thetcmgroup.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www2.thetcmgroup.com/e/897461/kplace-investigation-mistakes-/6ldffx/625504791/h/TaoURAsnNHD2mk28AV-R6zuxNOCEInx_Y8rWz...
Effective URL:
https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Submission: On November 06 via manual (November 6th 2023, 4:29:12 pm UTC) from GB — Scanned from GB

Summary HTTP 170 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 10 domains to perform 170 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is thetcmgroup.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.

This is the only time thetcmgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.54.96.194 52.54.96.194	14618 (AMAZON-AES) (AMAZON-AES)
60	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
6	52.222.236.107 52.222.236.107	16509 (AMAZON-02) (AMAZON-02)
22	99.86.4.76 99.86.4.76	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	192.229.233.34 192.229.233.34	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:401... 2a00:1450:4013:c07::5c	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:18::1724:a29d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
45	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1		() ()
2	2600:9000:205... 2600:9000:2057:8000:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.49.17.168 52.49.17.168	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:887::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	44.228.215.240 44.228.215.240	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
170	19

1 52.54.96.194 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com

www2.thetcmgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

thetcmgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.222.236.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-107.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.233.34 (Marlborough, United States)

ASN15133 (EDGECAST, US)

static.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4013:c07::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:18::1724:a29d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 (None, )

ASN- ()

thetcmgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:8000:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.17.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-17-168.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:887::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.228.215.240 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-215-240.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5203 r.stripe.com — Cisco Umbrella Rank: 3546 m.stripe.com — Cisco Umbrella Rank: 1249	1 MB
62	thetcmgroup.com 1 redirects www2.thetcmgroup.com thetcmgroup.com	623 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	593 KB
11	google.com www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2685 play.google.com — Cisco Umbrella Rank: 28	456 KB
6	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5423	27 KB
3	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4470 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5121	96 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	16 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	olark.com static.olark.com — Cisco Umbrella Rank: 13928	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	77 KB
170	10

	Domain	Requested by
61	thetcmgroup.com	thetcmgroup.com static.olark.com
36	r.stripe.com	js.stripe.com
22	js.stripe.com	thetcmgroup.com js.stripe.com
9	q.stripe.com	thetcmgroup.com
8	www.gstatic.com	www.google.com pay.google.com www.gstatic.com
6	widget.trustpilot.com	thetcmgroup.com widget.trustpilot.com
4	play.google.com	www.gstatic.com
4	pay.google.com	js.stripe.com pay.google.com thetcmgroup.com www.gstatic.com
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	m.stripe.com	m.stripe.network
3	www.google.com	thetcmgroup.com www.gstatic.com www.google.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	consent.cookiebot.com	www.googletagmanager.com consent.cookiebot.com
2	fonts.googleapis.com	thetcmgroup.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	static.olark.com	thetcmgroup.com
1	www.googletagmanager.com	thetcmgroup.com
1	www2.thetcmgroup.com	1 redirects
170	19

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
www.canva.com
policies.google.com
www.linkedin.com
stripe.com
vimeo.com
linkedin.com
twitter.com
www.youtube.com
peopleandculture.com
theinvestigationcompany.com
transformationalculture.com
www.resolutionframework.com
peopleprofessionals.org
www.engageleadership.com
www.engagecoaching.com
themediationcompany.com
www.aubergine262.com
amzn.to

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M02	`2023-02-02` - `2024-03-02`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
static.olark.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-17` - `2024-04-16`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-17` - `2024-04-17`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Frame ID: 1A369FC6D270C60BC3FD138D8B4BCFB7
Requests: 96 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=58b013e80000ff00059d4650
Frame ID: 59ACAA7A98DCAD2A5F5EC621007F9715
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 30CB315C4E9D293B095E6C6CC3D94F61
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
Frame ID: 77D4E60510082F0C5FC9B81FACD9AC21
Requests: 33 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-873f465a4e99cf698176753050a5589c.html
Frame ID: 30A910249610103A8588E7E324884E03
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-c51c8fa7dfe3ace19f6c9a840e7bfafe.html
Frame ID: E3ABF4DCE43B2D8C885681F0C1692FD4
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
Frame ID: B78EDF9A8301BCDBE9BE8F2153317C98
Requests: 19 HTTP requests in this frame

Frame: blob://https://thetcmgroup.com/1d1a941a-efc1-4bc6-8fe0-4c701e3954eb
Frame ID: 34B05A7D75CC19A7C6FC21A877BC0A78
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 56048516823289DCF77FF11FE8126566
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcZ4CAbAAAAAOPsAuBbNZsFh13A3_lMp_JxI6o4&co=aHR0cHM6Ly90aGV0Y21ncm91cC5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=ndqs7tf9pdp5
Frame ID: 2FD97A6C52A5479E8D45E484468C52ED
Requests: 7 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 8B19E2D64FD85B3809E57336D1FD33CA
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 8ACAB0B259DD4ADC0D7B334F27F6A49D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Avoiding common workplace investigation mistakes | The TCM GroupPowered by Cookiebot

Page URL History Show full URLs

https://www2.thetcmgroup.com/e/897461/kplace-investigation-mistakes-/6ldffx/625504791/h/TaoURAsnNHD2mk28A... HTTP 301
https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/ Page URL

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

170
Requests

100 %
HTTPS

58 %
IPv6

10
Domains

19
Subdomains

19
IPs

4
Countries

2943 kB
Transfer

9442 kB
Size

6
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiebot.com/en/what-is-behind-powered-by-cookiebot/
Title: Powered by Cookiebot

Search URL Search Domain Scan URL

URL: https://www.canva.com/policies/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/legal/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://stripe.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://vimeo.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/thetcmgroup

Search URL Search Domain Scan URL

URL: https://twitter.com/TheTCMGroup

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@Thetcmgroup

Search URL Search Domain Scan URL

URL: https://peopleandculture.com/
Title: <img src="https://thetcmgroup.com/wp-content/uploads/2023/07/PC-footer-logo.png" alt="">

Search URL Search Domain Scan URL

URL: https://theinvestigationcompany.com/
Title: <img src="https://thetcmgroup.com/wp-content/uploads/2022/03/TIC-footer-logo@2x.png" alt="">

Search URL Search Domain Scan URL

URL: https://transformationalculture.com/
Title: <img src="https://thetcmgroup.com/wp-content/uploads/2023/07/TC-footer-logo_1.png" alt="">

Search URL Search Domain Scan URL

URL: https://www.resolutionframework.com/
Title: <img src="https://thetcmgroup.com/wp-content/uploads/2022/03/RF-footer-logo@2x.png" alt="">

Search URL Search Domain Scan URL

URL: https://peopleprofessionals.org/
Title: <img src="https://thetcmgroup.com/wp-content/uploads/2023/03/PCA-logo.png" alt="">

Search URL Search Domain Scan URL

URL: https://www.engageleadership.com/
Title: <img src="https://thetcmgroup.com/wp-content/uploads/2022/03/EL-footer-logo@2x.png" alt="">

Search URL Search Domain Scan URL

URL: https://www.engagecoaching.com/
Title: <img src="https://thetcmgroup.com/wp-content/uploads/2022/06/Engage-Coaching-footer-logo.png" alt="">

Search URL Search Domain Scan URL

URL: https://themediationcompany.com/
Title: <img src="https://thetcmgroup.com/wp-content/uploads/2022/06/Mediation-Co-footer-logo.png" alt="">

Search URL Search Domain Scan URL

URL: https://www.aubergine262.com/
Title: <img src="https://thetcmgroup.com/wp-content/themes/tcm/images/aubergine-logo.svg" alt="Aubergine 262 ltd. Logo" width="100" height="36">

Search URL Search Domain Scan URL

URL: https://amzn.to/48BDXr9
Title: <img src="https://thetcmgroup.com/wp-content/plugins/tcm-footer-popup-html/assets/book-popup.png" alt="TCM book popup" style="">

