urlscan.io logo urlscan.io
SecurityTrails logo

docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com Open in urlscan Pro
2600:3c0a::f03c:93ff:fea3:3fa7  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f...
Effective URL: https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/2I3wXbYY05.html
Submission: On March 16 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 4 countries across 32 domains to perform 85 HTTP transactions. The main IP is 2600:3c0a::f03c:93ff:fea3:3fa7, located in Tukwila, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com.
TLS certificate: Issued by R3 on February 26th 2024. Valid for: 3 months.
This is the only time docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
20 162.159.137.54 13335 (CLOUDFLAR...)
1 151.101.1.91 54113 (FASTLY)
8 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 162.159.138.60 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 66.29.141.120 22612 (NAMECHEAP...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2600:9000:267... 16509 (AMAZON-02)
1 23.205.185.208 16625 (AKAMAI-AS)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a04:4e42:200... 54113 (FASTLY)
1 2600:9000:235... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a04:4e42::644 54113 (FASTLY)
1 2600:3c0a::f0... 63949 (AKAMAI-LI...)
2 2a04:4e42::649 54113 (FASTLY)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2620:1ec:46::62 ()
1 2606:2800:233... ()
85 27
20    162.159.137.54 (None, )

ASN13335 (CLOUDFLARENET, US)
insightsoftware.com
1    151.101.1.91 (United States)

ASN54113 (FASTLY, US)
client-registry.mutinycdn.com
8    2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
3    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
google.com
www.google-analytics.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    66.29.141.120 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server344-3.web-hosting.com
jlaempireconstruction.com
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2600:9000:2670:f200:7:d7d6:3c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
tag.clearbitscripts.com
1    23.205.185.208 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-185-208.deploy.static.akamaitechnologies.com
origin.acuityplatform.com
4    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
3    2a04:4e42:200::644 (United States)

ASN54113 (FASTLY, US)
fast.wistia.net
1    2600:9000:235a:b400:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.clickcease.com
1    2606:4700:20::681a:26e (United States)

ASN13335 (CLOUDFLARENET, US)
track.gaconnector.com
1    2606:4700:20::681a:b13 (United States)

ASN13335 (CLOUDFLARENET, US)
loader.wisepops.com
2    2606:4700:20::681a:e61 (United States)

ASN13335 (CLOUDFLARENET, US)
wisepops.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a04:4e42::644 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
1    2600:3c0a::f03c:93ff:fea3:3fa7 (Tukwila, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com
2    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.triviaf.ru
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2620:1ec:46::62 (None, )

ASN- ()
aadcdn.msauth.net
1    2606:2800:233:78b9:f44e:2c1f:31aa:d9ef (None, )

ASN- ()
aadcdn.msftauth.net
Apex Domain
Subdomains		 Transfer
20 insightsoftware.com
insightsoftware.com — Cisco Umbrella Rank: 93557
270 KB
8 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 325
130 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 1985
21 KB
4 msauth.net
aadcdn.msauth.net
8 KB
4 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2424
tracking.crazyegg.com Failed
35 KB
3 triviaf.ru
cdn.triviaf.ru
1 MB
3 wistia.net
fast.wistia.net — Cisco Umbrella Rank: 8548
134 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 188
154 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
306 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 253
26 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 746
59 KB
2 wisepops.net
wisepops.net — Cisco Umbrella Rank: 13675
27 KB
2 google.com
google.com — Cisco Umbrella Rank: 1
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 78
69 KB
1 msftauth.net
aadcdn.msftauth.net
2 KB
1 linodeobjects.com
docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com
886 B
1 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 4907
1 wisepops.com
loader.wisepops.com — Cisco Umbrella Rank: 17208
activity.wisepops.com Failed
459 B
1 gaconnector.com
track.gaconnector.com — Cisco Umbrella Rank: 45485
6 KB
1 clickcease.com
www.clickcease.com — Cisco Umbrella Rank: 11865
43 KB
1 acuityplatform.com
origin.acuityplatform.com — Cisco Umbrella Rank: 23172
e.acuityplatform.com Failed
3 KB
1 clearbitscripts.com
tag.clearbitscripts.com — Cisco Umbrella Rank: 12533
5 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
274 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 560
319 B
1 jlaempireconstruction.com
jlaempireconstruction.com
267 B
1 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 1922
12 KB
1 mutinycdn.com
client-registry.mutinycdn.com — Cisco Umbrella Rank: 18836
17 KB
0 clearbitjs.com Failed
x.clearbitjs.com Failed
0 6sc.co Failed
j.6sc.co Failed
0 chilipiper.com Failed
js.chilipiper.com Failed
0 jsdelivr.net Failed
cdn.jsdelivr.net Failed
0 unpkg.com Failed
unpkg.com Failed
85 32
Domain Requested by
20 insightsoftware.com insightsoftware.com
connect.facebook.net
8 cdn.cookielaw.org insightsoftware.com
cdn.cookielaw.org
4 aadcdn.msauth.net cdn.triviaf.ru
4 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
3 cdn.triviaf.ru code.jquery.com
cdn.triviaf.ru
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fast.wistia.net insightsoftware.com
fast.wistia.net
3 connect.facebook.net insightsoftware.com
connect.facebook.net
3 www.googletagmanager.com insightsoftware.com
www.googletagmanager.com
www.google-analytics.com
2 cdnjs.cloudflare.com cdn.triviaf.ru
2 code.jquery.com docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com
cdn.triviaf.ru
2 region1.google-analytics.com www.googletagmanager.com
2 wisepops.net loader.wisepops.com
2 www.youtube.com insightsoftware.com
www.youtube.com
1 aadcdn.msftauth.net cdn.triviaf.ru
1 docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com
1 fast.wistia.com fast.wistia.net
1 loader.wisepops.com 1 redirects
1 track.gaconnector.com www.googletagmanager.com
1 www.clickcease.com insightsoftware.com
1 origin.acuityplatform.com insightsoftware.com
1 tag.clearbitscripts.com www.googletagmanager.com
1 www.facebook.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 jlaempireconstruction.com insightsoftware.com
1 www.google.com 1 redirects
1 google.com 1 redirects
1 player.vimeo.com insightsoftware.com
1 client-registry.mutinycdn.com insightsoftware.com
0 activity.wisepops.com Failed loader.wisepops.com
0 tracking.crazyegg.com Failed script.crazyegg.com
0 x.clearbitjs.com Failed tag.clearbitscripts.com
0 e.acuityplatform.com Failed origin.acuityplatform.com
0 j.6sc.co Failed www.googletagmanager.com
0 js.chilipiper.com Failed insightsoftware.com
0 cdn.jsdelivr.net Failed insightsoftware.com
0 unpkg.com Failed insightsoftware.com
85 37

This site contains no links.

