resources.inboxsavvy.com Open in urlscan Pro
34.234.38.43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.sidekickopen71.com/Ctc/2L+23284/cPCXw04/JlF2-6qcW8wLKSR6lZ3mbN3Dv3kL5H_94Vv-8pN68trJTW1qTZ6L5CnHG4W78-WhW6tX_HrW6CS...
Effective URL:
https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
Submission: On August 08 via api (August 8th 2023, 12:01:33 pm UTC) from US — Scanned from DE

Summary HTTP 56 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 22 IPs in 2 countries across 13 domains to perform 56 HTTP transactions. The main IP is 34.234.38.43, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is resources.inboxsavvy.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on May 7th 2023. Valid for: a year.

This is the only time resources.inboxsavvy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6812:192f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.234.38.43 34.234.38.43	14618 (AMAZON-AES) (AMAZON-AES)
8	18.165.183.41 18.165.183.41	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:873b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	65.9.95.77 65.9.95.77	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:8ace	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:6cc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:18c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	3.209.60.230 3.209.60.230	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2011	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
8	52.72.80.146 52.72.80.146	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
56	22

2 2606:4700::6812:192f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.sidekickopen71.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.234.38.43 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-38-43.compute-1.amazonaws.com

resources.inboxsavvy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.165.183.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-41.zrh55.r.cloudfront.net

cdn.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:873b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-77.prg50.r.cloudfront.net

cdn-app.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8ace (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:6cc7 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.209.60.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-60-230.compute-1.amazonaws.com

spcollector.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.72.80.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-80-146.compute-1.amazonaws.com

jukebox.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	pathfactory.com cdn.pathfactory.com — Cisco Umbrella Rank: 121879 cdn-app.pathfactory.com — Cisco Umbrella Rank: 38770 spcollector.pathfactory.com — Cisco Umbrella Rank: 37004 jukebox.pathfactory.com — Cisco Umbrella Rank: 30745	706 KB
9	gstatic.com www.gstatic.com ssl.gstatic.com fonts.gstatic.com	827 KB
8	google.com drive.google.com — Cisco Umbrella Rank: 575 apis.google.com — Cisco Umbrella Rank: 185 play.google.com — Cisco Umbrella Rank: 63	166 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77 content.googleapis.com — Cisco Umbrella Rank: 3179	3 KB
2	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 1098
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4645 forms.hscollectedforms.net — Cisco Umbrella Rank: 4755	26 KB
2	inboxsavvy.com 1 redirects resources.inboxsavvy.com	7 KB
2	sidekickopen71.com 1 redirects t.sidekickopen71.com — Cisco Umbrella Rank: 93445	3 KB
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2254	1 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 103	143 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2192	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2187	21 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2406	1 KB
56	13

	Domain	Requested by
8	jukebox.pathfactory.com	cdn-app.pathfactory.com
8	cdn.pathfactory.com	resources.inboxsavvy.com cdn.pathfactory.com
5	www.gstatic.com	drive.google.com www.gstatic.com
5	spcollector.pathfactory.com	cdn-app.pathfactory.com
4	apis.google.com	www.gstatic.com content.googleapis.com apis.google.com
3	content.googleapis.com	apis.google.com
3	play.google.com	www.gstatic.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ssl.gstatic.com	www.gstatic.com
2	csp.withgoogle.com	t.sidekickopen71.com
2	cdn-app.pathfactory.com	resources.inboxsavvy.com t.sidekickopen71.com
2	resources.inboxsavvy.com	1 redirects t.sidekickopen71.com
2	t.sidekickopen71.com	1 redirects
1	track.hubspot.com
1	lh3.googleusercontent.com	drive.google.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	fonts.googleapis.com	drive.google.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	drive.google.com	resources.inboxsavvy.com
1	js.hs-scripts.com	resources.inboxsavvy.com
56	22

This site contains links to these domains. Also see Links.

Domain
inboxsavvy.com
content.inboxsavvy.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-01` - `2024-04-30`	a year	crt.sh
resources.inboxsavvy.com Amazon RSA 2048 M01	`2023-05-07` - `2024-06-04`	a year	crt.sh
*.pathfactory.com Amazon RSA 2048 M01	`2023-02-19` - `2024-03-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
Frame ID: BF42FBEE96A25AC64DD0DCB9B317983C
Requests: 25 HTTP requests in this frame

Frame: https://drive.google.com/file/d/1I2L676L-iv1_olVQuudJ0Zo79hE65guc/preview?utm_term=personal
Frame ID: EA04B0DA11DA600A5AB7DDF5919A1808
Requests: 18 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.hh2Jqle7bK0.O%2Fd%3D1%2Frs%3DAHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg%2Fm%3D__features__
Frame ID: EEAEDA5653ECC2AFADBDB435622D6B0B
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Navigating the Uncharted: Time to Throw Out a Bad Habit!

Page URL History Show full URLs

https://t.sidekickopen71.com/Ctc/2L+23284/cPCXw04/JlF2-6qcW8wLKSR6lZ3mbN3Dv3kL5H_94Vv-8pN68trJTW1qTZ6L5Cn... Page URL
https://t.sidekickopen71.com/events/public/v1/encoded/track/tc/2L+23284/cPCXw04/JlF2-6qcW8wLKSR6lZ3mbN3Dv... HTTP 307
https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&lb_email=scoward@chubb.com&utm_term=personal HTTP 302
https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