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www2.thetcmgroup.com/e/897461/kplace-investigation-mistakes-/6ldffx/625504791/h/TaoURAsnNHD2mk28AV-R6zuxNOCEInx_Y8rWzxphpo8 HTTP 301
https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

170 HTTP transactions
24 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Redirect Chain

https://www2.thetcmgroup.com/e/897461/kplace-investigation-mistakes-/6ldffx/625504791/h/TaoURAsnNHD2mk28AV-R6zuxNOCEInx_Y8rWzxphpo8
https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

183 KB
36 KB

177ms
66ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f316c916a4b66cc2414afe37df7ddc70fcdfc8f109519d49941b267cdc1032d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 304
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=86400
cf-cache-status: HIT
cf-ray: 821eb69c8da771fa-LHR
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 16:29:05 GMT
last-modified: Mon, 06 Nov 2023 16:21:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FZANIjEQpGKVUTXlhrZmb8rZsKkuwBU5lG4G8LaOkv3wdP0zNix5ZkWsVYMHT7Ugdvwbs8jASgcae0bedrkc3VVAA%2By6fcWK56KOSMbjSh8LzkzmqmICQqAbhdJLsUeRt20IPOhk7ndHJLhhQ8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Cookie
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd

Redirect headers

Connection: keep-alive
Content-Length: 130
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Nov 2023 16:29:05 GMT
Server: PardotServer
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
cache-control: max-age=63072000
content-encoding: gzip
expires: Wed, 05 Nov 2025 16:29:04 GMT
location: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary: Accept-Encoding,User-Agent

GET
H2 200 autoptimize_c7955f787249c031f175880854eec13b.css
thetcmgroup.com/wp-content/cache/autoptimize/1/css/ 302 KB
45 KB 106ms
104ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/cache/autoptimize/1/css/autoptimize_c7955f787249c031f175880854eec13b.css

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d3e0f5e27ff66bec2902b6dcdbe52dc22ba86b143dd6940ffce312f0ac93a9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 16:20:52 GMT
server: cloudflare
etag: W/"4b8bb-6097e3cecf404-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qO%2F%2BEu8%2BQSSXTDOG6G%2BIVUDkosFOPSSzOb%2FGcNL1MRldnSK9%2F5ZsQcmlEzDMvGa%2BTFHd8B6FT4axLW9VvUIuMrumNQs37%2FnwrC2mrzucWbESmFfTBxTY74ydKyutdd%2BC20r7iuYBFhIRLMvwAeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400, immutable
cf-ray: 821eb69d0e4271fa-LHR

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 176ms
61ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito%3Awght%40400%3B600%3B700&display=swap&ver=59e2763034816b0850a9a4aec6bc9e68

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d6a1250b131483bf690875fcdb40533a394fff0880f007f48f9b8f2a1ccd8fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 16:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 15:35:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 16:29:05 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
612 B 177ms
63ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Playfair+Display%3Awght%40600&display=swap&ver=59e2763034816b0850a9a4aec6bc9e68

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23f71eff6c34c2a6aa74192072500749c9894c493a71b2ede6e988ae3dc31deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 16:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:29:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 16:29:05 GMT

GET
H2 200 jquery.min.js Show response
thetcmgroup.com/wp-includes/js/jquery/ 85 KB
31 KB 57ms
56ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Aug 2023 03:26:54 GMT
server: cloudflare
etag: W/"155ba-602750d151453-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcXkkRBOQ5eWfX%2B6fmp%2BwzYsmdLbNi1iz7I%2Bfv1Wru8c0Mu4%2Brd00y%2Be9oOMT017mugE88LFiVF6oYjt5b0PLaTBYesB6BusmDoTgiw0iA68TKOv1%2FUcet5omzdzdJJsJago69xONrX%2FZphlMuA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69d0e4471fa-LHR

GET
H3 200 jquery-migrate.min.js Show response
thetcmgroup.com/wp-includes/js/jquery/ 13 KB
5 KB 120ms
120ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Aug 2023 03:26:54 GMT
server: cloudflare
etag: W/"3509-602750d15c034-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FxBamSX4%2F93mx4QMYdD%2FqHfkLfkCVydBI5ndOW%2FeKi4%2Fwxad6VOD3quTSFmKJ9rP49gqxBSWWUgWGUJEYFBxJy01Cj7Nm7dEhl2d%2BKJHZ8wymCY%2Fzq1fdLOHtqL0A2K7RLA5qWyrAZDAjFrVUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69e1a1e24f0-LHR

GET
H3 200 autoptimize_single_169ba4109a99d0bd1d59953f07ffa0f1.js Show response
thetcmgroup.com/wp-content/cache/autoptimize/1/js/ 29 KB
6 KB 115ms
115ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/cache/autoptimize/1/js/autoptimize_single_169ba4109a99d0bd1d59953f07ffa0f1.js?ver=1.18.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0312475e7974a6a7d4ca349eb9f0f1fb00387c993f1ee6627065a32a3aa8ad8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 16:20:22 GMT
server: cloudflare
etag: W/"7510-6097e3b1cb619-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2amaQxoFqGLX6%2BmJfI8029kFlrkL8r94b3Pkxi0NfsmyA%2BOxY7r6ZhH17ugsPGtwrW3%2FE%2FFEq%2Be6Iajcxaq3aIAIyRIYjsghYmN%2FQ50oLlslsKPVdeZtw3bZ32hcAx8CFi%2BzRuGojH1WLThXJOI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400, immutable
cf-ray: 821eb69e1a2624f0-LHR

GET
H3 200 tokenization-form.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
1 KB 147ms
146ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/tokenization-form.min.js?ver=8.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac0a29702ebc38d8c064dc547ef86af370a27d8b2f3f758291d3cc481643872d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 03:27:41 GMT
server: cloudflare
etag: W/"8d8-607e11af1fb2e-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NXvga94mcDM5wCEniuACH1tv2KMUOaflFVxCimWpkA9y%2Frr1Hu2dCTJ0wM5iK8GNPr2oEvwqiTtBNnqdl%2BJytGxuTFvBsP%2BXzms67AxYqUHmYnMnKHI46xqA%2BTydZDb4tD4uJ6Dc2jtG7RbOl4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69e3a4324f0-LHR

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 186ms
54ms Script
application/x-javascript 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Nov 2023 02:50:47 GMT
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 49097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: oLu98B0pZ8zF4zxMKL0e2JJbOcdHNvZYy-Vbt0DYb504XOE_L3j32Q==

GET
H3 200 seach-icon.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 371 B
844 B 148ms
142ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/seach-icon.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f29390b230580ac6995fa545c194d7ae22099bf823ca93fa9bfd1af736e0747

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"173-5ded292a57f89-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzXMgpHd7RCz5znee%2BrKoB6powwCCfL5Zdracvkdz9s0%2FOjJR%2BvZ7JehakEszcAWke9GG8yKmK8gH43m03TElJYmQQmCbtH3a%2Bg6lYfNBHYiCmzi6%2Fq9dDlCW02SNLmw4p2SnN6FHfsJHhiPFAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821eb69e3a5124f0-LHR

GET
H3 200 lazysizes.min.js Show response
thetcmgroup.com/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
5 KB 148ms
143ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.9

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 14 Oct 2023 15:26:29 GMT
server: cloudflare
etag: W/"2655-607aecc143827-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3wtIrjfHHivgN9fsWGp3etJFpcB9hj0dDXDCyAaC65%2F8IiHPerLck4Tc1Hou9XaF6MHmkUUPxMenHomoJEmct1yjES4bT9GWc8%2BiveQBF8tzjDBRXteAoO1YY6BBUYKGcJ6QYGCtGp%2BI2rpP7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69e3a5624f0-LHR

GET
H2 200 dashicons.min.css
thetcmgroup.com/wp-includes/css/ 58 KB
35 KB 55ms
54ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-includes/css/dashicons.min.css?ver=59e2763034816b0850a9a4aec6bc9e68

