafetytraining.com
X-Forwarded-For: 185.213.155.131
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 02orhvqited507uelp7g

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 14:00:48	Name: view.3EpyRhW4GHoNYFBhYJ4cg4-default-prop.zrQU8JNA7zCrjWdSDqx3o8 Value: 1691962500000
.qsafetytraining.com/	1970-01-20 14:00:48	Name: _gid Value: GA1.2.2041279169.1691962500
.qsafetytraining.com/	1970-01-20 13:59:22	Name: _gat_gtag_UA_43303531_1 Value: 1
.qsafetytraining.com/	1970-01-20 23:35:22	Name: _ga_5QTRLVWQFY Value: GS1.1.1691962499.1.0.1691962499.60.0.0
.qsafetytraining.com/	1970-01-20 23:35:22	Name: _ga Value: GA1.1.2019444282.1691962500
js.center.io/	1970-01-20 23:35:22	Name: centerVisitorId Value: P8muGaGcucZ2yYG3RKzVm6
.qsafetytraining.com/	1970-01-20 16:08:58	Name: _fbp Value: fb.1.1691962499700.895729348
prism.app-us1.com/	1970-01-20 14:42:34	Name: prism_224766123 Value: 9d7aaca7-872a-4bb2-a75a-e54a0b0d10a7
.qsafetytraining.com/	1970-01-20 14:42:34	Name: prism_224766123 Value: 9d7aaca7-872a-4bb2-a75a-e54a0b0d10a7
.hubspot.com/	1970-01-20 13:59:24	Name: __cf_bm Value: pLT.9fTUzbwVG7Y9FmBF3_QV48RGcheBUG4qn4kgiPk-1691962499-0-AW5WG27v6EKRAVgqdNgM3FLlqBTgcImQguUakUtJ6xtjYZldy5LmiwYaUQ6pP+sY6chu0BWlRZA+oEKCSvAoHFo=
www-1569q.bookeo.com/	1969-12-31 23:59:59	Name: AXIOMID Value: 1tysy7z5f17atu4kg0k8u751e6973
qsafetytraining.com/	1969-12-31 23:59:59	Name: twk_idm_key Value: yML38hQ38JQd3L0--yaka
qsafetytraining.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.qsafetytraining.com/	1970-01-20 18:18:34	Name: twk_uuid_62de118b37898912e95f6dfc Value: %7B%22uuid%22%3A%221.2U5raCayhgqqvyK6DzDTixtZInQ58YVO9akJjf1VUmgw3EzTE4QReK2CeseKxego6igXorLv8iQXyBENNrECI0yDxW5OPmfE2w0JXE77dTTEA9Djw9HRLV8cTGl1t6K%22%2C%22version%22%3A3%2C%22domain%22%3A%22qsafetytraining.com%22%2C%22ts%22%3A1691962501057%7D
www-1569q.bookeo.com/	1969-12-31 23:59:59	Name: AXIOMID2 Value: JNKMFPPEMP7AUJFJKMYTT9RJ9KKACMM7