Subject Issuer Validity Valid
insightsoftware.com
GTS CA 1P5		 2024-03-13 -
2024-06-11		 3 months crt.sh
client-registry.mutinycdn.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-06 -
2025-04-07		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
player.vimeo.com
E1		 2024-01-30 -
2024-04-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-24 -
2024-03-23		 3 months crt.sh
jlaempireconstruction.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-23 -
2024-08-23		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
clearbitscripts.com
Amazon RSA 2048 M01		 2023-06-11 -
2024-07-09		 a year crt.sh
*.acuityplatform.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-04 -
2024-12-04		 a year crt.sh
script.crazyegg.com
E1		 2024-02-06 -
2024-05-06		 3 months crt.sh
fast.wistia.net
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-02 -
2024-08-02		 a year crt.sh
clickcease.com
Amazon RSA 2048 M02		 2023-11-26 -
2024-12-24		 a year crt.sh
gaconnector.com
E1		 2024-03-10 -
2024-06-08		 3 months crt.sh
wisepops.net
GTS CA 1P5		 2024-01-25 -
2024-04-24		 3 months crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-02 -
2024-08-02		 a year crt.sh
us-sea-1.linodeobjects.com
R3		 2024-02-26 -
2024-05-26		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
triviaf.ru
GTS CA 1P5		 2024-03-02 -
2024-05-31		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-01-29 -
2025-01-29		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2023-12-01 -
2024-12-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/2I3wXbYY05.html
Frame ID: CE2F8398102D291C424C5BE11BECB79F
Requests: 87 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/wfudtvqg
Frame ID: 2EEBEEE6864204443062400387A925C9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20... Page URL
  2. https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/2I3wXbYY05.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

85
Requests

85 %
HTTPS

82 %
IPv6

32
Domains

37
Subdomains

27
IPs

4
Countries

2524 kB
Transfer

6544 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating Page URL
  2. https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/2I3wXbYY05.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://google.com/amp/s/jlaempireconstruction.com/wp/gN6Cy/103606053/YnJldHQuY29wZUBwb3dlbGxpbmQuY29t HTTP 301
  • https://www.google.com/amp/s/jlaempireconstruction.com/wp/gN6Cy/103606053/YnJldHQuY29wZUBwb3dlbGxpbmQuY29t HTTP 302
  • https://jlaempireconstruction.com/wp/gN6Cy/103606053/YnJldHQuY29wZUBwb3dlbGxpbmQuY29t
Request Chain 51
  • https://loader.wisepops.com/get-loader.js?v=1&site=qXqDD2AS6x HTTP 301
  • https://wisepops.net/loader.js?v=1&site=qXqDD2AS6x

85 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
insightsoftware.com/watch-now/wfudtvqg/ 		221 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://event.on24.com/ https://insightsoftware.highspot.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
8650bc324a104480-TXL
content-encoding
br
content-security-policy
frame-ancestors 'self' https://event.on24.com/ https://insightsoftware.highspot.com/
content-type
text/html; charset=UTF-8
date
Sat, 16 Mar 2024 00:48:01 GMT
expires
Sat, 16 Mar 2024 00:48:00 GMT
link
<https://insightsoftware.com/wp-json/>; rel="https://api.w.org/", <https://insightsoftware.com/wp-json/wp/v2/pages/94485>; rel="alternate"; type="application/json", <https://insightsoftware.com/?p=94485>; rel=shortlink
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
X-Forwarded-Proto,Accept-Encoding
x-cache
MISS
93281659a139de7a.js
client-registry.mutinycdn.com/personalize/client/ 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client-registry.mutinycdn.com/personalize/client/93281659a139de7a.js
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be40c4e1bfe73833212a2b4b142dd89685c0c3a56cc30c37437102e351b6b044

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
XYCVPCcyrpwOu0jOTPtPkERncJ1sZQvG
x-continent-code
EU
content-encoding
gzip
date
Sat, 16 Mar 2024 00:48:01 GMT
via
1.1 varnish
x-edge-region
EU-East
x-amz-request-id
MKB8FHA43DTV68E0
age
932
x-amz-server-side-encryption
AES256
x-cache
HIT
x-edge-datacenter
FRA
content-length
16528
x-amz-id-2
Ho9hkMdRb3VpQYjQhhe+6xeqvTpCnjkgSOQLSxsJtvat5/X+hDWuxcgksX9H5EI6LBrCHeSRs6M=
x-served-by
cache-fra-eddf8230116-FRA
x-connection-speed
broadband
last-modified
Fri, 15 Mar 2024 10:16:16 GMT
server
AmazonS3
etag
"0e4791f23019e62e80dd9e3176963962"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=3600, max-age=0
vary
X-Continent-Code, Accept-Encoding
accept-ranges
bytes
x-country-code
DE
x-cache-hits
1
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/RTAD1TAPuPWblD15GN1pg==
age
58059
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6842
x-ms-lease-status
unlocked
last-modified
Thu, 14 Mar 2024 20:29:58 GMT
server
cloudflare
etag
0x8DC446584C6C060
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b18fa0ee-b01e-0015-4386-762e30000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8650bc3818b6aca4-TXL
wp-rvp-public.css
insightsoftware.com/wp-content/plugins/responsive-youtube-video-player/public/css/ 		1 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/wp-content/plugins/responsive-youtube-video-player/public/css/wp-rvp-public.css?ver=1.0.2
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b95fbccf37bd79979b3c65319d630be021c176f6376eaec36906ba156278d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Dec 2021 01:19:46 GMT
cf-bgj
minify
server
cloudflare
age
208296
etag
W/"61a81f32-875"
cf-polished
origSize=2165
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8650bc37dbd94480-TXL
alt-svc
h3=":443"; ma=86400
style.min.css
insightsoftware.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/ 		2 KB
550 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/style.min.css?ver=1
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c85b89d6b7d92272f7fb5946e61282a75b946883176c9ff73eac557dde75c724

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 22:41:31 GMT
server
cloudflare
age
208301
etag
W/"6553f79b-671"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8650bc37dbdb4480-TXL
alt-svc
h3=":443"; ma=86400
style.min.css
insightsoftware.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/ 		258 B
202 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 22:41:31 GMT
server
cloudflare
age
163296
etag
W/"6553f79b-102"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8650bc37dbdc4480-TXL
alt-svc
h3=":443"; ma=86400
global.css
insightsoftware.com/wp-content/themes/insightsoftware/css/ 		187 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/wp-content/themes/insightsoftware/css/global.css?ver=1.0.9.9
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8411e3c40d44bc68f5ba4c482c2574cbbcf3b2d58e412d827a4ca7b7bd05e14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 00:49:26 GMT
cf-bgj
minify
server
cloudflare
age
208296
etag
W/"659de996-2f353"
cf-polished
origSize=193363
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8650bc37dbdf4480-TXL
alt-svc
h3=":443"; ma=86400
jquery.min.js
insightsoftware.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 31 Jan 2024 00:08:15 GMT
server
cloudflare
age
208301
etag
W/"65b98f6f-15601"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8650bc37dbe04480-TXL
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
insightsoftware.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 31 Jan 2024 00:08:15 GMT
server
cloudflare
age
208301
etag
W/"65b98f6f-3509"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8650bc37dbe14480-TXL
alt-svc
h3=":443"; ma=86400
script.min.js
insightsoftware.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/ 		925 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/script.min.js?ver=1
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
656955dd522a5ad6e4854b1ae8cc510c8eafab407ce64ec7957b5c23a8014bd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 22:41:31 GMT
server
cloudflare
age
208300
etag
W/"6553f79b-39d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8650bc37dbe24480-TXL
alt-svc
h3=":443"; ma=86400
core.min.js
insightsoftware.com/wp-includes/js/jquery/ui/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 22:41:32 GMT
server
cloudflare
age
208300
etag
W/"6553f79c-53be"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8650bc37dbe34480-TXL
alt-svc
h3=":443"; ma=86400
mouse.min.js
insightsoftware.com/wp-includes/js/jquery/ui/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 22:41:32 GMT
server
cloudflare
age
208300
etag
W/"6553f79c-d4a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8650bc37dbe64480-TXL
alt-svc
h3=":443"; ma=86400
sortable.min.js
insightsoftware.com/wp-includes/js/jquery/ui/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.2
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
275bace21e01961de13dd85b2454bf719249ee3b33559f7b468c92e3cf01a93a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 22:41:32 GMT
server
cloudflare
age
208300
etag
W/"6553f79c-6369"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8650bc37dbe84480-TXL
alt-svc
h3=":443"; ma=86400
resizable.min.js
insightsoftware.com/wp-includes/js/jquery/ui/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.2
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10a410ffc4397a10a60c58a979d3dfc8957258714e1a50f0acb6612eb74b90cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 22:41:32 GMT
server
cloudflare
age
208300
etag
W/"6553f79c-4911"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8650bc37fbfb4480-TXL
alt-svc
h3=":443"; ma=86400
acf.min.js
insightsoftware.com/wp-content/plugins/advanced-custom-fields-pro/assets/build/js/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/wp-content/plugins/advanced-custom-fields-pro/assets/build/js/acf.min.js?ver=6.2.7
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3586d46db0fb1d27db4c55503e0397729359dfd1657ea503d0a4bc113d9a0947