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Feb 2022 15:02:00 GMT
server: cloudflare
etag: W/"e688-5d7fbb2ce8d8d-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhE%2ByQJnHCmKlcXlhbCCDXFYC3wCNJXBe0YsRCkHjLf8t8Y1TEXwtQ2vPCdqgNd7kD6OI3ljLFj1yKOKB1riKtO6YTmf2V9wMQU9Za10olaAmKdknPeRJoV4nNeXXP0AmQZI9wePJxb2RLnQ9CE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 821eb69d0e4571fa-LHR

GET
H3 200 autoptimize_single_100425145b9835a8af74fb3da4a0de39.js Show response
thetcmgroup.com/wp-content/cache/autoptimize/1/js/ 878 B
1013 B 149ms
143ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/cache/autoptimize/1/js/autoptimize_single_100425145b9835a8af74fb3da4a0de39.js?ver=1.0

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e6e9b41bfb424a2dc0ffef4a8902dbfb4b6dbf9618c4a05b22f4a12fa7c821c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 16:20:22 GMT
server: cloudflare
etag: W/"36e-6097e3b1cb619-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INK5F35%2FXel%2BKwCTJGo2MhpWgpkLXjn6IX2evx6ZzZtb%2BFv1JOr8LwTISzJRFZuDXXWSuQPtGMfrY5ysHfvgG8yyQDIF%2FvBhFGXupSXCaemMBHOkdWwp45SIPqsZWGbooGtKiCOXoI6tyyUgKh0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400, immutable
cf-ray: 821eb69e3a5924f0-LHR

GET
H3 200 jquery.blockUI.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 149ms
144ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 03:27:41 GMT
server: cloudflare
etag: W/"25a4-607e11af20ace-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=139i3v73ttYqNt9XVKTJSMIjQmwGY4IoftUzCkmJF3ClzK5Ac51%2FwSOqWbgGrYX99ZfUxM9TGP4GtsXe6Vj9pMsMGsH1zZtVGPBs0DoeBtGpkORWIH3VebRu6eSAk3WArepb%2FFdbJwmuD1lyiJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69e3a5c24f0-LHR

GET
H3 200 add-to-cart.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
2 KB 151ms
146ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92b4feff9bb6c863075d35cd38d989cc254f99489f574338def1949904027d42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 03:27:41 GMT
server: cloudflare
etag: W/"bdd-607e11af1cc4e-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tndy6BWUb5xKQoNByzOUPK4QG41dMc0mH2lNdrp9uTx7Wg%2BUGqFaA%2B%2FkWp0hmnQsVvQorE9xb6CbGUKeJhnhJk8FnJbfXAmYIdlm2rXHR7t817miP7BZNZfMlNnAycKvIUA8mOjSNaSSVjYVPl4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69e3a5e24f0-LHR

GET
H3 200 single-product.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/ 6 KB
2 KB 151ms
146ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=8.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e7d2a1ae6d18ec37ab985e42b7202b14d222cb9074a7d0f8557e8bff8759a75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 03:27:41 GMT
server: cloudflare
etag: W/"191d-607e11af1fb2e-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZDFyd9yF%2BJt%2F57%2B0FvSmca5noaZLETRXBc%2B7b4nTCuKKBnX9wRatthC6ts9T6bTKKBFvLpoPNl2DbBE70Sg5l%2F9KQm9NhVXS6Xb%2B%2Fj63brgDfTbDcpWyj%2BaTviVEKbsOwi%2Bm9o8hY9WN7zAnak%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69e3a6b24f0-LHR

GET
H3 200 js.cookie.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
2 KB 152ms
147ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1533d5bc82424a9a3ac37a7fe543925909d25715d16938b9e02c728c86fd86e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 03:27:41 GMT
server: cloudflare
etag: W/"735-607e11af239ae-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZvxfRLuFQmKIhVWNrA3oI%2BYuIF4CuOrCciDzgNatDp9xD4j6ipc%2BLejdSufbHX%2B7uf8MzWHPEour8GnUxWGXjvsepcbaXcV5Jzc48xPLe3oU9PbeuM94H3s0OYlnqPedrme3QQD1R7tK4pyMe4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69e3a7024f0-LHR

GET
H3 200 woocommerce.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
1 KB 152ms
147ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 03:27:41 GMT
server: cloudflare
etag: W/"85b-607e11af1fb2e-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAPXszRvUrts0Eqo6EtMDPNfHhdLG96R1hyRm1Z7S%2BDa%2FLYMQuxdxBUaPY62QpMFRFvl8KdAHcenMUhMYpxlAqgUy2iBz2IrdA6NInAYrHcPI78792MvHS19C2z4l%2BE844UGUWQPAvSyp1jXojo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69e3a7324f0-LHR

GET
H2 200 / Show response
js.stripe.com/v3/ 552 KB
136 KB 177ms
63ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/?ver=3.0

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2173fe202b54daeb55873608869a7ee5a1ef481d23f6e42b024ae666973770fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:28:45 GMT
content-encoding: br
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 23
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:43:32 GMT
server: Cloudfront
etag: W/"463d1a2955ddebfd1fbb0126c59738fd"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: XKQdqKy8bLBcmIpFLEMWyfhhPs7Zy_o9RN4bPQ3gpWKikTilna4TZw==

GET
H3 200 stripe-payment-request.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce-gateway-stripe/assets/js/ 14 KB
4 KB 152ms
147ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce-gateway-stripe/assets/js/stripe-payment-request.min.js?ver=7.6.2

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

675abb39e33edf5c534d86017f925545b7f68621897f9c688badad05303824f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Nov 2023 03:26:46 GMT
server: cloudflare
etag: W/"372a-6090ed746786f-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0iRWRaBFtQViI%2FoEUSOEGoZbUgxufZmFMPQRjc2%2FVmF13P6ECx5p2Z5RnqBKg0OKtrAFCKyKZVCWBFO54E%2BJ6gbkSfLAqlngkF1r%2BqbI7PfilJNgfDEswTfsi8BOjIKoPVIbUoGTdMFm0tafzg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69e3a7724f0-LHR

GET
H3 200 slick.min.js Show response
thetcmgroup.com/wp-content/themes/tcm/slick-slider/ 42 KB
11 KB 194ms
190ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/slick-slider/slick.min.js?ver=1.30

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"a76f-5ded292a59ec9-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqJ8k4cT1qGYJVigBdN4QixgNg8cg3Gcas7hguB5qcfXW7N6%2F0IHCx1AVXUzUuHpv2D40Cff9C2JM5Nm93EcMSl0A8YFQSO8OIBI5lVmfpaPUsyyKofaGOZGw310%2FYVic6SEXwLilYPTZV%2Bu8ow%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69e3a7b24f0-LHR

GET
H3 200 autoptimize_single_092e0f4c6cf9e1699af003bcedb06089.js Show response
thetcmgroup.com/wp-content/cache/autoptimize/1/js/ 20 KB
8 KB 212ms
208ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/cache/autoptimize/1/js/autoptimize_single_092e0f4c6cf9e1699af003bcedb06089.js?ver=1.1.0

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9355c1b32c96f1da116a0df14644c2f2a1965d5206234304174514fc209aa90

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 16:20:22 GMT
server: cloudflare
etag: W/"4ea6-6097e3b1cf499-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGaBywkuIPKRDAKzKeFsQqtoMbB4pejDzPkO2NfzT62eIi5zA4ypOrTARgsfbfWqkD43HiykhukYJJx1U%2FkTdL6amThe5UdoPzusK86Hv%2B5CNbUvf%2FX2Nvlfm9uLs8tA%2FF06jQ2CDPrwIZauB80%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400, immutable
cf-ray: 821eb69e3a7d24f0-LHR