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://bookeo.com/widget.js?a=41569HXTM9T186964558CD(Line 489) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
bookeo.com
cdn.jsdelivr.net
connect.facebook.net
diffuser-cdn.app-us1.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
js.center.io
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
js.static.spiffy.co
lh3.googleusercontent.com
prism.app-us1.com
qsafetytraining.com
region1.analytics.google.com
static.leadpages.net
static.xx.fbcdn.net
stats.g.doubleclick.net
track.hubspot.com
trackcmp.net
va.tawk.to
www-1569q.bookeo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.247.194.10
168.235.82.161
2001:4860:4802:34::178
2001:4860:4802:34::36
2001:4860:4802:36::15
2600:9000:2491:a200:17:1595:9ac0:93a1
2606:4700:10::6816:1883
2606:4700:10::ac43:2642
2606:4700:20::ac43:4996
2606:4700::6810:175e
2606:4700::6810:5614
2606:4700::6810:77be
2606:4700::6810:8cce
2606:4700::6811:6cc7
2606:4700::6811:806e
2606:4700::6811:d4f3
2606:4700::6812:18c4
2606:4700::6812:1f7c
2606:4700::6812:863b
2606:4700::6813:9a53
2a00:1450:4001:803::2003
2a00:1450:4001:808::200a
2a00:1450:4001:811::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2004
2a00:1450:400c:c00::9d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.107.203.240
35.192.151.63
0184fbee1d098b9d08dd83c0a45b9a053ccee598adf89615c3931c06dca09c39
026c249acda71b64fe2510542d88ae26073694f89b595b1fd0e9f3ad501bf6b4
04d1da157b9357e826c54a3f4831850bf52945b9852e99868f7d8d60650b1092
07b896a6d0efd4c2b706477a0f2c2ada2dff59d654a3cd4bf2ed84333a90d7c7
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
0fda8015d7310e7366d1909b488ac5597053822a76c4999ec3120b7af0890c68
11aa2168c8688635b491940a43a59a7971f25f80169ef2719ef998d89370f584
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
1de1eaa47235a36bf6abb881572290cc29cd2938c416202b0d2c0e95b291615f
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
33c4aa238c200e235e4e4cd3f2fc622fc11c209806dc22c550c090c8cf6a01ab
36a58b231f4bd34d323b5a7da9caf1a2706ecc87ca22a822763b96659043017e
3736cf7c2e75decbde0cf53d82918d702f484eb4459b875af595d02996a3e0f3
37ba00732e9b24e7194936c5179e7c8ebccaa0f4323d4f4aa32f5a02c9a3bac6
3a9d940dd7c66da4179a4821b1979556f2e581b11c7743a41af1d49dd4af92c0
3af2f2a9d2a32f3673b13f5c300e883b092df4824fafe5d79e74e294452e63d2
44e2683eb76dbdf0387c00c5a28ebf6ec2d6684da9444a3f694c415ec5a272ac
47d62854eafc14d88ff3ac23693bc06e3266f3be8881d6805742a1330023018f
4b7927170313315e1ca5e3b290e8ee278124f98080cde46cbf3330727ec394f7
504160d25c7f9b933607055d6aa735215f90c71ea1204a7bb778964a050bb6c3
5517506ced67884100bf4d987ab88002364d1b91f5e6640e92f6ce5e101d93fc
59f9ddd5740770dd2c462d0652722195dcf8e70fad79e299412ed3c9eaa765fd
5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54
67e87b394ca6b3cfaed0e1121232cbe95f7b3399967c5a37664d648f051d0665
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
720651e68f5b9771ca3df6c7ff0dcc0e001caff18c106bb349a3eb1606b9be8a
72deb01333692d6942fe77383825537b0dac6653af9b50312a53fdf3b31efa09
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
857a5f9d532d872323fae266f46b6e62c1ed055c0a2e778e34d93e6b0e30fa2e
8c2a54278c4cb87438f4a1c73242d727fc3eea82dc59abb393dd3937b17ce1d7
8c3996b15dc5ca5c24808d2c15199c3bffc17ef630f0fb44f7ad5f245299c5d4
90e9f8331eaf3ee9def38f9098e6896c4c671768bf5f6f71c7affb773eb147fc
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9699318e4e82df12cab03d0a1f6543e9de872249c3a60d4fdce3588fbb2059bd
96ea6b1e986879257e104371bf5f0cb0bf2bb9957a1aa73fa9df8be99aeeb157
989812a905f6593ad9753acfe8e4144be665523cb55c7bcb2bd6aa8b1f56ef59
98f3004edce9989eb1410055c57772a2be9c7810ab5811261fff0487cd4645b4
9b24b6db671694e8a67382fc3b4d3bafdfa37da0762b4afb683565555fb8d72e
a12910d231924572ea1558bad498b78020aab5dbd3fb9b9d8010dbde323ef322
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b169facc1ed65882b9fc16f15a67fd166a1423590a18655848922cf8f00f0d6c
b1bfd3adef0f635ce659012dae1fbb44ee8694f65c74c8b18dba3611af3e1646
b51ef09ffd1ae7e883779fd2cf04119bac3a4ba743c64a5fdb7ff5a2e14654a7
bbca372b5a87777db54d450b75c7b61697d5545402470b49f715a697d9831008
c5bf3fb4b660680736a4b05455a3bb1c0a3eb34b5260ee229f1b086b6a846ed4
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda3a940b53dd58a8fd2b219dada689959db76a483ed394cc2843f60559866c3
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d7068e407be583f43d88fa51591c67f205383ca8fe8af88dd8cbc0a313cb2aa7
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e26d08e72a1a5f333f5ef95f00756a60bba4d324c96393a5df139650e7d226e4
e32fe2a147b5913b78b99ff6f043b88ba2cf57cd968c9814e65a95c4b1f097c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55ee3e7e66304e5ea66c4b9378180b0122ffc16e0bbfc7b4d4c70ded903dacd
e85779843cbe5e4c595e3390a52e3b3be22dfabdae5329fda68a66025b8cddf0
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7b1897c92933aba73b0091637b578e943e7ca14f897c33c49ae627355ffb00
f1a5c45341f92eb3a52514b47288c7fa097149210573bb32ba52d448623a602d
f31b42fc3944926b4ca45e7c7a7d20685ecff52ab1f7dae707d5b9894bffd390
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9a10523b5816c152278ca2b88e77d8e10e0dffa98ff0ca82e29ac4742d097f0
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fc04b80f5a7eeeb3391c9fea0774796209b50041a7044ae34b6bc2a7a6e8de55
ffc6f22b8fee0e5b073e5d5a560397a317b95f5d76c88f0de0f55b9ccc246072

qsafetytraining.com Open in urlscan Pro 2606:4700:20::ac43:4996 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

89 Requests

100 %HTTPS

87 %IPv6

29 Domains

34 Subdomains

31 IPs

3 Countries

1904 kBTransfer

6689 kBSize

15 Cookies

8 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

qsafetytraining.com Open in urlscan Pro
2606:4700:20::ac43:4996 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

100 %
HTTPS

87 %
IPv6

29
Domains

34
Subdomains

31
IPs

3
Countries

1904 kB
Transfer

6689 kB
Size

15
Cookies

89 HTTP transactions
0 data transactions