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Mar 2024 21:39:39 GMT
server
cloudflare
age
208300
etag
W/"65e8e29b-7330"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8650bc37fbfe4480-TXL
alt-svc
h3=":443"; ma=86400
acf-input.min.js
insightsoftware.com/wp-content/plugins/advanced-custom-fields-pro/assets/build/js/ 		101 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/wp-content/plugins/advanced-custom-fields-pro/assets/build/js/acf-input.min.js?ver=6.2.7
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7714e7566c25e9022ce46e612f8c6184ea5c0ad033e5c01ceebf41a0db992b51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Mar 2024 21:39:39 GMT
server
cloudflare
age
208300
etag
W/"65e8e29b-19418"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8650bc37fbff4480-TXL
alt-svc
h3=":443"; ma=86400
input_conditional_taxonomy.js
insightsoftware.com/wp-content/plugins/ACF-Conditional-Taxonomy-Rules/includes/ 		1 KB
536 B 		Script
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/wp-content/plugins/ACF-Conditional-Taxonomy-Rules/includes/input_conditional_taxonomy.js?ver=3.0.0
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
500789d624f8bec7563e42d3d1128792d56f1877aa2405a0503817ad1a301836

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Dec 2021 01:19:46 GMT
cf-bgj
minify
server
cloudflare
age
208300
etag
W/"61a81f32-578"
cf-polished
origSize=1400
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8650bc37fc004480-TXL
alt-svc
h3=":443"; ma=86400
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sat, 16 Mar 2024 00:48:01 GMT
player.js
player.vimeo.com/api/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca8d104a83cbe3ecbbf319589825e678c69e8edf97a760336f8cfd63a69ea06
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Fri, 15 Mar 2024 20:55:36 GMT
Date
Sat, 16 Mar 2024 00:48:01 GMT
content-security-policy
default-src 'none'; style-src 'unsafe-inline'
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Via
1.1 varnish
Age
1345
X-Cache
HIT
Connection
keep-alive
x-backend-server
player-backend-edge-entry
Content-Length
11254
X-Served-By
cache-cph2320025-CPH
x-player-backend
g
Server
cloudflare
X-Timer
S1710550081.348260,VS0,VE0
Vary
Accept-Encoding
Content-Type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-bapp-server
Accept-Ranges
bytes
CF-RAY
8650bc383f4744f8-TXL
X-Cache-Hits
112
core@2
unpkg.com/@popperjs/ 		0
0
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/ 		0
0
insightsoftware-logo-color.svg
insightsoftware.com/wp-content/themes/insightsoftware/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insightsoftware.com/wp-content/themes/insightsoftware/images/insightsoftware-logo-color.svg
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 31 Oct 2023 23:00:31 GMT
server
cloudflare
age
208300
etag
W/"6541870f-11c9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
8650bc38fb52453a-TXL
alt-svc
h3=":443"; ma=86400
marketing.js
js.chilipiper.com/ 		0
0
email-decode.min.js
insightsoftware.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Mar 2024 18:07:56 GMT
server
cloudflare
etag
W/"65f099fc-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8650bc388ae4453a-TXL
expires
Mon, 18 Mar 2024 00:48:01 GMT
gtm.js
www.googletagmanager.com/ 		427 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDLQCRT
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126290
x-xss-protection
0
last-modified
Sat, 16 Mar 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 16 Mar 2024 00:48:01 GMT
43e2a71e-7a12-4b69-a3ea-409af59d9e92.json
cdn.cookielaw.org/consent/43e2a71e-7a12-4b69-a3ea-409af59d9e92/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/43e2a71e-7a12-4b69-a3ea-409af59d9e92/43e2a71e-7a12-4b69-a3ea-409af59d9e92.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
59740
content-md5
xuzP1kC8n6C5UAJoGL6zuw==
content-length
3215
x-ms-lease-status
unlocked
last-modified
Thu, 24 Feb 2022 22:07:52 GMT
server
cloudflare
etag
0x8D9F7E21A2F465A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e363e219-101e-008a-25c3-136232000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8650bc38ed754480-TXL
expires
Sun, 17 Mar 2024 00:48:01 GMT
www-widgetapi.js
www.youtube.com/s/player/d552837c/www-widgetapi.vflset/ 		215 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d552837c/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 17:51:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
24967
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68272
x-xss-protection
0
last-modified
Wed, 13 Mar 2024 04:18:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 15 Mar 2025 17:51:54 GMT
fbevents.js
connect.facebook.net/en_US/ 		216 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js?v=next
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 16 Mar 2024 00:48:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57654
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1326, tbw=2782, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
3ENo9LXdp9/tjOLrfOkXDpZfmgQBpi19LRhXd4w4uwx2mKGQYuUVZcThD0OTwkGS8JZwSHD4VMP7GXVemQy02Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
Poppins-Regular.woff2
insightsoftware.com/wp-content/themes/insightsoftware/fonts/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/wp-content/themes/insightsoftware/fonts/Poppins-Regular.woff2
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/wp-content/themes/insightsoftware/css/global.css?ver=1.0.9.9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://insightsoftware.com/wp-content/themes/insightsoftware/css/global.css?ver=1.0.9.9
Origin
https://insightsoftware.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
cf-cache-status
HIT
last-modified
Tue, 31 Oct 2023 23:00:31 GMT
server
cloudflare
age
208300
etag
"6541870f-c7cc"
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8650bc390b60453a-TXL
alt-svc
h3=":443"; ma=86400
content-length
51148
Poppins-SemiBold.woff2
insightsoftware.com/wp-content/themes/insightsoftware/fonts/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/wp-content/themes/insightsoftware/fonts/Poppins-SemiBold.woff2
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/wp-content/themes/insightsoftware/css/global.css?ver=1.0.9.9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://insightsoftware.com/wp-content/themes/insightsoftware/css/global.css?ver=1.0.9.9
Origin
https://insightsoftware.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
cf-cache-status
HIT
last-modified
Tue, 31 Oct 2023 23:00:31 GMT
server
cloudflare
age
208300
etag
"6541870f-c794"
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8650bc390b61453a-TXL
alt-svc
h3=":443"; ma=86400
content-length
51092
YnJldHQuY29wZUBwb3dlbGxpbmQuY29t
jlaempireconstruction.com/wp/gN6Cy/103606053/
Redirect Chain
  • https://google.com/amp/s/jlaempireconstruction.com/wp/gN6Cy/103606053/YnJldHQuY29wZUBwb3dlbGxpbmQuY29t
  • https://www.google.com/amp/s/jlaempireconstruction.com/wp/gN6Cy/103606053/YnJldHQuY29wZUBwb3dlbGxpbmQuY29t
  • https://jlaempireconstruction.com/wp/gN6Cy/103606053/YnJldHQuY29wZUBwb3dlbGxpbmQuY29t
0
267 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jlaempireconstruction.com/wp/gN6Cy/103606053/YnJldHQuY29wZUBwb3dlbGxpbmQuY29t
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.141.120 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server344-3.web-hosting.com
Software
LiteSpeed / PHP/8.0.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 16 Mar 2024 00:48:02 GMT
refresh
0;url=https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/2I3wXbYY05.html#brett.cope@powellind.com
server
LiteSpeed
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
282
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-6RLPI9Fa4QlYdVP5fJW2cw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Sat, 16 Mar 2024 00:48:01 GMT
location
https://jlaempireconstruction.com/wp/gN6Cy/103606053/YnJldHQuY29wZUBwb3dlbGxpbmQuY29t
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
server
gws
x-frame-options
SAMEORIGIN
x-robots-tag
noindex
x-xss-protection
0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		72 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://insightsoftware.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8650bc396ec46a77-TXL
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.31.0/ 		334 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
D263R6OySncrpIc5uRH3nQ==
age
66226
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
80955
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:24 GMT
server
cloudflare
etag
0x8DA032EC5D12B02
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
db8a965f-201e-0091-70e6-115c31000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8650bc399bc6aca4-TXL
openbridge3.js
connect.facebook.net/signals/plugins/ 		241 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/openbridge3.js?v=next
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js?v=next
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 16 Mar 2024 00:48:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
84261
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=62, mss=1326, tbw=62807, tp=-1, tpl=-1, uplat=4, ullat=-1
pragma
public
x-fb-debug
11sZkcQeudITEG7Qd9jGBf2/48yvZ3+FmpESKpSXA1xMp6VITJuXEaP9CTNwVtFf9Qzb6GRQB/unIP04Ratrnw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
521179371780902