GET
H3 200 autoptimize_single_69934f5f152d577e6da48c75cf09fd90.js Show response
thetcmgroup.com/wp-content/cache/autoptimize/1/js/ 15 KB
5 KB 213ms
209ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/cache/autoptimize/1/js/autoptimize_single_69934f5f152d577e6da48c75cf09fd90.js?ver=1.30j

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5263e0259033b631c270979443ce95ea023737a1ad7f5d6d618e73bef2d64e8d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 16:20:22 GMT
server: cloudflare
etag: W/"3a86-6097e3b1d2379-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGQV9lIXfZSqDOXnqYKguvaYeWJJOQXqGDFSDpfA5HNLt9tladGFsflCJPk93YQc0oRSsNK4nyyAagOmYdnpnA%2Fv4UB2OeBoPjjj7SCuSvrOJfVqIyqZ4BT8ReJvqnfeRNTWftnyyCQx4GC%2BRmY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400, immutable
cf-ray: 821eb69e3a8424f0-LHR

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 193ms
69ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcZ4CAbAAAAAOPsAuBbNZsFh13A3_lMp_JxI6o4&ver=3.0

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

41b4c596184afae01f6dde4c334950293a9a591ebf9646fca1fb320f940fa1b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 06 Nov 2023 16:29:05 GMT

GET
H3 200 front-scripts.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce-multilingual/res/js/ 344 B
819 B 214ms
210ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=5.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5550f904be1dd8825d113db685b9c92507fa0087d414c6a1f64852d62758c0c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Oct 2023 15:26:18 GMT
server: cloudflare
etag: W/"158-6074a3636f6dd-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ze%2F%2BZY5buV03HdL%2Bq%2FKk%2FpLXTfzL9vUZoNDw752hj%2FOC1hWki5OKYvzuFKRl5p3fZ%2B9iePDiU0z1v7IXx2wmJAu7KOskddvETvcmC04Zlve2M%2Ft0TT9qjNX4oE1BRvyTkpzSOxKsE8k65E9tiU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69e3a8624f0-LHR

GET
H3 200 cart_widget.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce-multilingual/res/js/ 364 B
827 B 214ms
211ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=5.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00b55d4c2f81b6b53aa944b364b81ac1e1a3a4f3e94818b14eb270e5f156f24b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Oct 2023 15:26:18 GMT
server: cloudflare
etag: W/"16c-6074a3636d79d-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eyz5u9g%2FB1ry0ney57WzfLdNy0JanXeDxK%2BKYjPl%2FvOfmQwpTZO9l5WH%2F71ma8TGSOxz50b39jiGkAQ7wYI05GS%2BJ434bBfv9N%2BjTjI0nPfTE%2FcPmydlT%2BTZfNgBHMKe3zcU9sdu0jaSqO%2BsWAI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69e3a8a24f0-LHR

GET
H3 200 jquery.payment.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/jquery-payment/ 8 KB
3 KB 215ms
211ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce/assets/js/jquery-payment/jquery.payment.min.js?ver=3.0.0-wc.8.2.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12553f3efc346c133c5ffba7a493ef82fce2298e81b1a09a342b8ada10e26405

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 03:27:41 GMT
server: cloudflare
etag: W/"2119-607e11af22a0e-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQJNiCXTM%2FvYul0KDsUf7QlYB9naF56YePeczQKW6ydm80VB0TN7TAeVTKJX5kW7jKymzt6BD2YSUrqXSPr%2FPILT2glOakIsWiiVYJW9Nofx3bp2mkaHm5GIoi2ZnMFH1U4nWJPPOVpgiuR3b4c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69e3a8d24f0-LHR

GET
H3 200 stripe.min.js Show response
thetcmgroup.com/wp-content/plugins/woocommerce-gateway-stripe/assets/js/ 14 KB
5 KB 215ms
212ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/woocommerce-gateway-stripe/assets/js/stripe.min.js?ver=7.6.2

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b662ab593f8d6554b3b463d4a352e5b7e0586bb4e60acc11f4913b428509ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Nov 2023 03:26:46 GMT
server: cloudflare
etag: W/"39f1-6090ed746786f-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3FBcMcFC8sn76fw4RbblS1dE6pln44j9XCQlA6Y7b6YuRMewBANvLEP4nBROYEh%2BIfF3HpcR%2FsGQQpAL8rksBu6D6B6bbXL6lms6dx%2B6hnH0BXJw%2F2Ub0DULtI5jzsBLLvqquMhvCBdHju4VgY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69e3a9224f0-LHR

GET
H3 200 underscore.min.js Show response
thetcmgroup.com/wp-includes/js/ 18 KB
8 KB 217ms
214ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-includes/js/underscore.min.js?ver=1.13.4

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 29 Nov 2022 08:30:13 GMT
server: cloudflare
etag: W/"4991-5ee97cbfac994-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyXnSIBWuCGis7QFvzp1ynpC8hHS6u70r8FhNA65dAgPwHk%2FGmL3W0eu%2Fj6CxQM2%2BaGNNSUPirZ3skh3UrqZthqmpA%2Fea4WrLD3aesEnVlITMB5jvZ59QKXwmkGQdqY3I8kRfx2faZ6eJ%2FQHnu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69e3a9824f0-LHR

GET
H3 200 backbone.min.js Show response
thetcmgroup.com/wp-includes/js/ 23 KB
9 KB 221ms
218ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-includes/js/backbone.min.js?ver=1.4.1

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b99993143ef5c98b746267c0a19fd2c2f4a6d64af3e1dae82a87573c4b9b1572

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Jun 2023 15:28:44 GMT
server: cloudflare
etag: W/"5d28-5ff0a018be323-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnawPv7GpUmxug6k9NLFp2V7S2EAIQqBSvpsWoXEHFwptljPX2nFBC4xFA1vFwC2xeqO5y2J%2B8RYTyxaRxCmIDkJTXjvPvrqVQQ456o0aPzJ3mvBjvuM6LIaDr%2FpinNeq67Qo6czn2Eb2kZXa6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 821eb69e3a9924f0-LHR

GET
H3 200 autoptimize_single_0cc678c9d558709407ec0e953e17e7da.js Show response
thetcmgroup.com/wp-content/cache/autoptimize/1/js/ 61 KB
18 KB 265ms
262ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/cache/autoptimize/1/js/autoptimize_single_0cc678c9d558709407ec0e953e17e7da.js?ver=3.6.34

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02400eff6006674ae1b3d90e24a27433b2f7724c5002b7c82d9a3f340755357a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 16:20:31 GMT
server: cloudflare
etag: W/"f247-6097e3ba03e96-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FtBfsaG43Wb3QR4vehpEv96cC8wPRegC98NwDY0xDHtGFhHriOqm1Z513%2BvXnfb0XTOQXxNYz53zLHW8Kw78wIcpIOrz88hK%2BMiYbn2xh8lk0V4Y9PSPUhZotuiyPXuNVtwTIPoKxBy30muqYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400, immutable
cf-ray: 821eb69e3a9d24f0-LHR

GET
H3 200 autoptimize_single_2108e87bb49f49c15840ec1e981e799b.js Show response
thetcmgroup.com/wp-content/cache/autoptimize/1/js/ 101 KB
23 KB 268ms
265ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/cache/autoptimize/1/js/autoptimize_single_2108e87bb49f49c15840ec1e981e799b.js?ver=3.6.34

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0775857f32c100c7e98fe96ba857873809054342a1ce98fafc174f8046a1da0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 16:20:31 GMT
server: cloudflare
etag: W/"195e7-6097e3ba109b7-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3nPDg1ExFNtSZmFmztlgC1WeLAiMK15y2ZEY0qE0LrU82jDkkX3bNpawhP7SFdP%2BYcRI8vsP8iNfUJmIDx9gAn9opCDbCmq4w%2BE%2FCbO3hh5kH1kuGtuyoWDULFUqAvMbOXikLdKdfm9umATFWY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400, immutable
cf-ray: 821eb69e3a9f24f0-LHR