56
Requests

98 %
HTTPS

76 %
IPv6

13
Domains

22
Subdomains

22
IPs

2
Countries

1920 kB
Transfer

6840 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://inboxsavvy.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://content.inboxsavvy.com/ccpa-dns
Title: California Residents - Do not sell my information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.sidekickopen71.com/Ctc/2L+23284/cPCXw04/JlF2-6qcW8wLKSR6lZ3mbN3Dv3kL5H_94Vv-8pN68trJTW1qTZ6L5CnHG4W78-WhW6tX_HrW6CSLQj2ZFkz1V44XpD8XvJHxW6vLTbw9cQd8kVRHL2P1s1vsXW7bHYkp1N3Ng8W15FKlS30WRV6W7LB2VV80NsvHW4fB-yK4R4p5vW6CXn5R54PvDxW4TTs9N9bZT2-W4dCKq68pmHHvVnx1q51HR21bW7lYjhg5w--mBW4QnYTC59CpszVX3GSQ3cg_2PW2L3nZR1-RKKVW67VbVY1t1yLZVzYsTn1c8-MvW1wR8204vZjpyW3jpD6w52Sm45W1-l2xf5y1g_SW4RzbVV6LVpZBW1qZvqq1PLfYJN9dsp9nm-QRLf2lGpdx04 Page URL
https://t.sidekickopen71.com/events/public/v1/encoded/track/tc/2L+23284/cPCXw04/JlF2-6qcW8wLKSR6lZ3mbN3Dv3kL5H_94Vv-8pN68trJTW1qTZ6L5CnHG4W78-WhW6tX_HrW6CSLQj2ZFkz1V44XpD8XvJHxW6vLTbw9cQd8kVRHL2P1s1vsXW7bHYkp1N3Ng8W15FKlS30WRV6W7LB2VV80NsvHW4fB-yK4R4p5vW6CXn5R54PvDxW4TTs9N9bZT2-W4dCKq68pmHHvVnx1q51HR21bW7lYjhg5w--mBW4QnYTC59CpszVX3GSQ3cg_2PW2L3nZR1-RKKVW67VbVY1t1yLZVzYsTn1c8-MvW1wR8204vZjpyW3jpD6w52Sm45W1-l2xf5y1g_SW4RzbVV6LVpZBW1qZvqq1PLfYJN9dsp9nm-QRLf2lGpdx04?_ud=0ca3ce6a-1f67-4c83-9581-932248c1e6ea&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&lb_email=scoward@chubb.com&utm_term=personal HTTP 302
https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 JlF2-6qcW8wLKSR6lZ3mbN3Dv3kL5H_94Vv-8pN68trJTW1qTZ6L5CnHG4W78-WhW6tX_HrW6CSLQj2ZFkz1V44XpD8XvJHxW6vLTbw9cQd8kVRHL2P1s1vsXW7bHYkp1N3Ng8W15FKlS30WRV6W7LB2VV80NsvHW4fB-yK4R4p5vW6CXn5R54PvDxW4TTs9N9bZT...
t.sidekickopen71.com/Ctc/2L+23284/cPCXw04/ 8 KB
3 KB 650ms
397ms Document
text/html 2606:4700::6812:192f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sidekickopen71.com/Ctc/2L+23284/cPCXw04/JlF2-6qcW8wLKSR6lZ3mbN3Dv3kL5H_94Vv-8pN68trJTW1qTZ6L5CnHG4W78-WhW6tX_HrW6CSLQj2ZFkz1V44XpD8XvJHxW6vLTbw9cQd8kVRHL2P1s1vsXW7bHYkp1N3Ng8W15FKlS30WRV6W7LB2VV80NsvHW4fB-yK4R4p5vW6CXn5R54PvDxW4TTs9N9bZT2-W4dCKq68pmHHvVnx1q51HR21bW7lYjhg5w--mBW4QnYTC59CpszVX3GSQ3cg_2PW2L3nZR1-RKKVW67VbVY1t1yLZVzYsTn1c8-MvW1wR8204vZjpyW3jpD6w52Sm45W1-l2xf5y1g_SW4RzbVV6LVpZBW1qZvqq1PLfYJN9dsp9nm-QRLf2lGpdx04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:192f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 7f379ac29fbe9b94-FRA
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 08 Aug 2023 12:01:25 GMT
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-5c4cb998cf-x5ch9
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 32d44252-21ce-4327-aa63-7d0575596a58
x-request-id: 32d44252-21ce-4327-aa63-7d0575596a58
x-robots-tag: none

GET
H2

200

Primary Request ncrc-habit Show response
resources.inboxsavvy.com/c/
Redirect Chain

https://t.sidekickopen71.com/events/public/v1/encoded/track/tc/2L+23284/cPCXw04/JlF2-6qcW8wLKSR6lZ3mbN3Dv3kL5H_94Vv-8pN68trJTW1qTZ6L5CnHG4W78-WhW6tX_HrW6CSLQj2ZFkz1V44XpD8XvJHxW6vLTbw9cQd8kVRHL2P1s...
https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&lb_email=scoward@chubb.com&utm_term=personal
https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal

21 KB
6 KB

253ms
252ms

Document
text/html

34.234.38.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal

Requested by

Host: t.sidekickopen71.com
URL: https://t.sidekickopen71.com/Ctc/2L+23284/cPCXw04/JlF2-6qcW8wLKSR6lZ3mbN3Dv3kL5H_94Vv-8pN68trJTW1qTZ6L5CnHG4W78-WhW6tX_HrW6CSLQj2ZFkz1V44XpD8XvJHxW6vLTbw9cQd8kVRHL2P1s1vsXW7bHYkp1N3Ng8W15FKlS30WRV6W7LB2VV80NsvHW4fB-yK4R4p5vW6CXn5R54PvDxW4TTs9N9bZT2-W4dCKq68pmHHvVnx1q51HR21bW7lYjhg5w--mBW4QnYTC59CpszVX3GSQ3cg_2PW2L3nZR1-RKKVW67VbVY1t1yLZVzYsTn1c8-MvW1wR8204vZjpyW3jpD6w52Sm45W1-l2xf5y1g_SW4RzbVV6LVpZBW1qZvqq1PLfYJN9dsp9nm-QRLf2lGpdx04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.38.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-38-43.compute-1.amazonaws.com

Software

Resource Hash

2092e4ffbe804f85c91b7f9dd3abcf13e2a6770a5e7a5aefd1ea8ec81df68b6d

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.sidekickopen71.com/Ctc/2L+23284/cPCXw04/JlF2-6qcW8wLKSR6lZ3mbN3Dv3kL5H_94Vv-8pN68trJTW1qTZ6L5CnHG4W78-WhW6tX_HrW6CSLQj2ZFkz1V44XpD8XvJHxW6vLTbw9cQd8kVRHL2P1s1vsXW7bHYkp1N3Ng8W15FKlS30WRV6W7LB2VV80NsvHW4fB-yK4R4p5vW6CXn5R54PvDxW4TTs9N9bZT2-W4dCKq68pmHHvVnx1q51HR21bW7lYjhg5w--mBW4QnYTC59CpszVX3GSQ3cg_2PW2L3nZR1-RKKVW67VbVY1t1yLZVzYsTn1c8-MvW1wR8204vZjpyW3jpD6w52Sm45W1-l2xf5y1g_SW4RzbVV6LVpZBW1qZvqq1PLfYJN9dsp9nm-QRLf2lGpdx04
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-security-policy
content-type: text/html; charset=utf-8
date: Tue, 08 Aug 2023 12:01:26 GMT
etag: W/"2092e4ffbe804f85c91b7f9dd3abcf13"
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Accept-Encoding
x-content-type-options: nosniff
x-request-id: 21c78ba8-7ebc-46e2-a148-a89e498a4d75
x-runtime: 0.134449

Redirect headers

cache-control: no-cache
content-security-policy
content-type: text/html; charset=utf-8
date: Tue, 08 Aug 2023 12:01:25 GMT
location: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-request-id: 672193bf-1957-4e5a-b959-a3ad5aba942c
x-runtime: 0.061826

GET
H2 200 roboto_lato.css
cdn.pathfactory.com/web-fonts/roboto_lato/ 5 KB
1 KB 122ms
28ms Stylesheet
text/css 18.165.183.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/web-fonts/roboto_lato/roboto_lato.css
Requested by: Host: resources.inboxsavvy.com
URL: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-41.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3e647bd139028a8b14cd0c42545d61fe316a4a42436a5602b44df99d8d416f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 22:28:42 GMT
content-encoding: gzip
via: 1.1 8f2341b304c32ec6530aa5361edb2fe4.cloudfront.net (CloudFront)
last-modified: Mon, 27 Mar 2023 14:49:12 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 48765
x-amz-server-side-encryption: AES256
etag: W/"6339b6205ef670ae453a1fa9e8740fd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: 33ZtzjIFCG9umlgve3toLLtxygU-O_MhIAmJziCPwnbZTXCA4liqsw==