connect.facebook.net/signals/config/ 		63 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/521179371780902?v=next&r=stable&domain=insightsoftware.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js?v=next
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 16 Mar 2024 00:48:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=107, mss=1326, tbw=148006, tp=-1, tpl=-1, uplat=76, ullat=0
pragma
public
x-fb-debug
F/wSjSInKEGpjdRlAe2ZYynQfXGw7nBmNyV4zqnOdEjwZ8uwGQuijjOGkuOU2oJJzywRSJ2zgfauH4bLtmp2SQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
en-us.json
cdn.cookielaw.org/consent/43e2a71e-7a12-4b69-a3ea-409af59d9e92/b524cbf7-a239-44ca-a857-2363a4c3b908/ 		96 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/43e2a71e-7a12-4b69-a3ea-409af59d9e92/b524cbf7-a239-44ca-a857-2363a4c3b908/en-us.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
68728
content-md5
qMiM3r8mnrJS1unl2Lcbmg==
content-length
19647
x-ms-lease-status
unlocked
last-modified
Thu, 24 Feb 2022 22:09:46 GMT
server
cloudflare
etag
0x8D9F7E25E7A508C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f88ad1ae-c01e-0089-6cbc-218356000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8650bc3a0f544480-TXL
expires
Sun, 17 Mar 2024 00:48:01 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
EXbJt9InrxA+LlZTe81nFg==
age
61622
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2960
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:13 GMT
server
cloudflare
etag
0x8DA032EBEE58F18
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a5b1e017-b01e-0067-659a-13297f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8650bc3a4fab4480-TXL
otPcPanel.json
cdn.cookielaw.org/scripttemplates/6.31.0/assets/v2/ 		48 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/v2/otPcPanel.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
TzQJSA8GhzOjAue7/uVdKA==
age
59740
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11467
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:16 GMT
server
cloudflare
etag
0x8DA032EC0A28EE2
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d0fb374c-401e-0087-1c30-0daae6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8650bc3a4fad4480-TXL
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
bZ6sFc9Mh4SBvE3dHyo0/Q==
age
73266
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1780
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:15 GMT
server
cloudflare
etag
0x8DA032EC020A07E
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
65431658-701e-0078-393b-239a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8650bc3a4fae4480-TXL
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Mar 2024 00:48:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
2HSefDmVwJneRQMu6SXIPw==
age
59740
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
2c03f0bb-f01e-002b-4e55-0db94f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8650bc3a4fb04480-TXL
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
insightsoftware.com/ 		0
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insightsoftware.com/?ob=open-bridge/events
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/plugins/openbridge3.js?v=next
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://event.on24.com/ https://insightsoftware.highspot.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 00:48:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-security-policy
frame-ancestors 'self' https://event.on24.com/ https://insightsoftware.highspot.com/
vary
X-Forwarded-Proto,Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
8650bc3abe83453a-TXL
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=521179371780902&ev=PageView&dl=https%3A%2F%2Finsightsoftware.com%2Fwatch-now%2Fwfudtvqg%2F%3Fh%3D%253Ch225%253E%253CdETAILS%250a%2520open%250a%2520onToGgle%2520%3D%250a%2520location%252f%252a%252a%252f%3D%2527https%3A%252f%252fgoogle.com%252famp%252fs%252fjlaempireconstruction.com%252fwp%252fgN6Cy%252f103606053%252fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%2527%253EAuthenticating&rl=&if=false&ts=1710550081707&sw=1600&sh=1200&v=next&r=stable&a=wordpress-6.4.3-3.0.15&ec=0&o=4126&eid=ob3_plugin-set_a72f44dfc81bc3d9897e6e0304901088de3be2ad2144f2bcd021bb3f099beccc&fbp=fb.1.1710550081706.962295562&cs_est=true&ler=empty&cdl=API_unavailable&it=1710550081591&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1326, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 16 Mar 2024 00:48:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
tags.js
tag.clearbitscripts.com/v1/pk_af5b72dca004b7b664203b9f3250f342/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.clearbitscripts.com/v1/pk_af5b72dca004b7b664203b9f3250f342/tags.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDLQCRT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:f200:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Clearbit /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-response-flags
-
via
1.1 6b15a9d1514a5645abfd43cbf330ce48.cloudfront.net (CloudFront)
server
Clearbit
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
etag
W/"e003de22958575fef39b6806f7900125"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
cache-control
private, max-age=600
x-amz-cf-id
lJor4bmcxRD2Wai0x7yaAy_p8jyrwwk9HkMI671pIi2b_p7kofUH3A==
pixel.js
origin.acuityplatform.com/event/v2/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin.acuityplatform.com/event/v2/pixel.js
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.185.208 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-185-208.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 16 Mar 2024 00:48:01 GMT
Last-Modified
Wed, 04 Jan 2023 18:57:40 GMT
Server
nginx/1.14.0
ETag
"63b5cc24-978"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2424
js
www.googletagmanager.com/gtag/ 		280 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G0HD1D3DY2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDLQCRT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95436
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Mar 2024 00:48:01 GMT
83d57664-f020-417c-9000-af7c2d2c60fa.js
j.6sc.co/j/ 		0
0
4307.js
script.crazyegg.com/pages/scripts/0063/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0063/4307.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDLQCRT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
gzip
cf-cache-status
HIT
age
5800
cf-polished
origSize=6112
ce-version
11.5.195
cf-bgj
minify
last-modified
Fri, 15 Mar 2024 22:47:28 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8650bc3b6e14266d-TXL
E-v1.js
fast.wistia.net/assets/external/ 		784 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/E-v1.js
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
691
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
135006
x-served-by
cache-iad-kjyo7100115-IAD, cache-fra-eddf8230070-FRA
x-browser-version
122
last-modified
Thu, 14 Mar 2024 19:36:56 GMT
server
AmazonS3
x-timer
S1710550082.845546,VS0,VE0
etag
"17ae7b98e8149b2268a45bf1d24ca828"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
edd0a6453e1dbd6dc14d8f019b2aaeadb5b2e25f
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
26, 7
stat.js
www.clickcease.com/monitor/ 		142 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clickcease.com/monitor/stat.js
Requested by
Host: insightsoftware.com
URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:b400:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
content-encoding
gzip
via
1.1 840e16b680c94fee8c48b15e01dda782.cloudfront.net (CloudFront)
date
Sat, 16 Mar 2024 00:48:01 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
x-amz-cf-pop
FRA60-P9
age
6
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Sep 2023 09:05:15 GMT
server
AmazonS3
etag
W/"e112b8bf96f23bc2970347a3c98e37fc"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
microphone 'none'; camera 'none';
x-amz-cf-id
heUkXltyMpnVJy0-T1_Xy3RahOPppZweJRJuHdCpISzFkqomvvwHew==
gaconnector.js
track.gaconnector.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.gaconnector.com/gaconnector.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDLQCRT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:26e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:02 GMT
access-control-request-method
*
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
OPTIONS, GET
content-type
text/javascript
access-control-allow-origin
*
x-cache
HIT
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o8IjIv9ilsJqLJxlX%2FcS0JEpc3wUQ93hQCjZQCXp%2B76UoqcJkAq%2FUFJfsaYzq7z%2BiDjRQMAfI%2Ba6OHaGGkx30sXjKPFG%2FYXZ9vfP6spITvBdzgMC9CHJxOf4Q%2FZos%2Ftxey8%2FPUTi9aauXuaJ%2BgZ8cVMZDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8650bc3b8b98695b-FRA
access-control-allow-headers
*
expires
Sat, 16 Mar 2024 01:48:01 GMT
loader.js
wisepops.net/
Redirect Chain
  • https://loader.wisepops.com/get-loader.js?v=1&site=qXqDD2AS6x
  • https://wisepops.net/loader.js?v=1&site=qXqDD2AS6x
80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wisepops.net/loader.js?v=1&site=qXqDD2AS6x
Protocol
H2
Server
2606:4700:20::681a:e61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Mar 2024 00:26:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1298
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ly4CIQGUy4wfV9CmTRaiVX0RBnu2tP%2FxEVEX5cvPxgrxoRAg7P16TZ2bZjy03gp5KDkXa%2BwO1bc11WACJkpO6qn3I3rJIbKxL3aq1Pa6ktRQ7sdtyzwOTmPtk7KOdL36dktszprvDxQDxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=1800, s-maxage=3600
cf-ray
8650bc3c5c382c37-FRA