GET
H3 200 autoptimize_single_5bcc345f6c2386193d24714fac0b9b12.js Show response
thetcmgroup.com/wp-content/cache/autoptimize/1/js/ 8 KB
3 KB 272ms
269ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/cache/autoptimize/1/js/autoptimize_single_5bcc345f6c2386193d24714fac0b9b12.js?ver=3.0.29

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

118e237b998bf26746914c5398bd37a71938f664dc434a27830351e778ae0ab3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 16:20:31 GMT
server: cloudflare
etag: W/"1ef7-6097e3ba11957-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZJwhvinjG9Wb3TKPK0R2Gt5FFctBP%2FA2GSNngAlc%2FCy%2BnQzNdU1uJMxjRKgkYBcYY%2Bk1glOuDqK4prKwmx%2FCShn5Fht6yb31jSns0fduQ4UDT8e1q7f5ZwiKX2x1NZQdsuMZKL5XAA6UfdESAY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400, immutable
cf-ray: 821eb69e3aa224f0-LHR

GET
DATA 200
OK truncated Show response
/ 112 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1633281d74a87f044dea32f5782acf8e587b7814f907e17b3740dc72f988e29e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
77 KB 193ms
72ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5DKFX4C

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47fdc96a7223c911f8d2238fcfe14924812518a9ff8650308e79cf3088f06cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78614
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Nov 2023 16:29:05 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d585a2ee280fb3a5db922a8035d7d8c633c5e3245d1ef5ff4a97f52c6d7e3853

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0056299071c4519f17586f5a4f9d7bacadc0978a31b36e79eebc09ec17439cbe

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27381220e3f28342d9b020614058b4ca43f5abf17efbc48d6a817ae6f05160f7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated Show response
/ 14 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08ed8e3aab1262bd50ac7b605dfb3f628dab6f18fbb58b0e59623216dbad6727

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 176ms
56ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito%3Awght%40400%3B600%3B700&display=swap&ver=59e2763034816b0850a9a4aec6bc9e68

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thetcmgroup.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:18:41 GMT
x-content-type-options: nosniff
age: 339024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:18:41 GMT

GET
H3 200 fontawesome-webfont.woff2
thetcmgroup.com/wp-content/plugins/ninja-forms/assets/fonts/ 65 KB
66 KB 262ms
261ms Font
application/font-woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/wp-content/plugins/ninja-forms/assets/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/wp-content/cache/autoptimize/1/css/autoptimize_c7955f787249c031f175880854eec13b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://thetcmgroup.com/wp-content/cache/autoptimize/1/css/autoptimize_c7955f787249c031f175880854eec13b.css
Origin: https://thetcmgroup.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Oct 2023 03:26:32 GMT
server: cloudflare
etag: W/"10440-6077c819c6c1c-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjF0uL6%2ByDBgnkeUCMXb23GoXBYEDWTP%2Bq6D4mw1yHX%2BqBMAvii0Kgc9KCGHcipeL1%2Fj1sksNw7kTsUmlebrrnbhXGwmlt%2FZhwcCt%2FerkvfhFFRcJQt4GI5Ckzll0AEt10Pftdj%2BMVsQVMYUaKM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=86400
cf-ray: 821eb69e3aa324f0-LHR

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKebunDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ 23 KB
23 KB 248ms
130ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKebunDXbtM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display%3Awght%40600&display=swap&ver=59e2763034816b0850a9a4aec6bc9e68

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6658396ee384c7a84e83365a3ce7aabec29bbd9d55ee8400abd3c367ac72bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thetcmgroup.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 16:47:07 GMT
x-content-type-options: nosniff
age: 603718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23240
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:29:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 16:47:07 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbdd8a81111b2dbc784a4d9b9193f9d241ddd212932d440c5a4ac46277ae8f44

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated Show response
/ 20 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6d62cb480942c8deb8161cbca06f0838d48ebdc750b7c2f535d0581212a7cfe

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8adfbc27fffba13ab2e297324d3e0141049e272ed6439a3703ff4fdb74f5fb7f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated Show response
/ 720 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c008de21b502d1a5e12ede3b27f9f595ed4388dda36a9784b4accb8149044a7c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d851b0454d1ad5a29006e4d06b0e98fe70f6d324b3ebf7e8c28d4f61ef0472b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated Show response
/ 152 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 109 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3115055b28056bc3d6ae03731659ea8ccc83e08f18b3f64a6dcd02f36000d4b4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 260 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a02c9957ef409f8602001de0cde05ad5bb5953b2fb75e4b958ffafefaba6a196

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 555 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32f9c687f53eaf43d8691cfc3ec89d8982f3a0da2bb8a45066891d6f7ca9b4a3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 135 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ba9af6f12e99663f8f04285ef3d4ffd4cdbca820bccbc2dda9c40f805b5a850

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d6313f728b9513ad3cf0f152c2e08214c8e3973f46658ca12eb0b32cf86c943

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 209 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 218bc0ca7943a10d0d9fe3db6a6bf5778bf6396031d82e0680d828fdd10a7b54

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 85 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b2e4c86ca4da9eac25c15aaed65de5428d4c30b8d308a38e1870d28498c2b18

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8484111ff018ada568ba906180a74be9b043a7f605988ab7ed5fe2d843fcb278

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bcfd86c8d3f5891e3cbfa3fd7a67fcc2c2e9eb090c7ce73735124a01d3333aa8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f9d95f4b70225cad9e8255322914389e70174461330a4330ad1f851b444bded

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 574 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d18587fe060f4a33ff629645aaf30ea3a4e56246d59855b78887c742dc7ce998

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame 59AC 6 KB
2 KB 53ms
53ms Document
text/html 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=58b013e80000ff00059d4650

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 53495
cache-control: max-age=86400
content-encoding: gzip
content-length: 1930
content-type: text/html
date: Mon, 06 Nov 2023 01:37:31 GMT
etag: "1b1a56d9c9fcf8acab07f238231461df"
last-modified: Mon, 08 May 2023 11:42:34 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-amz-cf-id: 6SuxQLESIkbD9mPrTdXKzN53pXnoFPB6XnVeKIz8QMkVtem5rW-WwA==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 TCM-logo-white.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 3 KB
2 KB 111ms
110ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/TCM-logo-white.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25954a06d0ad4e02de285782538fce370efd6482e37aff9ecaa386149db1159f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Jun 2022 08:56:42 GMT
server: cloudflare
etag: W/"dd3-5e22dbfcbba30-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFfxyQciW2naZT1C5Ju5Kp4wmjNxAD7rmABkPtCw6Pi3NmHzFEIO7XoF%2BlpmJm5vFQvpgSTFM5dkTz0dKjmFxoglzROyBV8EWVOsQ2%2BRO8yeRNzgRDKFyagWbcLrhcBLhw9f%2FdkCR2zdX03v5C0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821eb69f8c7724f0-LHR

GET
H3 200 family_2e5c8517-447d-4851-81c0-b86de09d0d70-_-090-766x766.jpg
thetcmgroup.com/wp-content/uploads/2023/10/ 76 KB
76 KB 135ms
133ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2023/10/family_2e5c8517-447d-4851-81c0-b86de09d0d70-_-090-766x766.jpg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d77df9f839f005f080cc53f762fa9bdc2feb864fd18203de081d382f452518d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 77496
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 02 Oct 2023 14:26:01 GMT
server: cloudflare
etag: "12eb8-606bc8dbeeebc"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LADDpgdRDFzfYxubVPNNMtO9HbkSqHYXxNMEWEyUssP2vRxqPdWp6bRSwnMKxwzuy2CmMKSVgrdeUBTgTgiuPiD5wBMmtBr0THY2n3UR9zLBY8swpRgbhwE5XxfmLZYvyGJIl4npvuJEG9SI4M4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb69f8c7c24f0-LHR

GET
H3 200 duration-square.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 3 KB
1 KB 112ms
109ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/duration-square.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