GET
H2 200 font-awesome.min.css
cdn.pathfactory.com/web-fonts/font-awesome/ 28 KB
7 KB 125ms
31ms Stylesheet
text/css 18.165.183.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/web-fonts/font-awesome/font-awesome.min.css
Requested by: Host: resources.inboxsavvy.com
URL: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-41.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14b6cfd9b2a41bf5ee498086b1fbe2e8a31b1f99d5e040d55bdbe2d95702b6ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:38:23 GMT
content-encoding: gzip
via: 1.1 8f2341b304c32ec6530aa5361edb2fe4.cloudfront.net (CloudFront)
last-modified: Mon, 27 Mar 2023 14:48:49 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 23216
x-amz-server-side-encryption: AES256
etag: W/"d96f1330ac4b04ce0b20d2206236e62c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: e7I4B4zg2c8yi6H9bOOC8pJDTENYHb1si5qerScr7LQeH7cYiOwzDQ==

GET
H2 200 overpass.css
cdn.pathfactory.com/web-fonts/overpass/ 6 KB
982 B 123ms
29ms Stylesheet
text/css 18.165.183.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/web-fonts/overpass/overpass.css
Requested by: Host: resources.inboxsavvy.com
URL: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-41.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 58112726cdedca894ece97c82f091241d25fef9d223c565e1136792db84f6e00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 01:02:09 GMT
content-encoding: gzip
via: 1.1 8f2341b304c32ec6530aa5361edb2fe4.cloudfront.net (CloudFront)
last-modified: Mon, 27 Mar 2023 14:49:01 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 40598
x-amz-server-side-encryption: AES256
etag: W/"3564370037cc83ed92486dfad9b59ea7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: VcY9e8aqB6IYDuXShtV-fE6ShXxGbAO5FDZcbxywEIpCf2IVRIja6g==

GET
H2 200 6709473.js Show response
js.hs-scripts.com/ 1 KB
1 KB 89ms
36ms Script
application/javascript 2606:4700::6812:873b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/6709473.js

Requested by

Host: resources.inboxsavvy.com
URL: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:873b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0731eeccb28bd6e2aedb815e538b0b22b04463b8d65bf276920923847d63481

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 12:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: 8b68d5f3-f826-4142-b0c5-1510b2249a89
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=1504
age: 36
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8b68d5f3-f826-4142-b0c5-1510b2249a89
cf-bgj: minify
last-modified: Tue, 08 Aug 2023 12:00:50 GMT
server: cloudflare
x-trace: 2BCEF7AF24BAA2598B2A540E43526A6AA6F6E1D49A000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://inboxsavvy.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-nbhzm
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 7f379acc29979193-FRA
expires: Tue, 08 Aug 2023 12:02:26 GMT

GET
H2 200 preview Show response
drive.google.com/file/d/1I2L676L-iv1_olVQuudJ0Zo79hE65guc/ Frame EA04 67 KB
20 KB 363ms
309ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/file/d/1I2L676L-iv1_olVQuudJ0Zo79hE65guc/preview?utm_term=personal

Requested by

Host: resources.inboxsavvy.com
URL: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6776e0843b9a2f23a22d34b58615a2b126a0ac7b25d81c85520667c048cd4748

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt script-src 'report-sample' 'nonce-7YU58Wgh-uPBToRl7XeR5Q' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt script-src 'report-sample' 'nonce-7YU58Wgh-uPBToRl7XeR5Q' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/
content-type: text/html; charset=utf-8
date: Tue, 08 Aug 2023 12:01:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: GSE
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, nosnippet
x-xss-protection: 1; mode=block

GET
H2 200 tracks.js Show response
cdn-app.pathfactory.com/production/jukebox/current/ 2 MB
468 KB 121ms
35ms Script
application/javascript 65.9.95.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2
Requested by: Host: resources.inboxsavvy.com
URL: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-77.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71db619af6ed304273a6420f82f052f774db6544e5c68b32270e382049e5b81f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
date: Tue, 08 Aug 2023 04:31:23 GMT
last-modified: Wed, 02 Aug 2023 00:56:44 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 39554
x-amz-server-side-encryption: AES256
etag: W/"c694cc159eb118cbfa721eb3bb8485c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=43200
x-amz-cf-id: 3qe8ScAHABZsLBvy9ZXL5iGQMlHSIXnNJSQ2jhlU4E9tOGF784Ww0Q==

GET
H2 200 6709473.js Show response
js.hs-analytics.net/analytics/1691496000000/ 66 KB
21 KB 216ms
166ms Script
text/javascript 2606:4700::6810:8ace
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1691496000000/6709473.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6709473.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dc34acfcb2a75c0af810eb6fa908cfc7103bea51e90bbabc6b4fe8907e639eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 12:01:26 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: S21CZTWSN4NE2VS3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: b058aed2-1357-4578-96d8-bba61ced9141
x-envoy-upstream-service-time: 17
x-amz-id-2: otGyfgT3vgv0eV6AkBo5mgaIQSgoqSbNxlt7MsoKdZK36O+Ol9Z8aeyIFf0w9jqVjytfUEB+jeg=
x-evy-trace-listener: listener_https
x-request-id: b058aed2-1357-4578-96d8-bba61ced9141
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 20 Jul 2023 16:07:35 GMT
server: cloudflare
etag: W/"1ffe533c334cecf27b8d38eeddc528d5"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-v9vn7
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7f379accaabd30d6-FRA
expires: Tue, 08 Aug 2023 12:06:26 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 182ms
126ms Script
application/javascript 2606:4700::6811:6cc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6709473.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6cc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f54b61a120e0240c98428d76beab031099f4f0379cbc623de071277255088fdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
Origin: https://resources.inboxsavvy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 12:01:26 GMT
x-amz-version-id: 3rNMTio6eswfsQ6sgXOFNNmyULDAVi34
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: f8edf1b0-6871-4a9e-8786-195ae651c8c2
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.380/bundles/project.js&cfRay=7f379accbf494d4c-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f8edf1b0-6871-4a9e-8786-195ae651c8c2
last-modified: Mon, 10 Jul 2023 09:43:19 UTC
server: cloudflare
etag: W/"85b7f9af32b27bd6cc93e80bfb2911df"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-ksc82
cf-ray: 7f379accbf494d4c-FRA
x-amz-cf-id: TIU1eYqoAzUaUcvql_q-yjxydIe2b-kXJbdzxOU0ZJdeUX6qtjcPRg==
x-hs-target-asset: collected-forms-embed-js/static-1.380/bundles/project.js