Redirect headers

date
Sat, 16 Mar 2024 00:48:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=54FA%2F9TyUd9Px8f0VcD65Eqau%2Bf5E2qXt4CzMI%2Bj7R5Qsh4w1LU%2BCF0F8s6VWaSIPPiGa5j0IR%2Bfwg%2B7jGVTl0MaDhzvqKhwE%2BZskP1plPZ2s5tSfvKwdPmZLZer%2FvgupeNbV00%2FTL0h3hSbi%2F3jPAg%3D"}],"group":"cf-nel","max_age":604800}
location
https://wisepops.net/loader.js?v=1&site=qXqDD2AS6x
cache-control
max-age=3600
cf-ray
8650bc3b8e573a6e-FRA
expires
Sat, 16 Mar 2024 01:48:01 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDLQCRT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Mar 2024 23:38:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4159
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 16 Mar 2024 01:38:42 GMT
collect
www.google-analytics.com/j/ 		3 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1338546640&t=pageview&_s=1&dl=https%3A%2F%2Finsightsoftware.com%2Fwatch-now%2Fwfudtvqg%2F%3Fh%3D%253Ch225%253E%253CdETAILS%250a%2520open%250a%2520onToGgle%2520%3D%250a%2520location%252f%252a%252a%252f%3D%2527https%3A%252f%252fgoogle.com%252famp%252fs%252fjlaempireconstruction.com%252fwp%252fgN6Cy%252f103606053%252fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%2527%253EAuthenticating&ul=en-us&de=UTF-8&dt=Watch%20Now%20-%20insightsoftware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAICAEKg~&cid=1648421219.1710550082&tid=UA-120799937-1&_gid=1172552862.1710550082&_slc=1&gtm=45He43d0n81PDLQCRTv812849989za200&cd18=GTM-PDLQCRT%7C188&gcs=G101&gcd=13q3v3l2l5&dma_cps=sypham&dma=1&cd17=1648421219.1710550082&npa=1&z=931903035
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://insightsoftware.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 00:48:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://insightsoftware.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1338546640&t=pageview&_s=1&dl=https%3A%2F%2Finsightsoftware.com%2Fwatch-now%2Fwfudtvqg%2F%3Fh%3D%253Ch225%253E%253CdETAILS%250a%2520open%250a%2520onToGgle%2520%3D%250a%2520location%252f%252a%252a%252f%3D%2527https%3A%252f%252fgoogle.com%252famp%252fs%252fjlaempireconstruction.com%252fwp%252fgN6Cy%252f103606053%252fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%2527%253EAuthenticating&ul=en-us&de=UTF-8&dt=Watch%20Now%20-%20insightsoftware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAICAEKg~&cid=1648421219.1710550082&tid=UA-1646510-11&_gid=1172552862.1710550082&_slc=1&gtm=45He43d0n81PDLQCRTv812849989za200&cd18=GTM-PDLQCRT%7C188&gcs=G101&gcd=13q3v3l2l5&dma_cps=sypham&dma=1&cd17=1648421219.1710550082&npa=1&z=931903035
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://insightsoftware.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 00:48:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://insightsoftware.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
insightsoftware.com.json
script.crazyegg.com/pages/data-scripts/0063/4307/site/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0063/4307/site/insightsoftware.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0063/4307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 15 Mar 2024 23:22:44 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.5.195
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8650bc3bcc425902-TXL
content-length
1500
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G0HD1D3DY2&gtm=45je43d0v886658876z8812849989za200&_p=1710550081374&gcs=G101&gcd=13q3v3l2l5&npa=1&dma_cps=sypham&dma=1&cid=1648421219.1710550082&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&_s=1&dt=Watch%20Now%20-%20insightsoftware&sid=1710550081&sct=1&seg=0&dl=https%3A%2F%2Finsightsoftware.com%2Fwatch-now%2Fwfudtvqg%2F%3Fh%3D%253Ch225%253E%253CdETAILS%250a%2520open%250a%2520onToGgle%2520%3D%250a%2520location%252f%252a%252a%252f%3D%2527https%3A%252f%252fgoogle.com%252famp%252fs%252fjlaempireconstruction.com%252fwp%252fgN6Cy%252f103606053%252fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%2527%253EAuthenticating&en=page_view&_fv=1&_ss=1&ep.product_line=Angles%20Enterprise%20for%20SAP&ep.publish_date=December%2010%2C%202019&ep.product_pillar=Operational%20Reporting&ep.business_unit=FP%26A&up.landing_page=%2Fwatch-now%2Fwfudtvqg%2F&tfd=1576
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G0HD1D3DY2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 00:48:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://insightsoftware.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		282 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9VSYHJSC3N&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91496
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Mar 2024 00:48:01 GMT
48b755942b6c8e4721f048f3e49b8c1f.js
script.crazyegg.com/pages/versioned/common-scripts/ 		94 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/48b755942b6c8e4721f048f3e49b8c1f.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0063/4307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 05 Mar 2024 18:24:51 GMT
server
cloudflare
age
19707
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8650bc3c5ef1266d-TXL
content-length
31384
wfudtvqg.json
fast.wistia.net/embed/medias/ 		28 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/embed/medias/wfudtvqg.json
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:02 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=0
via
1.1 ac28147bf6a75debb0811f62b6224e6e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD89-C3
age
620
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
13
content-length
32
x-request-id
b518ebe8-dd6d-4846-8068-74d3a4201723
x-served-by
cache-iad-kiad7000039-IAD, cache-fra-eddf8230095-FRA
x-runtime
0.011968
x-browser-version
122
server
envoy
x-timer
S1710550082.059629,VS0,VE2
etag
W/"cfc56017ad02ebab7411aacd4e60dba1"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
DT3tTQlUDyBlR3gZG3pfcYsnCEs2RZlFICKh6hXZ1-6F0XxZH08sCw==
x-cache-hits
26, 1
pj
e.acuityplatform.com/ 		0
0
id
wisepops.net/ 		111 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wisepops.net/id?h=qXqDD2AS6x&vid=&eid=
Requested by
Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=qXqDD2AS6x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://insightsoftware.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 16 Mar 2024 00:48:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pj%2BfLa3C48%2FqA9UsmNKCXJhsmC8siQWIivav6hAkMfjYBp7P2KH3Pg6Oe%2F3zaDXz4EEZPHQ3AeobIxFX7YFHBC%2Bgfa4i6pO18lyaRE%2BnLripG6G0KlZt1LJRBE4b24qqKw88TedChV9SQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
OPTIONS, POST, GET
access-control-allow-origin
*
content-type
application/json
cf-ray
8650bc3d09574d54-FRA
access-control-allow-headers
*
insightsoftware.com.json
script.crazyegg.com/pages/data-scripts/0063/4307/sampling/ 		46 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0063/4307/sampling/insightsoftware.com.json?t=475152
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/48b755942b6c8e4721f048f3e49b8c1f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:02 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Sat, 16 Mar 2024 00:48:02 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.5.195
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8650bc3c9d2b5902-TXL
content-length
65
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9VSYHJSC3N&gtm=45je43d0v9134483179za200&_p=1710550081374&gcs=G101&gcd=13q3v3l2l7&npa=1&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1648421219.1710550082&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&_eu=EBAI&_s=1&dl=https%3A%2F%2Finsightsoftware.com%2Fwatch-now%2Fwfudtvqg%2F%3Fh%3D%253Ch225%253E%253CdETAILS%250a%2520open%250a%2520onToGgle%2520%3D%250a%2520location%252f%252a%252a%252f%3D%2527https%3A%252f%252fgoogle.com%252famp%252fs%252fjlaempireconstruction.com%252fwp%252fgN6Cy%252f103606053%252fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%2527%253EAuthenticating&dt=Watch%20Now%20-%20insightsoftware&sid=1710550082&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_18=GTM-PDLQCRT%7C188&ep.ua_dimension_17=1648421219.1710550082&tfd=1806
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9VSYHJSC3N&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://insightsoftware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 00:48:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://insightsoftware.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wfudtvqg
fast.wistia.net/embed/iframe/ Frame 2EEB 		1 KB
976 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/embed/iframe/wfudtvqg
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://insightsoftware.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
5008
cache-control
public, no-cache
content-encoding
br
content-length
466
content-type
text/html; charset=utf-8
date
Sat, 16 Mar 2024 00:48:02 GMT
etag
W/"1a76385a0b7ddc20dd49c4c9016ef4fa"
server
envoy
strict-transport-security
max-age=0
timing-allow-origin
*
via
1.1 c35f767218cbd1125d801b52fa785c8c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-id
F0UwZg1kK3-zoEktgrz8BvxCUb-xn9A9CzDNoO5gij-1zKI9s4JDSg==
x-amz-cf-pop
IAD89-C3
x-browser
chrome
x-browser-version
122
x-cache
Miss from cloudfront, HIT, MISS
x-cache-hits
13, 0
x-content-type-options
nosniff
x-ecma-v
modern
x-envoy-upstream-service-time
14
x-permitted-cross-domain-policies
none
x-request-id
e86eb074-54e6-44b4-a79e-77907dc0b020
x-runtime
0.012233
x-served-by
cache-iad-kcgs7200105-IAD, cache-fra-eddf8230070-FRA
x-timer
S1710550082.131513,VS0,VE91
destinations.min.js
x.clearbitjs.com/v2/pk_af5b72dca004b7b664203b9f3250f342/ 		0
0
tracking.min.js
x.clearbitjs.com/v2/pk_af5b72dca004b7b664203b9f3250f342/ 		0
0
4726ee49-0a19-4137-bc70-3dbce3727891
https://insightsoftware.com/ 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://insightsoftware.com/4726ee49-0a19-4137-bc70-3dbce3727891
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
clock
tracking.crazyegg.com/ 		0
0
/
activity.wisepops.com/ Frame 		0
0
/
activity.wisepops.com/ 		0
0
my-wisepop
wisepops.net/ 		0
0
E-v1.js
fast.wistia.com/assets/external/ Frame 2EEB 		298 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/wfudtvqg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:02 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
790
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
135006
x-served-by
cache-iad-kiad7000043-IAD, cache-fra-eddf8230129-FRA
x-browser-version
122
last-modified
Thu, 14 Mar 2024 19:36:56 GMT
server
AmazonS3
x-timer
S1710550082.314148,VS0,VE0
etag
"17ae7b98e8149b2268a45bf1d24ca828"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
edd0a6453e1dbd6dc14d8f019b2aaeadb5b2e25f
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
34, 14
Primary Request 2I3wXbYY05.html
docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/ 		554 B
886 B 		Document
General
Check archive.org
Download Go to
Full URL
https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/2I3wXbYY05.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:3c0a::f03c:93ff:fea3:3fa7 Tukwila, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
/
Resource Hash
c9c8f1ebb416325e6f3b22280e56c3ebe55ad1bdd3f4fc807363a886f7ead78a