816259af9cec16869342c649874102bbf21eb8f7d735c40f3e7f45ebd56ff8e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"b17-5ded292a57f89-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vodEK8zq8ZnTCVwJ6TTbpnKNq6SvIvJ0MYqGMZuF5Jge7K1EChPQepbZt%2Bn4LkiynhyZS%2FHVDOegFRLXu0i8IKkfexJjYDriHARRS7fbk%2F6pMxF2tiFbL5WCT61VBdX6VXNbNYP7vflMijsSZHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821eb69f8c8224f0-LHR

GET
H3 200 location-square.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 809 B
1 KB 113ms
111ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/location-square.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

859a00a2a87cb8cda482aeac3f79e7c77183e868c30e4ac6da07829fdf69f705

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"329-5ded292a57f89-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSh53IqVOq7SmnXtbNs0ApqwTnT3rMWDqDy6IPLVxkDdsGOOY%2FvwauvMx5cEwrCfGGTBuNzaGjHefi0JxMn7vg7mXFJMQUBafe65sHQTyN5XhHNeHxHTY7oFUlf%2FcxVlj0zTlf9NIF8ahjX3CPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821eb69f8c8924f0-LHR

GET
H3 200 document.png
thetcmgroup.com/wp-includes/images/media/ 200 B
791 B 114ms
111ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-includes/images/media/document.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fc10f9452d76439d0ad3bb712d360c869347110abf205cc0d733f489d56f8c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 200
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Feb 2022 15:02:35 GMT
server: cloudflare
etag: "c8-5d7fbb4edb6f5"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXkPICL%2B%2BG7ZtenF6nCUddU15HFUMAFsTVFk1R8e7vyzCnkU1Ut2HBgsHzCLv9tXyoe6N%2BmJAvI6P4OOviwJtuC%2F4oSRECDed7uK9TD5YDWZmpUrX5VK%2BRQk2eGRorj1fq22jMjgD%2Bhv9e1uyg8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb69f8c8a24f0-LHR

GET
H3 200 open-quotemarks.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 958 B
1 KB 114ms
112ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/open-quotemarks.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb689f976d6d96a8593caf251df449432d017be8923bc5557f13e8f060b07211

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"3be-5ded292a57f89-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FucuNhtd%2B9syUZT4bwMrqhvxw0dMxyEDUWCCMESQKQIo5aX8gaMSMXEiFzQnvGWh1vR3e7OEclwV0eAsHyI3a1jdvzjikkgSL7TKq3yIx0azHdQzIk6LxUNDGjT%2Fkjf4MHDwve7D4H8pgQ6J00w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821eb69f8c8c24f0-LHR

GET
H3 200 tcm-footer-logo.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 18 KB
6 KB 114ms
112ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/tcm-footer-logo.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85f7a5f0575d264e7ae61f50e1933edc81474948b6fab0ca77d92bf4074a8ad3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jul 2023 15:17:07 GMT
server: cloudflare
etag: W/"4661-600b04aa80adc-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzZc3UaNciEMlhlv1wy958cvl2eWAAjzZ8pAwPYi3UoQa4GEwIKZ2sjNtJkumHn%2BjQC1toIEPsI1yaYPxQGr3FwWzTyARsOX2JqMVPAozeUJtX57gwu2d6gUgSIap0PWyz1CpHtGPWdVfBuD8HY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821eb69f8c9024f0-LHR

GET
H3 200 email-arrow.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 272 B
808 B 116ms
114ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/email-arrow.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75f49fa35612a52c9a1dde5a3c6edc9beac852ddf99c08af7b4b9830f95c8c2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jul 2023 15:17:07 GMT
server: cloudflare
etag: W/"110-600b04aa80adc-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWalEugIZWB3PxISLAUQ4xdMJf7CkfJUB%2BMabAr2vcPV8M2uJD17LuMbG6yv8UyPKReDxHbY5%2BHf6E991M4GqrSF3yMLg6E90woLmjw%2Buz4sMLfGj3Y5uHsXwP13V3CYF0zHmXd5GSpEqPOBGCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821eb69f8c9824f0-LHR

GET
H3 200 TIC-footer-logo@2x.png
thetcmgroup.com/wp-content/uploads/2022/03/ 4 KB
4 KB 117ms
115ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/03/TIC-footer-logo@2x.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78c9a9261396f69ebcea27f2163f517652d6e2ff3e14c9e6b1754bf5fa1d0331

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3634
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 16:46:01 GMT
server: cloudflare
etag: "e32-5d9dff3004015"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHX9LKkz8jvWXCYCw2kZpzSfUnss0QXoIK38jpVXT7dM0pIw6aYKvd1xPugClsfEpbxOYv3g8NfEbTgHnOhVZ7k%2BmfmesMIsM06dn1eV78RpgjUAfYM5WtmQJNSCOQIKM1zFTpZr7b%2FbdIWpi0k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb69f8c9a24f0-LHR

GET
H3 200 TC-footer-logo_1.png
thetcmgroup.com/wp-content/uploads/2023/07/ 3 KB
4 KB 117ms
116ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2023/07/TC-footer-logo_1.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1462afd7ed679c2549f4104b64946fee49c0b7b5778e91945825783fddd05fe6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:05 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3025
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 18 Jul 2023 16:19:39 GMT
server: cloudflare
etag: "bd1-600c54823773f"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HByPkuWj%2B01yW8bGClQJy3G11zd0mUe0r%2FRHdMzndfJmc51IwnLiAyOFf4tMuUjRjf3COSSOLVNH0Agl0UKWDKQx2PbUCndJEn3UxH%2BMMfvmxEZSTxXp0Ol9Pa9rlEZqOm9c4q8y5L1wbIVg9o8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb69f8c9e24f0-LHR

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame 59AC 50 KB
16 KB 60ms
60ms Script
application/x-javascript 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=58b013e80000ff00059d4650

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

124f0540b0a531107030a6cd746f2c7b84acfe4469ba08b6792bb68da7edb984

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=58b013e80000ff00059d4650
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Nov 2023 03:37:18 GMT
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 46308
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15571
x-xss-protection: 1; mode=block
last-modified: Mon, 08 May 2023 11:42:56 GMT
server: AmazonS3
etag: "f90daf8c8f47c6afab7d4e27466118b5"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: wNtiGfIpC8q-_Pyr5QKdXjlC9b_yf2eDJGdu-OuSFVFeOSdHb4W5Bg==

GET
H3 200 trace Show response
thetcmgroup.com/cdn-cgi/ 316 B
383 B 52ms
52ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetcmgroup.com/cdn-cgi/trace

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c73e2fdbdfdb0c1580233e254cae0b47a72ef80bf76aa022e9257c3981af93a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 821eb6a0be7624f0-LHR
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 Arrow-Head-Left.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 531 B
928 B 86ms
86ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/Arrow-Head-Left.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bdb08ca20e66e5b228a0899ec9e1fcb26cb5862ddd786bcb6694cb1f3790d21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:06 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"213-5ded292a56fe9-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikUceMHjj27I0V7Jq2g9jhyZVkRPfaviwxDvIyrz4%2Bd1g0ZDjB8j5O2RRAChkhZO3MzoRxPhvFKVfKJDoZ5pD%2Bd9Vppwqarq220eHzGoO6RUJvcT%2B4o6glnAXO1CZ2LaVOhPZkZ0%2FiROtwvGZA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821eb6a0be7a24f0-LHR

GET
H3 200 Arrow-Head-Right.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 529 B
923 B 102ms
102ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/Arrow-Head-Right.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

360d29017fa6e21cb151ddc2694fa9815fb32145c1c8cb679d1101884113ba57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:06 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"211-5ded292a56fe9-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uysVf7vl5OFtW%2BJJTuZyDLLff3paS81hD5bo6EpAmC%2FRpj9KyiOm2dOosTC7RSyoo01t%2B1k3W2aK5MvVNAwXvuPazCHWuzjZWReAmllnHPWkU3VFv1vOewA70t0BQaV9IhCnsCHXv0aDDQo42Qg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821eb6a0be8124f0-LHR