GET
H2 200 6709473.js Show response
js.hs-banner.com/ 61 KB
16 KB 197ms
142ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/6709473.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6709473.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1d0051040ce009b04d8cfdec3e8cc5c07941181410a80739a543f674afa4328

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 12:01:26 GMT
x-amz-version-id: wLx9JgUFHHjWDYWG47nLmMH6raUYwYeP
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 3MK7423KHKD9DV4A
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 7e5cebb2-08f9-402a-b219-42c856da8563
x-envoy-upstream-service-time: 42
x-amz-id-2: +25NjtHuqpVn4r58rIDgHs3R/6MYFy/t0pXNALS3n824+XE2R+xTpgW9Pd+RgTWuvnqcPiLKu0P+Y2KZHemhRQ==
x-evy-trace-listener: listener_https
x-request-id: 7e5cebb2-08f9-402a-b219-42c856da8563
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 17 Apr 2023 15:57:13 GMT
server: cloudflare
etag: W/"086342c2b220f92e330beb38fd609152"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://resources.ebulletins.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-v9vn7
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7f379accb942366e-FRA
expires: Tue, 08 Aug 2023 12:06:26 GMT

HEAD
H/1.1 200
OK tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ 0
0 480ms
114ms Fetch
image/gif 3.209.60.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.60.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-60-230.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 12:01:27 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43

GET
H2 200 css
fonts.googleapis.com/ Frame EA04 21 KB
2 KB 87ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:300,400,500,700

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/1I2L676L-iv1_olVQuudJ0Zo79hE65guc/preview?utm_term=personal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 12:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 11:06:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 12:01:26 GMT

GET
H2 200 rs=AO0039tmGJxdCYYn4BAWBTFrKdHtyo24sA
www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.V9V1-txqK7s.L.W.O/am=AAAAAg/d=0/ Frame EA04 2 MB
226 KB 86ms
31ms Stylesheet
text/css 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.V9V1-txqK7s.L.W.O/am=AAAAAg/d=0/rs=AO0039tmGJxdCYYn4BAWBTFrKdHtyo24sA

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/1I2L676L-iv1_olVQuudJ0Zo79hE65guc/preview?utm_term=personal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f774e373f58bd571819128fcd14533fabfa7e45330da1f4656ea21346b65d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 230842
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 05:04:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Aug 2024 13:52:52 GMT

GET
H2 200 m=v,wb Show response
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.qrx6APR7WtE.O/am=AAAAAg/d=1/rs=AO0039sb9rQVNCmFSC1x6ak268qKWn_aUA/ Frame EA04 1 MB
453 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.qrx6APR7WtE.O/am=AAAAAg/d=1/rs=AO0039sb9rQVNCmFSC1x6ak268qKWn_aUA/m=v,wb

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/1I2L676L-iv1_olVQuudJ0Zo79hE65guc/preview?utm_term=personal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02541fdb924ca638c08ae501ac1531aa42311a8d830f9938e79d868e2b22bc29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 15:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 463863
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 22:06:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Aug 2024 15:40:54 GMT

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
438 B 145ms
144ms XHR
application/json 2606:4700::6811:6cc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=6709473&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6cc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc04d99944bb1ab1d55d038f3cebb0a37bec13ddc35337f51118bcdbaa11404

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 12:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d8485d1f-8326-4344-a908-e943db963c4c
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d8485d1f-8326-4344-a908-e943db963c4c
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://resources.inboxsavvy.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-qrxbq
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7f379ace99bb4d4c-FRA

POST
H2 204 docs-tt
csp.withgoogle.com/csp/ Frame EA04 0
0 102ms
33ms Other
text/html 2a00:1450:4001:830::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/docs-tt
Requested by: Host: t.sidekickopen71.com
URL: https://t.sidekickopen71.com/Ctc/2L+23284/cPCXw04/JlF2-6qcW8wLKSR6lZ3mbN3Dv3kL5H_94Vv-8pN68trJTW1qTZ6L5CnHG4W78-WhW6tX_HrW6CSLQj2ZFkz1V44XpD8XvJHxW6vLTbw9cQd8kVRHL2P1s1vsXW7bHYkp1N3Ng8W15FKlS30WRV6W7LB2VV80NsvHW4fB-yK4R4p5vW6CXn5R54PvDxW4TTs9N9bZT2-W4dCKq68pmHHvVnx1q51HR21bW7lYjhg5w--mBW4QnYTC59CpszVX3GSQ3cg_2PW2L3nZR1-RKKVW67VbVY1t1yLZVzYsTn1c8-MvW1wR8204vZjpyW3jpD6w52Sm45W1-l2xf5y1g_SW4RzbVV6LVpZBW1qZvqq1PLfYJN9dsp9nm-QRLf2lGpdx04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drive.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H3 200 rs=AA2YrTvm7jYwbsf0XJQAawQfYZUzWCjBcQ Show response
www.gstatic.com/og/_/js/k=og.qtm.en_US.qBvQgeXyYcU.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ Frame EA04 107 KB
38 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/js/k=og.qtm.en_US.qBvQgeXyYcU.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvm7jYwbsf0XJQAawQfYZUzWCjBcQ

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/1I2L676L-iv1_olVQuudJ0Zo79hE65guc/preview?utm_term=personal

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd28591f8925c77ed5aba28d8a569a5b231fa39ac36c77cb0d089ded22d729f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39280
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 01:42:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Aug 2024 08:00:46 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.hh2Jqle7bK0.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg/ Frame EA04 118 KB
40 KB 86ms
22ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.hh2Jqle7bK0.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg/cb=gapi.loaded_0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.qBvQgeXyYcU.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvm7jYwbsf0XJQAawQfYZUzWCjBcQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d973cc0f5e02b5e5b73d9f1e3474b79843febb64fed861b5b51508b1938f87bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 10:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40824
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 15:22:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Aug 2024 10:58:22 GMT

GET
H3 200 m=MpJwZc,UUJqVe,syj,sy4,syk,s39S4,syl,sy19,pw70Gc Show response
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.qrx6APR7WtE.O/am=AAAAAg/d=0/rs=AO0039sb9rQVNCmFSC1x6ak268qKWn_aUA/ Frame EA04 10 KB
4 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.qrx6APR7WtE.O/am=AAAAAg/d=0/rs=AO0039sb9rQVNCmFSC1x6ak268qKWn_aUA/m=MpJwZc,UUJqVe,syj,sy4,syk,s39S4,syl,sy19,pw70Gc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.qrx6APR7WtE.O/am=AAAAAg/d=1/rs=AO0039sb9rQVNCmFSC1x6ak268qKWn_aUA/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a7f7c3f9f141a0a797054c134bddc0ebbd301d5f01f567eeb6e44a05e4d57e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 17:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 498551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4182
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 22:06:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 17:32:16 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.hh2Jqle7bK0.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg/ Frame EA04 202 KB
70 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.hh2Jqle7bK0.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg/cb=gapi.loaded_1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c68d757761438f5d62b7ce424f7663c5120863eacaaee41c93b8e6a5bde6b0b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 23:38:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71143
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 15:22:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 23:38:17 GMT