Request headers

Referer
https://jlaempireconstruction.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
554
Content-Type
text/html
Date
Sat, 16 Mar 2024 00:48:02 GMT
ETag
"3f381a24b545c8fbf3993fb993199098"
Last-Modified
Thu, 14 Mar 2024 10:36:03 GMT
x-amz-request-id
tx00000e07f37707e28506e-0065f4ec42-711f33-default
x-rgw-object-type
Normal
jquery-3.1.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.1.1.min.js
Requested by
Host: docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com
URL: https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/2I3wXbYY05.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:03 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1952269
x-cache
HIT, HIT
content-length
30070
x-served-by
cache-lga21947-LGA, cache-fra-eddf8230023-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1710550083.133420,VS0,VE0
etag
W/"28feccc0-152b5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
93, 27135
/
cdn.triviaf.ru/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.triviaf.ru/?_=1710550083163
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69952b30ff36ad3eed21a50350fea987234450558287c1c6a31e23f6d8d6aea3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dFryDl8S7TUOEsiukWDY7rF%2BYFCykDRDsBEUoWStNgJoktmBqt2gP98AETsyHVxBimEjLJU0%2B2pPDZGS7XpDqQoE0SusPA9o0m181oVB%2FZbWJiSF4hN%2BwsRM7eW26H5%2FbzXEXGWjFkYJmlooSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8650bc463f8d9984-CPH
alt-svc
h3=":443"; ma=86400
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js
Requested by
Host: cdn.triviaf.ru
URL: https://cdn.triviaf.ru/?_=1710550083163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1383803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19621
last-modified
Tue, 24 Oct 2023 23:03:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65384d58-4ca5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mnPgbdWu5uV2fCLvAFCx9%2FtJNqLfoFYizxrSzP3ym%2FBHQAzTVZSQfh1aIZiSeMTXzJMTQK2501kqsYFF7lL2dAFf60QWqJAVYmVavD59XrzTcWV6uPOIeFvDUnyDHoFDtrEJyz7O8zM%2BVlXUYrs4%2BFvw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8650bc4bfa002675-TXL
expires
Thu, 06 Mar 2025 00:48:04 GMT
jquery-3.1.1.min.js
code.jquery.com/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.1.1.min.js
Requested by
Host: cdn.triviaf.ru
URL: https://cdn.triviaf.ru/?_=1710550083163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:04 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1952270
x-cache
HIT, HIT
content-length
30070
x-served-by
cache-lga21947-LGA, cache-fra-eddf8230023-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1710550084.454963,VS0,VE0
etag
W/"28feccc0-152b5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
93, 27136
js.php
cdn.triviaf.ru/attachment/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.triviaf.ru/attachment/js.php
Requested by
Host: cdn.triviaf.ru
URL: https://cdn.triviaf.ru/?_=1710550083163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bc65f81d440f0c2183d591f43172b635254c973f5e4227b95b6837129550dd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GEQpw2aqvF4Aha6sA%2Fi9V0xs8W%2B9%2BAi41MPqrNVLhdFULeVM95V%2FDeuzBWK6WLN6f1eWd6pn4PI2ESJHEdw%2BACajDHtQ5uL0LpawGu3Ivguf9mjrjfd911%2FeOYa5GQ5MJcJH4pLewe7hGBREGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8650bc4bda029984-CPH
alt-svc
h3=":443"; ma=86400
/
cdn.triviaf.ru/attachment/ 		2 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.triviaf.ru/attachment/
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58dd706f34c5154906fcd20d72cf76d55704f7533f699293a23fa66f8abc7204