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ 467 KB
188 KB 176ms
56ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcZ4CAbAAAAAOPsAuBbNZsFh13A3_lMp_JxI6o4&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Origin: https://thetcmgroup.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191376
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 13:59:34 GMT

GET
H2 200 loader.js Show response
static.olark.com/jsclient/ 9 KB
3 KB 226ms
52ms Script
application/javascript 192.229.233.34
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/loader.js
Requested by: Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.34 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:06 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 24 Oct 2023 21:50:03 GMT
server: ECS (frb/6772)
age: 2283
etag: "65383c0b-2227"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 3120
expires: Mon, 06 Nov 2023 19:29:06 GMT

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 30CB 200 B
1 KB 56ms
55ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2194
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 15:52:33 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 03 Nov 2023 20:07:03 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-id: c-Pc0mfAQ5rJ4Hs31FK8cqnwM4-ClOI5Am-wmQX77v4Mm51cBvtorg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-af2b1a0930aabaabdd88bbaa62023e98.html Show response
js.stripe.com/v3/ Frame 77D4 325 B
1 KB 57ms
56ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c029f32889d72c0d738e8dfa7233bbbbba61381cef6fe8aa74bfb2d884c983f7

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 55
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 16:28:12 GMT
etag: "af2b1a0930aabaabdd88bbaa62023e98"
last-modified: Fri, 03 Nov 2023 20:06:48 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-id: lDpG5augdNoZAsZzdjlKIyYR1kMAsyHr83EEqeo4ZnkOeA57VPiqWQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-873f465a4e99cf698176753050a5589c.html Show response
js.stripe.com/v3/ Frame 30A9 408 B
1 KB 56ms
55ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-873f465a4e99cf698176753050a5589c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

dc2d2c530c67decbf9fbbd68e9566c8d36162ad4b71c7adbe075bfe227aa6b29

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thetcmgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1055
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 16:11:33 GMT
etag: "873f465a4e99cf698176753050a5589c"
last-modified: Fri, 03 Nov 2023 20:07:03 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-id: dD3kSB-kfu2zzcx7D8uOudgP57eWOP-9uwa6OUpEV-1UxsxYEh9xHQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-c51c8fa7dfe3ace19f6c9a840e7bfafe.html Show response
js.stripe.com/v3/ Frame E3AB 344 B
1 KB 55ms
55ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-c51c8fa7dfe3ace19f6c9a840e7bfafe.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

56de66b79ce04f8c6296659ca883c18912a0402647de8358a7ca678b0ed80226

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 56
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 16:28:11 GMT
etag: "c51c8fa7dfe3ace19f6c9a840e7bfafe"
last-modified: Fri, 03 Nov 2023 20:07:03 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-id: PpaBUBA4BzEbkToCJZki-HnepJHYW6siGBveHVpgxWfaeGzud3jgBQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-af2b1a0930aabaabdd88bbaa62023e98.html Show response
js.stripe.com/v3/ Frame B78E 325 B
1 KB 56ms
56ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c029f32889d72c0d738e8dfa7233bbbbba61381cef6fe8aa74bfb2d884c983f7

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 55
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 16:28:12 GMT
etag: "af2b1a0930aabaabdd88bbaa62023e98"
last-modified: Fri, 03 Nov 2023 20:06:48 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-id: X95tf9DrcMSqqt20ymh1xYGvhk1v7F6mLxuGZnQm2P6nI0VhkCrPxQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 30CB 631 B
1 KB 55ms
55ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:30:59 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 3488
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 631
last-modified: Thu, 02 Nov 2023 20:55:14 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: VRln2mg2WJ35tWTv5yKkuXTm-Kj2D9YVv5l6FxH0x1Dm5qCbLE6giw==

GET
H2 200 shared-289a1402b72005b26d9b25f09d2809b5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 77D4 532 KB
116 KB 59ms
59ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

574c3a7cc926bae5f88423285368c09ae6f625cb2ae48fbfcec9de6972fb93cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:08:22 GMT
content-encoding: br
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1245
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:07:02 GMT
server: Cloudfront
etag: W/"3dd9059f98c49a91686f7547b64efa85"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: UyRkm4PeoFOvDk0Z12nfrEgTSaHSodEtgfDlKo2ZPLS2PHP4wwJ-MQ==

GET
H2 200 controller-21c1514437467dfd9679df463beea143.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 77D4 655 KB
168 KB 173ms
173ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-21c1514437467dfd9679df463beea143.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f1cbb0f159c0fa596ed6ca37fff10a821c055bcf7c52f7ba8f63da1d29087b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:23:27 GMT
content-encoding: gzip
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 341
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:06:59 GMT
server: Cloudfront
etag: W/"4fddab37efe361069ce6f24f889791b0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: r49D_9jrpeCgRsROYwaKvmmlczBpUlX_gIt6yF-ZF9t8ODAMqrRglA==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 30A9 117 KB
36 KB 261ms
103ms Script
application/javascript 2a00:1450:4013:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-873f465a4e99cf698176753050a5589c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c07::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2ca074e06b24a5adbed403260d9a354a1d13d2eb95f13c59740e3c378f5a0c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vrP1NVqCgc4E-WOL7SPELg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:06 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-vrP1NVqCgc4E-WOL7SPELg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 06 Nov 2023 16:29:06 GMT

GET
H2 200 shared-289a1402b72005b26d9b25f09d2809b5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 30A9 532 KB
116 KB 192ms
191ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-873f465a4e99cf698176753050a5589c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

574c3a7cc926bae5f88423285368c09ae6f625cb2ae48fbfcec9de6972fb93cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-873f465a4e99cf698176753050a5589c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:08:22 GMT
content-encoding: br
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1245
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:07:02 GMT
server: Cloudfront
etag: W/"3dd9059f98c49a91686f7547b64efa85"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: TJdOV6punSoKEg485tyiV5EpMu9dTjn3KiezM0aK7ap8cyNOesSKWw==

GET
H2 200 payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 30A9 10 KB
4 KB 56ms
55ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-873f465a4e99cf698176753050a5589c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-873f465a4e99cf698176753050a5589c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:17:59 GMT
content-encoding: gzip
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 756
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:07:01 GMT
server: Cloudfront
etag: W/"947a5566a308873ad0fd8dbfdd9c81cf"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 8KihpWNicc3JsUXQtcc5hfWIkHtqqjDHe1VaIQGjmOuSCadQx4xjxw==

GET
H2 200 shared-289a1402b72005b26d9b25f09d2809b5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E3AB 532 KB
116 KB 90ms
90ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-c51c8fa7dfe3ace19f6c9a840e7bfafe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

574c3a7cc926bae5f88423285368c09ae6f625cb2ae48fbfcec9de6972fb93cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-c51c8fa7dfe3ace19f6c9a840e7bfafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:08:22 GMT
content-encoding: br
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1245
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:07:02 GMT
server: Cloudfront
etag: W/"3dd9059f98c49a91686f7547b64efa85"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 8Dzj2T8pAMCkaSkgiM04G2-QXvIBKqjKPhAH7FHuElljbCqXc7LJOw==

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E3AB 12 KB
5 KB 121ms
120ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-c51c8fa7dfe3ace19f6c9a840e7bfafe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-c51c8fa7dfe3ace19f6c9a840e7bfafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:09:22 GMT
content-encoding: gzip
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1201
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:07:01 GMT
server: Cloudfront
etag: W/"330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 1250f676aoIAcz36f-fOaMX5mfiq-DZxi0ZEAxY96NEkoGEaI9-_mw==

GET
H2 200 shared-289a1402b72005b26d9b25f09d2809b5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B78E 532 KB
116 KB 121ms
120ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