POST
H2 200 log Show response
play.google.com/ Frame EA04 131 B
579 B 112ms
58ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.qrx6APR7WtE.O/am=AAAAAg/d=1/rs=AO0039sb9rQVNCmFSC1x6ak268qKWn_aUA/m=v,wb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 08 Aug 2023 12:01:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drive.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 08 Aug 2023 12:01:27 GMT

GET
H2 200 v-sprite51.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame EA04 113 KB
49 KB 79ms
22ms Image
image/svg+xml 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite51.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.V9V1-txqK7s.L.W.O/am=AAAAAg/d=0/rs=AO0039tmGJxdCYYn4BAWBTFrKdHtyo24sA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4ca2de08c4e5dbb1b940fe7d702fe67c45e6bffa79f5fb1ef1b7fd3ffa6ffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 10:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 437186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49150
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 19:58:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Fri, 02 Aug 2024 10:35:01 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame EA04 33 KB
34 KB 75ms
21ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drive.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 06:16:50 GMT
x-content-type-options: nosniff
age: 279877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 06:16:50 GMT

POST
H2 200 log Show response
play.google.com/ Frame EA04 131 B
273 B 91ms
62ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.qrx6APR7WtE.O/am=AAAAAg/d=1/rs=AO0039sb9rQVNCmFSC1x6ak268qKWn_aUA/m=v,wb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 08 Aug 2023 12:01:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drive.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 08 Aug 2023 12:01:27 GMT

GET
H2 200 AITFw-yVzfy9qMEefOuwcNOWmnkQnuiPqWvmj6GShTc5vP3a2Kaf5fuVNMp2VFyY9wjJr75GdW0_gtwB5ahJaswr66XBxZDdow=w1920-h1080-k-pd
lh3.googleusercontent.com/drive-viewer/ Frame EA04 143 KB
143 KB 273ms
219ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/drive-viewer/AITFw-yVzfy9qMEefOuwcNOWmnkQnuiPqWvmj6GShTc5vP3a2Kaf5fuVNMp2VFyY9wjJr75GdW0_gtwB5ahJaswr66XBxZDdow=w1920-h1080-k-pd

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/1I2L676L-iv1_olVQuudJ0Zo79hE65guc/preview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a1ae49fb99cd38144beace481d0e0b4deea581ed798d3ad314134b42f3b1bd4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 12:01:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="April 10 - Time to Throw Out a Bad Habit.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146395
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=sy1p,sy34,sAbmxd Show response
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.qrx6APR7WtE.O/am=AAAAAg/d=0/rs=AO0039sb9rQVNCmFSC1x6ak268qKWn_aUA/ Frame EA04 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.qrx6APR7WtE.O/am=AAAAAg/d=0/rs=AO0039sb9rQVNCmFSC1x6ak268qKWn_aUA/m=sy1p,sy34,sAbmxd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.qrx6APR7WtE.O/am=AAAAAg/d=1/rs=AO0039sb9rQVNCmFSC1x6ak268qKWn_aUA/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f5c06e4f33322e50208ebdd23ff6d1055e96e8a3b4954939bf011ce013abd46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 13:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6249
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 22:06:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jul 2024 13:30:01 GMT

GET
H2 200 play-overlay.png
ssl.gstatic.com/s2/tt/images/ Frame EA04 2 KB
2 KB 55ms
55ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/tt/images/play-overlay.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.V9V1-txqK7s.L.W.O/am=AAAAAg/d=0/rs=AO0039tmGJxdCYYn4BAWBTFrKdHtyo24sA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08cce022c4202effcfcbebaea07eb5df4e18569c64b438636ee1efa8547d56f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:15:33 GMT
x-content-type-options: nosniff
age: 283554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/focus
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1638
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="focus"
vary: Origin
report-to: {"group":"focus","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/focus"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Aug 2024 05:15:33 GMT

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame EEAE 382 B
909 B 36ms
35ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.hh2Jqle7bK0.O%2Fd%3D1%2Frs%3DAHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.hh2Jqle7bK0.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f17ca50896fa58a9db705a033553232ded3c10c59b84f7ec09b3021b2a1b3dfa

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-YBR1YKN0vFqJUVLrLRHr0Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 275
content-security-policy: script-src 'nonce-YBR1YKN0vFqJUVLrLRHr0Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 12:01:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
pragma: no-cache
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST docs-tt
csp.withgoogle.com/csp/ Frame EEAE 0
0

GET
H2 200 sp.min.js Show response
cdn-app.pathfactory.com/libraries/tracker/2.17.3/ 76 KB
26 KB 32ms
32ms Script
application/javascript 65.9.95.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-app.pathfactory.com/libraries/tracker/2.17.3/sp.min.js
Requested by: Host: t.sidekickopen71.com
URL: https://t.sidekickopen71.com/Ctc/2L+23284/cPCXw04/JlF2-6qcW8wLKSR6lZ3mbN3Dv3kL5H_94Vv-8pN68trJTW1qTZ6L5CnHG4W78-WhW6tX_HrW6CSLQj2ZFkz1V44XpD8XvJHxW6vLTbw9cQd8kVRHL2P1s1vsXW7bHYkp1N3Ng8W15FKlS30WRV6W7LB2VV80NsvHW4fB-yK4R4p5vW6CXn5R54PvDxW4TTs9N9bZT2-W4dCKq68pmHHvVnx1q51HR21bW7lYjhg5w--mBW4QnYTC59CpszVX3GSQ3cg_2PW2L3nZR1-RKKVW67VbVY1t1yLZVzYsTn1c8-MvW1wR8204vZjpyW3jpD6w52Sm45W1-l2xf5y1g_SW4RzbVV6LVpZBW1qZvqq1PLfYJN9dsp9nm-QRLf2lGpdx04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-77.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a876a773b46aea97d22c1f84dac918fbc98ee3c1e1729f21cef7911de52f141e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
date: Tue, 08 Aug 2023 02:33:40 GMT
last-modified: Tue, 17 Jan 2023 18:22:37 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 38271
x-amz-server-side-encryption: AES256
etag: W/"adc64ce76490600da947214718dc8528"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: fRpyo7VFtMfhGuKOtF_JPi8GDhH4e7nWgRxXY2YP8xYKVB42-r1Sdg==

POST
H2 200 page_views Show response
jukebox.pathfactory.com/api/public/v1/ 152 B
765 B 457ms
228ms XHR
application/json 52.72.80.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/page_views

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.80.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-80-146.compute-1.amazonaws.com

Software

Resource Hash

e2e254aac95b52e897ae5f924fcd072312e7d74f7bd5683d868438c23733bdee

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
X-CSRF-Token: TDXItFlyybboNRqu6VERl7wqzN+NiRuqVLAzW4t1g2xfW6Nb6uwWocbt4vJlq7vRIY5b0oEFs7lfKQAMbOQx3A==
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 08 Aug 2023 12:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy
content-encoding: gzip
x-request-id: 4adc95ff-0e7e-4e06-a54e-049f41e5258b
x-runtime: 0.105382
referrer-policy: no-referrer-when-downgrade
etag: W/"e2e254aac95b52e897ae5f924fcd0723"
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://resources.inboxsavvy.com
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate

OPTIONS
H2 200 page_views
jukebox.pathfactory.com/api/public/v1/ Frame 0
0 379ms
119ms Preflight 52.72.80.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/page_views
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.80.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-80-146.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-csrf-token
Access-Control-Request-Method: POST
Origin: https://resources.inboxsavvy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-csrf-token
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.inboxsavvy.com
access-control-expose-headers
access-control-max-age: 7200
date: Tue, 08 Aug 2023 12:01:27 GMT

POST
H2 204 apiserving
csp.withgoogle.com/csp/ Frame EEAE 0
0 38ms
37ms Other
text/html 2a00:1450:4001:830::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/apiserving
Requested by: Host: t.sidekickopen71.com
URL: https://t.sidekickopen71.com/Ctc/2L+23284/cPCXw04/JlF2-6qcW8wLKSR6lZ3mbN3Dv3kL5H_94Vv-8pN68trJTW1qTZ6L5CnHG4W78-WhW6tX_HrW6CSLQj2ZFkz1V44XpD8XvJHxW6vLTbw9cQd8kVRHL2P1s1vsXW7bHYkp1N3Ng8W15FKlS30WRV6W7LB2VV80NsvHW4fB-yK4R4p5vW6CXn5R54PvDxW4TTs9N9bZT2-W4dCKq68pmHHvVnx1q51HR21bW7lYjhg5w--mBW4QnYTC59CpszVX3GSQ3cg_2PW2L3nZR1-RKKVW67VbVY1t1yLZVzYsTn1c8-MvW1wR8204vZjpyW3jpD6w52Sm45W1-l2xf5y1g_SW4RzbVV6LVpZBW1qZvqq1PLfYJN9dsp9nm-QRLf2lGpdx04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://content.googleapis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame EEAE 18 KB
7 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.hh2Jqle7bK0.O%2Fd%3D1%2Frs%3DAHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61b25985ae40153624ac1d71ccc233f9003a17415dc43d3f989f82ec286d27b4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Aug 2023 12:01:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7117
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "aa0299f9fad01455"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 12:01:27 GMT

OPTIONS
H/1.1 200
OK tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ Frame 0
0 117ms
117ms Preflight 3.209.60.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.60.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-60-230.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://resources.inboxsavvy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://resources.inboxsavvy.com
Access-Control-Max-Age: 5
Connection: keep-alive
Content-Length: 0
Date: Tue, 08 Aug 2023 12:01:27 GMT
Server: akka-http/10.0.9

OPTIONS
H2 200 tp2
jukebox.pathfactory.com/com.snowplowanalytics.snowplow/ Frame 0
0 328ms
120ms Preflight 52.72.80.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.80.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-80-146.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://resources.inboxsavvy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.inboxsavvy.com
access-control-expose-headers
access-control-max-age: 7200
date: Tue, 08 Aug 2023 12:01:27 GMT

POST
H/1.1 200
OK tp2 Show response
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ 2 B
469 B 457ms
114ms XHR
text/plain 3.209.60.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/libraries/tracker/2.17.3/sp.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.60.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-60-230.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Tue, 08 Aug 2023 12:01:27 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://resources.inboxsavvy.com
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

POST
H2 200 tp2 Show response
jukebox.pathfactory.com/com.snowplowanalytics.snowplow/ 0
517 B 358ms
128ms XHR
text/html 52.72.80.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/com.snowplowanalytics.snowplow/tp2

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/libraries/tracker/2.17.3/sp.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.80.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-80-146.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
X-Content-Type-Options	nosniff

Request headers

Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-runtime: 0.010460
date: Tue, 08 Aug 2023 12:01:27 GMT
content-security-policy
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
content-type: text/html
access-control-allow-origin: https://resources.inboxsavvy.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
x-request-id: 2cc34402-81bb-4bdf-9b33-dd0daf214b1b

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.hh2Jqle7bK0.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg/ Frame EEAE 77 KB
27 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.hh2Jqle7bK0.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cf5695131fffb70f601245d339b9ddb1fd881a106a5195b7b6da18d1580d92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 03:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27837
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 15:22:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 03:28:23 GMT

POST
H2 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame EEAE 0
155 B 147ms
146ms XHR
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.hh2Jqle7bK0.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://drive.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.hh2Jqle7bK0.O%2Fd%3D1%2Frs%3DAHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://drive.google.com

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 12:01:27 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log Show response
play.google.com/ Frame EA04 131 B
273 B 58ms
57ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.qrx6APR7WtE.O/am=AAAAAg/d=1/rs=AO0039sb9rQVNCmFSC1x6ak268qKWn_aUA/m=v,wb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 08 Aug 2023 12:01:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drive.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 08 Aug 2023 12:01:27 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 227ms
172ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2246696628&v=1.1&a=6709473&rcu=https%3A%2F%2Fresources.inboxsavvy.com%2Fc%2Fncrc-habit%3Fx%3Digmstk&pu=https%3A%2F%2Fresources.inboxsavvy.com%2Fc%2Fncrc-habit%3Fx%3DIGmstK%26utm_term%3Dpersonal&t=Navigating+the+Uncharted%3A+Time+to+Throw+Out+a+Bad+Habit!&cts=1691496087483&vi=06f2c253f5f1f67aa7b6c5c5fd54118c&nc=true&u=51475318.06f2c253f5f1f67aa7b6c5c5fd54118c.1691496087480.1691496087480.1691496087480.1&b=51475318.1.1691496087480&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 12:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e0efa9e6-4da4-4000-99f8-cd2677aef340
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 15
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e0efa9e6-4da4-4000-99f8-cd2677aef340
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04P3Ohs%2BxTqeRwJ9rBgZxkbFl8JDkJrVUSRIEsDF6brupqRMGWV%2FfS2YullipyQoLzFnMPunErQ8updAHxbJlmESZJw2gMW6SgOp3nZlFBHBRMpmvkTYq8o%2BCizjswrhxtDslraSBD84mciJQVn1"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-zkwrk
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7f379ad32d593a70-FRA
x-robots-tag: none

POST
H3 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame EEAE 0
19 B 151ms
151ms XHR
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://drive.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.hh2Jqle7bK0.O%2Fd%3D1%2Frs%3DAHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://drive.google.com

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 12:01:27 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EA04 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
Origin: https://drive.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 291804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 02:58:03 GMT

OPTIONS
H/1.1 200
OK tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ Frame 0
0 116ms
115ms Preflight 3.209.60.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.60.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-60-230.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://resources.inboxsavvy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://resources.inboxsavvy.com
Access-Control-Max-Age: 5
Connection: keep-alive
Content-Length: 0
Date: Tue, 08 Aug 2023 12:01:28 GMT
Server: akka-http/10.0.9