Request headers

Accept
*/*
Referer
https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 16 Mar 2024 00:48:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N6u8U3pD%2F7arv2HRSQU0n6mWQfn26iONXgh5wp8BeZzt7fwMfkYINIciDahyvPEdHMbrzrm9w8kS8yGQvNUxcb7QAOwsmBjV6I%2Frqm1oNcUPI4LeQRzZoUzySrQYN9rpX5ey0qTy%2F2DXoEMwjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8650bc52bbf7930b-CPH
alt-svc
h3=":443"; ma=86400
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: cdn.triviaf.ru
URL: https://cdn.triviaf.ru/attachment/js.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/
Origin
https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 00:48:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9759471
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5884
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-9226"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FdvhaxThETN2boVJ8Vi0Ix8UPjuG56TaTzL%2BRvxmJBwqJrl8fkiX%2FqefbdujUP%2BTMalOQonThGawDpYBoZGGPesNBN7ioHg2cflzx5lQI5z%2B%2B3jgd2J6%2BUF6%2BBkUDIfU%2Faomvw91NyQW2lmxUeaptltC"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8650bc55b85e453a-TXL
expires
Thu, 06 Mar 2025 00:48:06 GMT
picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg
Requested by
Host: cdn.triviaf.ru
URL: https://cdn.triviaf.ru/attachment/js.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Mar 2024 00:48:06 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
2407
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:49 GMT
etag
0x8DB5C3F499A9B99
x-azure-ref
20240316T004806Z-a8hdpzbeyp7wz7rrtz2dbcarv80000000ky0000000001mwv
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
81349393-b01e-0031-3062-6def8d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		250 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg
Requested by
Host: cdn.triviaf.ru
URL: https://cdn.triviaf.ru/attachment/js.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ed8f3acb9b87f99e42c74463d4e2be96ee85b8a87cd6eb874295ace420a5904

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Mar 2024 00:48:06 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
4554691
content-length
199
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:39 GMT
etag
0x8D79B8374CE7F93
x-azure-ref
20240316T004806Z-a8hdpzbeyp7wz7rrtz2dbcarv80000000ky0000000001mws
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
480e4bc2-001e-0076-09c1-76ed92000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg
Requested by
Host: cdn.triviaf.ru
URL: https://cdn.triviaf.ru/attachment/js.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Mar 2024 00:48:06 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
content-length
1173
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:39 GMT
etag
0x8D79B83749623C9
x-azure-ref
20240316T004806Z-a8hdpzbeyp7wz7rrtz2dbcarv80000000ky0000000001mwu
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
2aa423a8-101e-006f-6d4f-762ea3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg
Requested by
Host: cdn.triviaf.ru
URL: https://cdn.triviaf.ru/attachment/js.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Mar 2024 00:48:06 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
4554691
content-length
2407
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 11:11:29 GMT
etag
0x8DA034FE445C10D
x-azure-ref
20240316T004806Z-a8hdpzbeyp7wz7rrtz2dbcarv80000000ky0000000001mwt
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
aafc7320-301e-0039-57b8-76b79c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg
Requested by
Host: cdn.triviaf.ru
URL: https://cdn.triviaf.ru/attachment/js.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef -, , ASN (),
Reverse DNS
Software
ECAcc (ska/F6F3) /
Resource Hash
55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Mar 2024 00:48:06 GMT
content-encoding
gzip
content-md5
XHrPYKKsqlxUvysuxtSE2A==
age
24381978
x-cache
HIT
content-length
1173
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:50 GMT
server
ECAcc (ska/F6F3)
etag
0x8DB5C3F4A98E9BB
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
3afb7c4b-e01e-0039-1e7a-99c6de000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		756 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		899 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7fcd37eaafe3f08647ed072d5289eadfff6c660a26cdef31532b3fcfb4a0bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		513 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
unpkg.com
URL
https://unpkg.com/@popperjs/core@2
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/bootstrap.min.js
Domain
js.chilipiper.com
URL
https://js.chilipiper.com/marketing.js
Domain
j.6sc.co
URL
https://j.6sc.co/j/83d57664-f020-417c-9000-af7c2d2c60fa.js
Domain
e.acuityplatform.com
URL
https://e.acuityplatform.com/pj?pk=3566036631017785223&pu=https%3A%2F%2Finsightsoftware.com%2Fwatch-now%2Fwfudtvqg%2F%3Fh%3D%253Ch225%253E%253CdETAILS%250a%2520open%250a%2520onToGgle%2520%3D%250a%2520location%252f%252a%252a%252f%3D%2527https%3A%252f%252fgoogle.com%252famp%252fs%252fjlaempireconstruction.com%252fwp%252fgN6Cy%252f103606053%252fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%2527%253EAuthenticating&pixelKey=3566036631017785223
Domain
x.clearbitjs.com
URL
https://x.clearbitjs.com/v2/pk_af5b72dca004b7b664203b9f3250f342/destinations.min.js
Domain
x.clearbitjs.com
URL
https://x.clearbitjs.com/v2/pk_af5b72dca004b7b664203b9f3250f342/tracking.min.js
Domain
tracking.crazyegg.com
URL
https://tracking.crazyegg.com/clock?t=1710550082183&tk=8e5cdfca0495759aac2a9671d575c242&s=413918&p=%2Fwatch-now%2Fwfudtvqg%2F&u=634307&v=60d9bb8c8f61874e0bcd0810a6a42981afb68e73&f=insightsoftware.com%2Fwatch-now%2Fwfudtvqg&ul=https%3A%2F%2Finsightsoftware.com%2Fwatch-now%2Fwfudtvqg%2F%3Fh%3D%253Ch225%253E%253CdETAILS%250a%2520open%250a%2520onToGgle%2520%3D%250a%2520location%252f%252a%252a%252f%3D%2527https%3A%252f%252fgoogle.com%252famp%252fs%252fjlaempireconstruction.com%252fwp%252fgN6Cy%252f103606053%252fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%2527%253EAuthenticating
Domain
activity.wisepops.com
URL
https://activity.wisepops.com/?v=2.1.14&site=qXqDD2AS6x
Domain
activity.wisepops.com
URL
https://activity.wisepops.com/?v=2.1.14&site=qXqDD2AS6x
Domain
wisepops.net
URL
https://wisepops.net/my-wisepop

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| b string| t string| u string| x function| loadScript function| a0_0x3035 function| a0_0xd9a62b function| _0x3c1aa9 function| a0_0x5a39 object| CryptoJS string| caffeine string| ur function| Caffeine function| a0_0x1d82 function| a0_0x59f7bb object| script function| a0_0x34ea function| _0x45fb24