OPTIONS
H2 200 create_event
jukebox.pathfactory.com/api/public/v1/page_views/ Frame 0
0 116ms
116ms Preflight 52.72.80.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/page_views/create_event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.80.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-80-146.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-csrf-token
Access-Control-Request-Method: POST
Origin: https://resources.inboxsavvy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-csrf-token
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.inboxsavvy.com
access-control-expose-headers
access-control-max-age: 7200
date: Tue, 08 Aug 2023 12:01:28 GMT

OPTIONS
H2 200 create_event
jukebox.pathfactory.com/api/public/v1/page_views/ Frame 0
0 116ms
116ms Preflight 52.72.80.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/page_views/create_event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.80.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-80-146.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-csrf-token
Access-Control-Request-Method: POST
Origin: https://resources.inboxsavvy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-csrf-token
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.inboxsavvy.com
access-control-expose-headers
access-control-max-age: 7200
date: Tue, 08 Aug 2023 12:01:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
cdn.pathfactory.com/web-fonts/roboto_lato/ 11 KB
11 KB 89ms
31ms Font
binary/octet-stream 18.165.183.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/web-fonts/roboto_lato/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by: Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/web-fonts/roboto_lato/roboto_lato.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-41.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

Referer: https://cdn.pathfactory.com/web-fonts/roboto_lato/roboto_lato.css
Origin: https://resources.inboxsavvy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 17:36:15 GMT
via: 1.1 6678c1810851ff197cbe3fe4c41e86a6.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 66314
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11028
last-modified: Mon, 27 Mar 2023 14:49:19 GMT
server: AmazonS3
etag: "1f6d3cf6d38f25d83d95f5a800b8cac3"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin
accept-ranges: bytes
x-amz-cf-id: c0CcktOaBSSDD_rdN1lLEHbK9wQHlSa6S1npIAQm2VQIK0rUTIUQKw==

GET
H2 200 fontawesome-webfont.woff2
cdn.pathfactory.com/web-fonts/font-awesome/ 69 KB
70 KB 93ms
35ms Font
binary/octet-stream 18.165.183.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/web-fonts/font-awesome/fontawesome-webfont.woff2?v=4.6.1
Requested by: Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/web-fonts/font-awesome/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-41.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Request headers

Referer: https://cdn.pathfactory.com/web-fonts/font-awesome/font-awesome.min.css
Origin: https://resources.inboxsavvy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 17:44:54 GMT
via: 1.1 6678c1810851ff197cbe3fe4c41e86a6.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 65795
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 70728
last-modified: Mon, 27 Mar 2023 14:48:48 GMT
server: AmazonS3
etag: "926c93d201fe51c8f351e858468980c3"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin
accept-ranges: bytes
x-amz-cf-id: PB_xlBjiLzUtV9vSohhEB5XLNqpWED4lej9oc7FO83hIo_KSn38IVw==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
cdn.pathfactory.com/web-fonts/roboto_lato/ 11 KB
11 KB 126ms
68ms Font
binary/octet-stream 18.165.183.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pathfactory.com/web-fonts/roboto_lato/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by: Host: cdn.pathfactory.com
URL: https://cdn.pathfactory.com/web-fonts/roboto_lato/roboto_lato.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-41.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Request headers

Referer: https://cdn.pathfactory.com/web-fonts/roboto_lato/roboto_lato.css
Origin: https://resources.inboxsavvy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:48:41 GMT
via: 1.1 6678c1810851ff197cbe3fe4c41e86a6.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 11568
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11040
last-modified: Mon, 27 Mar 2023 14:49:09 GMT
server: AmazonS3
etag: "5e22a46c04d947a36ea0cad07afcc9e1"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: -L9Bi7k6hAgotISA46PLn8W7zZTGPmMFfTvQAfw4CGVZNmjLC5XnAA==

POST
H/1.1 200
OK tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ 2 B
469 B 115ms
115ms Ping
text/plain 3.209.60.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/libraries/tracker/2.17.3/sp.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.60.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-60-230.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 08 Aug 2023 12:01:28 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://resources.inboxsavvy.com
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

POST
H2 204 create_event Show response
jukebox.pathfactory.com/api/public/v1/page_views/ 0
480 B 136ms
135ms XHR
text/plain 52.72.80.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/page_views/create_event

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.80.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-80-146.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
X-CSRF-Token: TDXItFlyybboNRqu6VERl7wqzN+NiRuqVLAzW4t1g2xfW6Nb6uwWocbt4vJlq7vRIY5b0oEFs7lfKQAMbOQx3A==
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.017972
date: Tue, 08 Aug 2023 12:01:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.inboxsavvy.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
x-request-id: 011885e9-8315-4ecb-9c58-8d878f4fcc82

POST
H2 204 create_event Show response
jukebox.pathfactory.com/api/public/v1/page_views/ 0
481 B 128ms
127ms XHR
text/plain 52.72.80.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/page_views/create_event

Requested by

Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/tracks.js?x=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.80.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-80-146.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
X-CSRF-Token: TDXItFlyybboNRqu6VERl7wqzN+NiRuqVLAzW4t1g2xfW6Nb6uwWocbt4vJlq7vRIY5b0oEFs7lfKQAMbOQx3A==
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.010010
date: Tue, 08 Aug 2023 12:01:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://resources.inboxsavvy.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
x-request-id: dfb98f28-47e0-438f-827b-8bba83465c4d

GET
H2 200 4890aabd-84bc-42c6-b0e1-a396f44f5c82-1.png
cdn.pathfactory.com/assets/10934/contents/531211/thumbnails/600x/ 91 KB
92 KB 416ms
416ms Image
image/.pdf 18.165.183.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/assets/10934/contents/531211/thumbnails/600x/4890aabd-84bc-42c6-b0e1-a396f44f5c82-1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-41.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0470bcfd2ae84873f4d40188c805565ce1c88de689c8fdb506f0738a5c6f82f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 12:01:29 GMT
via: 1.1 8f2341b304c32ec6530aa5361edb2fe4.cloudfront.net (CloudFront)
last-modified: Tue, 01 Aug 2023 01:33:38 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
etag: "7729103ead68c9ce37ebe45b1252d5a7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/.pdf
accept-ranges: bytes
content-length: 93547
x-amz-cf-id: k_IhIFFyGqhXoiEeZLbx9VNQH76NwQ2DldBSHzzZRe_KlsGePMY79A==
expires: Tue, 01 Aug 2023 01:34:07 GMT