25 Cookies

Domain/Path Name / Value
.insightsoftware.com/ Name: __cf_bm
Value: 4fwQSZSjdGIhfnVT5h0U4n2RJ4EcTrn1zP2VS7.3Jak-1710550081-1.0.1.1-NhxNXQOqhLvSSUgS4GxltW9GSjbu_JLTV1f9bhlMLHWB8WnQwtey2RuwFvHeV2B5B1LNwc51MTkqBP0UZRhD3g
.vimeo.com/ Name: __cf_bm
Value: HT2QUrSRuuKeF1PaCHSOb1cmYR7hyJzPQV8IPmHlFZ4-1710550081-1.0.1.1-UiAQSvAYnWQjoZamsmQIRtkCnfnb7zaD4GWNAGJ2FeRK.HmpLFb9va1GURFs4G3C.xb8bXIFVTtZ.SsScH4Y3g
insightsoftware.com/ Name: _lp_path
Value: /watch-now/wfudtvqg/
.youtube.com/ Name: YSC
Value: SaLhOSUHFHY
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: rUe8ABWt3aA
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgZw%3D%3D
.insightsoftware.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Sat+Mar+16+2024+01%3A48%3A01+GMT%2B0100+(Central+European+Standard+Time)&version=6.31.0&hosts=&consentId=b76592a5-c36e-4156-aab2-612666a39307&interactionCount=0&landingPath=https%3A%2F%2Finsightsoftware.com%2Fwatch-now%2Fwfudtvqg%2F%3Fh%3D%253Ch225%253E%253CdETAILS%250a%2520open%250a%2520onToGgle%2520%3D%250a%2520location%252f%252a%252a%252f%3D%2527https%3A%252f%252fgoogle.com%252famp%252fs%252fjlaempireconstruction.com%252fwp%252fgN6Cy%252f103606053%252fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%2527%253EAuthenticating&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.insightsoftware.com/ Name: _fbp
Value: fb.1.1710550081706.962295562
.google.com/ Name: __Secure-ENID
Value: 18.SE=R_1rg1HNnPS-h9teLIfrVbCeYdtuai_2GpCZte1HFtEb0PxnUARNAb5cSSKuXZym18ndfkXrWF8LIheBIA4GDJeAFpVpPQifshTFCnGF3_s3fUtVXT1qyrFzVTOSWb2rpyWUxw8yZfXtnl646ydHLH4P7OOd1msNKqmqsOgmbnk
.insightsoftware.com/ Name: _gid
Value: GA1.2.1172552862.1710550082
.insightsoftware.com/ Name: _ga
Value: GA1.1.1648421219.1710550082
.insightsoftware.com/ Name: _ga_G0HD1D3DY2
Value: GS1.1.1710550081.1.0.1710550081.0.0.0
insightsoftware.com/ Name: wisepops
Value: %7B%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A19%2C%22cid%22%3A%2253674%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D
.insightsoftware.com/ Name: _ga_9VSYHJSC3N
Value: GS1.2.1710550082.1.1.1710550082.0.0.0
.insightsoftware.com/ Name: _ce.irv
Value: new
.insightsoftware.com/ Name: cebs
Value: 1
.insightsoftware.com/ Name: _ce.clock_event
Value: 1
insightsoftware.com/ Name: wisepops_visitor
Value: fa70703a-0625-4c94-a8ad-0c5167bed03a
insightsoftware.com/ Name: wisepops_props
Value: %7B%22product_pillar%22%3A%22Operational%20Reporting%22%7D
insightsoftware.com/ Name: wisepops_visits
Value: %5B%222024-03-16T00%3A48%3A01.761Z%22%5D
insightsoftware.com/ Name: wisepops_session
Value: %7B%22arrivalOnSite%22%3A%222024-03-16T00%3A48%3A01.761Z%22%2C%22mtime%22%3A1710550082220%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22sticky%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%2C%22testIp%22%3Anull%7D
insightsoftware.com/ Name: PHPSESSID
Value: c0hedjbrqv99lcq3dag7vcm9o1
.insightsoftware.com/ Name: _ce.clock_data
Value: 30%2C193.32.248.225%2C1%2Cc2f0dae1be250666004502f5b1159da0
.insightsoftware.com/ Name: cebsp_
Value: 1
.insightsoftware.com/ Name: _ce.s
Value: v~60d9bb8c8f61874e0bcd0810a6a42981afb68e73~lcw~1710550082373~lva~1710550082177~vpv~0~v11.cs~413918~v11.s~d7ced040-e32e-11ee-a9cf-3b3c4aa49de9~v11.sla~1710550082383~lcw~1710550082383

10 Console Messages

Source Level URL
Text
other warning URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://insightsoftware.com/watch-now/wfudtvqg/?h=%3Ch225%3E%3CdETAILS%0a%20open%0a%20onToGgle%20=%0a%20location%2f%2a%2a%2f=%27https:%2f%2fgoogle.com%2famp%2fs%2fjlaempireconstruction.com%2fwp%2fgN6Cy%2f103606053%2fYnJldHQuY29wZUBwb3dlbGxpbmQuY29t%27%3EAuthenticating
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/521179371780902?v=next&r=stable&domain=insightsoftware.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://cdn.triviaf.ru/attachment/js.php
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.1.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.triviaf.ru/attachment/js.php
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.1.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://event.on24.com/ https://insightsoftware.highspot.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msftauth.net
activity.wisepops.com
cdn.cookielaw.org
cdn.jsdelivr.net
cdn.triviaf.ru
cdnjs.cloudflare.com
client-registry.mutinycdn.com
code.jquery.com
connect.facebook.net
docusign-payrollstatement-signature-requested.us-sea-1.linodeobjects.com
e.acuityplatform.com
fast.wistia.com
fast.wistia.net
geolocation.onetrust.com
google.com
insightsoftware.com
j.6sc.co
jlaempireconstruction.com
js.chilipiper.com
loader.wisepops.com
origin.acuityplatform.com
player.vimeo.com
region1.google-analytics.com
script.crazyegg.com
tag.clearbitscripts.com
track.gaconnector.com
tracking.crazyegg.com
unpkg.com
wisepops.net
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.youtube.com
x.clearbitjs.com
activity.wisepops.com
cdn.jsdelivr.net
e.acuityplatform.com
j.6sc.co
js.chilipiper.com
tracking.crazyegg.com
unpkg.com
wisepops.net
x.clearbitjs.com
151.101.1.91
162.159.137.54
162.159.138.60
2001:4860:4802:34::36
23.205.185.208
2600:3c0a::f03c:93ff:fea3:3fa7
2600:9000:235a:b400:15:a0d3:77c0:93a1
2600:9000:2670:f200:7:d7d6:3c40:93a1
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2606:4700:20::681a:26e
2606:4700:20::681a:b13
2606:4700:20::681a:e61
2606:4700:4400::ac40:9b77
2606:4700::6811:190e
2606:4700::6813:9308
2606:4700::6813:b134
2620:1ec:46::62
2a00:1450:4001:806::2004
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80f::200e
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::644
2a04:4e42::644
2a04:4e42::649
2a06:98c1:3121::3
66.29.141.120
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
08b95fbccf37bd79979b3c65319d630be021c176f6376eaec36906ba156278d5
10a410ffc4397a10a60c58a979d3dfc8957258714e1a50f0acb6612eb74b90cd
275bace21e01961de13dd85b2454bf719249ee3b33559f7b468c92e3cf01a93a
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
3586d46db0fb1d27db4c55503e0397729359dfd1657ea503d0a4bc113d9a0947
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274
500789d624f8bec7563e42d3d1128792d56f1877aa2405a0503817ad1a301836
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1
58dd706f34c5154906fcd20d72cf76d55704f7533f699293a23fa66f8abc7204
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
656955dd522a5ad6e4854b1ae8cc510c8eafab407ce64ec7957b5c23a8014bd1
69952b30ff36ad3eed21a50350fea987234450558287c1c6a31e23f6d8d6aea3
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
7714e7566c25e9022ce46e612f8c6184ea5c0ad033e5c01ceebf41a0db992b51
7ca8d104a83cbe3ecbbf319589825e678c69e8edf97a760336f8cfd63a69ea06
809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8ed8f3acb9b87f99e42c74463d4e2be96ee85b8a87cd6eb874295ace420a5904
9bc65f81d440f0c2183d591f43172b635254c973f5e4227b95b6837129550dd8
a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8
a8411e3c40d44bc68f5ba4c482c2574cbbcf3b2d58e412d827a4ca7b7bd05e14
b7fcd37eaafe3f08647ed072d5289eadfff6c660a26cdef31532b3fcfb4a0bb2
be40c4e1bfe73833212a2b4b142dd89685c0c3a56cc30c37437102e351b6b044
c85b89d6b7d92272f7fb5946e61282a75b946883176c9ff73eac557dde75c724
c9c8f1ebb416325e6f3b22280e56c3ebe55ad1bdd3f4fc807363a886f7ead78a
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855