GET
H2 200 d53a9748-0a49-46de-954d-3cede392bf56.png
cdn.pathfactory.com/assets/10934/logos/470773/ 16 KB
17 KB 39ms
39ms Image
image/png 18.165.183.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathfactory.com/assets/10934/logos/470773/d53a9748-0a49-46de-954d-3cede392bf56.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-41.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83d0be9013455b6df76f5403f867ef1ab5a344630a6eeb4b2d0eb3e3352976dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.inboxsavvy.com/c/ncrc-habit?x=IGmstK&utm_term=personal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 12:00:54 GMT
via: 1.1 8f2341b304c32ec6530aa5361edb2fe4.cloudfront.net (CloudFront)
last-modified: Mon, 06 Jun 2022 17:14:15 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 35
etag: "c2cbee07cdddd5f19c7fc7ff54b920a5"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
content-length: 16809
x-amz-cf-id: GbVyylR3QZMJYFG6_iuqosLgooPwqwEKiGEfJXc0O_nOsrI_tyD0dA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csp.withgoogle.com
URL: https://csp.withgoogle.com/csp/docs-tt

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.inboxsavvy.com/	1970-01-20 23:27:36	Name: vid Value: 43b80be7-a8a4-43af-9636-8d6a90b436f9
.google.com/	1970-01-20 18:15:07	Name: NID Value: 511=LMHutp_Rw3FVB8gT3S_RrxZTCV69yMYgApYsJuyCEpVcnbStPlfJBdNKRRrwPswschXK8CuE3JZaOVP_e4ki28OMsACrUdkY2gly7yiBxVCsKe0B1XA-_DAnQBv_-8BNkmNcKKYeRO3-LHuS65oNMkriMKJGjnwJG5CG5ixDpt4
.inboxsavvy.com/	1970-01-20 13:51:37	Name: _pf_ses.1d76 Value: *
.inboxsavvy.com/	1970-01-20 18:10:48	Name: __hstc Value: 51475318.06f2c253f5f1f67aa7b6c5c5fd54118c.1691496087480.1691496087480.1691496087480.1
.inboxsavvy.com/	1970-01-20 18:10:48	Name: hubspotutk Value: 06f2c253f5f1f67aa7b6c5c5fd54118c
.inboxsavvy.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.inboxsavvy.com/	1970-01-20 13:51:37	Name: __hssc Value: 51475318.1.1691496087480
.hubspot.com/	1970-01-20 13:51:37	Name: __cf_bm Value: W0my.xa0gkOQKCMKsPRnnWWjWT621pFsJXwf8hDk_9E-1691496087-0-ARAPs76w39CKsasI3kShPKCqijYYCEBnnAJrSH/HeJiRNBpPKcBQ2IN5CLvCuEonlw14IOQ6SspjhskuisEcKmk=
.inboxsavvy.com/	1970-01-20 23:27:36	Name: _pf_id.1d76 Value: 43b80be7-a8a4-43af-9636-8d6a90b436f9.1691496087.1.1691496088.1691496087.dda386e8-8eea-4661-a67a-60391abf7869

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
cdn-app.pathfactory.com
cdn.pathfactory.com
content.googleapis.com
csp.withgoogle.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
jukebox.pathfactory.com
lh3.googleusercontent.com
play.google.com
resources.inboxsavvy.com
spcollector.pathfactory.com
ssl.gstatic.com
t.sidekickopen71.com
track.hubspot.com
www.gstatic.com
csp.withgoogle.com
18.165.183.41
2606:4700::6810:8ace
2606:4700::6811:6cc7
2606:4700::6812:18c4
2606:4700::6812:192f
2606:4700::6812:873b
2606:4700::6813:9b53
2a00:1450:4001:800::2001
2a00:1450:4001:800::200e
2a00:1450:4001:801::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:811::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2011
3.209.60.230
34.234.38.43
52.72.80.146
65.9.95.77
02541fdb924ca638c08ae501ac1531aa42311a8d830f9938e79d868e2b22bc29
0470bcfd2ae84873f4d40188c805565ce1c88de689c8fdb506f0738a5c6f82f9
08cce022c4202effcfcbebaea07eb5df4e18569c64b438636ee1efa8547d56f8
0cf5695131fffb70f601245d339b9ddb1fd881a106a5195b7b6da18d1580d92b
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
14b6cfd9b2a41bf5ee498086b1fbe2e8a31b1f99d5e040d55bdbe2d95702b6ac
1dc34acfcb2a75c0af810eb6fa908cfc7103bea51e90bbabc6b4fe8907e639eb
2092e4ffbe804f85c91b7f9dd3abcf13e2a6770a5e7a5aefd1ea8ec81df68b6d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3a7f7c3f9f141a0a797054c134bddc0ebbd301d5f01f567eeb6e44a05e4d57e3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4f5c06e4f33322e50208ebdd23ff6d1055e96e8a3b4954939bf011ce013abd46
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
58112726cdedca894ece97c82f091241d25fef9d223c565e1136792db84f6e00
61b25985ae40153624ac1d71ccc233f9003a17415dc43d3f989f82ec286d27b4
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6776e0843b9a2f23a22d34b58615a2b126a0ac7b25d81c85520667c048cd4748
71db619af6ed304273a6420f82f052f774db6544e5c68b32270e382049e5b81f
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
83d0be9013455b6df76f5403f867ef1ab5a344630a6eeb4b2d0eb3e3352976dd
8f774e373f58bd571819128fcd14533fabfa7e45330da1f4656ea21346b65d05
9fc04d99944bb1ab1d55d038f3cebb0a37bec13ddc35337f51118bcdbaa11404
a1ae49fb99cd38144beace481d0e0b4deea581ed798d3ad314134b42f3b1bd4f
a3e647bd139028a8b14cd0c42545d61fe316a4a42436a5602b44df99d8d416f3
a876a773b46aea97d22c1f84dac918fbc98ee3c1e1729f21cef7911de52f141e
ac4ca2de08c4e5dbb1b940fe7d702fe67c45e6bffa79f5fb1ef1b7fd3ffa6ffb
b0731eeccb28bd6e2aedb815e538b0b22b04463b8d65bf276920923847d63481
b1d0051040ce009b04d8cfdec3e8cc5c07941181410a80739a543f674afa4328
c68d757761438f5d62b7ce424f7663c5120863eacaaee41c93b8e6a5bde6b0b2
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
d973cc0f5e02b5e5b73d9f1e3474b79843febb64fed861b5b51508b1938f87bf
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd28591f8925c77ed5aba28d8a569a5b231fa39ac36c77cb0d089ded22d729f5
e2e254aac95b52e897ae5f924fcd072312e7d74f7bd5683d868438c23733bdee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f17ca50896fa58a9db705a033553232ded3c10c59b84f7ec09b3021b2a1b3dfa
f54b61a120e0240c98428d76beab031099f4f0379cbc623de071277255088fdc

resources.inboxsavvy.com Open in urlscan Pro 34.234.38.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

98 %HTTPS

76 %IPv6

13 Domains

22 Subdomains

22 IPs

2 Countries

1920 kBTransfer

6840 kBSize

9 Cookies

2 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

resources.inboxsavvy.com Open in urlscan Pro
34.234.38.43 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

98 %
HTTPS

76 %
IPv6

13
Domains

22
Subdomains

22
IPs

2
Countries

1920 kB
Transfer

6840 kB
Size

9
Cookies

56 HTTP transactions
0 data transactions