574c3a7cc926bae5f88423285368c09ae6f625cb2ae48fbfcec9de6972fb93cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:08:22 GMT
content-encoding: br
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1245
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:07:02 GMT
server: Cloudfront
etag: W/"3dd9059f98c49a91686f7547b64efa85"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: WtnsqCP8XYhRr1yGAXZT4jm4It9ubqYzgQ4oUCsm1ST84RCg974Ofw==

GET
H2 200 controller-21c1514437467dfd9679df463beea143.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B78E 655 KB
168 KB 149ms
149ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-21c1514437467dfd9679df463beea143.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f1cbb0f159c0fa596ed6ca37fff10a821c055bcf7c52f7ba8f63da1d29087b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:23:27 GMT
content-encoding: gzip
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 341
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:06:59 GMT
server: Cloudfront
etag: W/"4fddab37efe361069ce6f24f889791b0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 40LRqIHwMMyMd-XdB8P9FFK3Qvz86VGPPtGQ0WTI3hor5geBGkUTVw==

GET
H3 200 RF-footer-logo@2x.png
thetcmgroup.com/wp-content/uploads/2022/03/ 3 KB
4 KB 64ms
64ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/03/RF-footer-logo@2x.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edb23b3a54b2a8135bd8913696fdb0bf9e3365f36ca2bcd90efff2fa915fc758

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:06 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2993
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 16:45:48 GMT
server: cloudflare
etag: "bb1-5d9dff2385b4a"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrR85Boqe9DEjAs3SxTKM%2FeW03TUq6EwK3I8baK9%2BO4Du03R7zAv2wFEjwQKumf6MR%2Bv2ytPyH97qf9BrbL3%2Bl2DoL4uyxqfIDgZxECODy5WMuxwMaNSjXsHeVWwN48Od%2FZDoZMAHGprFk8bdGA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb6a228b024f0-LHR

GET
H3 200 PCA-logo.png
thetcmgroup.com/wp-content/uploads/2023/03/ 8 KB
9 KB 86ms
86ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2023/03/PCA-logo.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ae4fc38640e214543ed0088f833f7500da172eb97f91bee5a296ee603e81ca5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:06 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8286
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Mar 2023 17:10:51 GMT
server: cloudflare
etag: "205e-5f68ed7e657cf"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izUDy2zF4Rx7iKRFGOjIvNdxZQw9ZhLpXXvS42%2Be6EUhc%2BvfEDdsTAIGwO45KHlCW9LulDtmxX5Z3C3pJi5bAwoAxi4w3lEynptr0546DTje7Tu2LNL4rwqYrfwsrVvLlHboitR%2BiubmjmoOkiE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb6a228b324f0-LHR

GET
H3 200 EL-footer-logo@2x.png
thetcmgroup.com/wp-content/uploads/2022/03/ 3 KB
4 KB 82ms
82ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/03/EL-footer-logo@2x.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b75fd7bd020f88e34a1861d1db246057777bc7050ff7adbad2e3b0d82c666bfe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:06 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3378
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 16:45:45 GMT
server: cloudflare
etag: "d32-5d9dff21542c0"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5BXQ3k4WmyKvqXLOlfkt0g%2FDlTFizKO%2FDdp7ESX2FOWTFpy63fiQsENiKbSBbdolPjxLAA2RX30HsDRgWpjiakA2wNjv3BiXKYZZrLucZO2igAB4vBY3K%2B8AcxKKJHYF7KjVuKIJtMaIK2fWdw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb6a228b624f0-LHR

GET
H3 200 Engage-Coaching-footer-logo.png
thetcmgroup.com/wp-content/uploads/2022/06/ 4 KB
4 KB 67ms
66ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/06/Engage-Coaching-footer-logo.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff66cd8b354fba69134c2fc2066b72c5e2bb3fa62a87f1819a74288e8ee37523

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:06 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3911
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 09:32:47 GMT
server: cloudflare
etag: "f47-5e21a22fd67da"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdDXrV%2BGEMMO5gRSOz%2FXHGAdluewP%2BPMHWhoQL6kaXUOhXcwoXpBJbkNZUe8FfAwgWINbbUQuObUnz0EKXb8LJd415eIbX0IXg9%2Bc6R1uMr%2BfMHsX66VYl7tjDWLHlQGMHfi0WBRTY7DeuEXCoo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb6a228b824f0-LHR

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 107 KB
33 KB 188ms
60ms Script
application/javascript 2a02:26f0:3500:18::1724:a29d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=a9237bd4-3780-4145-9699-99e148d3c75c&consentmode-dataredaction=undefined
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DKFX4C
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a29d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 02b9de7b7bf138e700920ae29919c78cf2188a5725d20499e79225860d164a67

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Mon, 06 Nov 2023 16:29:06 GMT
content-encoding: gzip
last-modified: Wed, 27 Sep 2023 07:15:18 GMT
etag: "4a4b65e12f1d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=943
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 33511
expires: Mon, 06 Nov 2023 16:44:49 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 30CB 0
717 B 869ms
417ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699288147030578
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699288147030050
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 30CB 0
718 B 866ms
415ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699288147030490
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699288147030068
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 77D4 0
717 B 871ms
422ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699288147031421
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699288147030084
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 30A9 0
717 B 875ms
427ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699288147037412
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699288147036640
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 30A9 0
717 B 879ms
432ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699288147037350
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699288147036671
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E3AB 0
717 B 892ms
447ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699288147038272
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699288147036669
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E3AB 0
717 B 892ms
447ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699288147039450
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699288147038975
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B78E 0
717 B 876ms
433ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699288147039646
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699288147039009
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
BLOB 200
OK 1d1a941a-efc1-4bc6-8fe0-4c701e3954eb Show response
https://thetcmgroup.com/ Frame 34B0 147 B
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://thetcmgroup.com/1d1a941a-efc1-4bc6-8fe0-4c701e3954eb
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/loader.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef75b33904d93af24fa40e39bfc332becf6145911fb0715a252445b5e2bcb79e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 147
Content-Type: text/html

GET
H2 200 53aa8807dec7e10d38f59f32 Show response
widget.trustpilot.com/trustbox-data/ Frame 59AC 892 B
827 B 66ms
66ms XHR
application/json 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=58b013e80000ff00059d4650&locale=en-GB

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

d920bbb4d210be64fabcd05b8c9e567b24b82adf6db425dd400f2252691376fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=58b013e80000ff00059d4650
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Nov 2023 16:29:06 GMT
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 329
x-cache: Hit from cloudfront
content-length: 394
x-xss-protection: 1; mode=block
server: Kestrel
etag: "6fd4690b5d9b56415bbf8eef0c8f1edd"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
x-amz-cf-id: XYG0fRC90F88h5uNA5Rw5WpH-P_vGXbZJPHIVrwxzgrzqxXYqBsBnw==

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame 59AC 0
322 B 83ms
83ms XHR
text/plain 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-GB&styleHeight=150px&styleWidth=100%25&theme=dark&url=https%3A%2F%2Fthetcmgroup.com%2Ftcm_course%2Fworkplace-investigation-mistakes%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.105%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=58b013e80000ff00059d4650&widgetId=53aa8807dec7e10d38f59f32

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=58b013e80000ff00059d4650
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:29:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: jZ73QiZbBugHIAewRXeBocwZcpcrmIkegaiiu7pvt6xAXQjRRnQlwA==
x-xss-protection: 1; mode=block

GET
H2 204 TrustboxView Show response
widget.trustpilot.com/stats/ Frame 59AC 0
321 B 89ms
88ms XHR
text/plain 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxView?locale=en-GB&styleHeight=150px&styleWidth=100%25&theme=dark&url=https%3A%2F%2Fthetcmgroup.com%2Ftcm_course%2Fworkplace-investigation-mistakes%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.105%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=58b013e80000ff00059d4650&widgetId=53aa8807dec7e10d38f59f32

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=58b013e80000ff00059d4650
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 16:29:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: C6pgFhTtK3HknKEtlm9D4EcU73N7ksMb9asCqJxi2BUSAN70HFkcrw==
x-xss-protection: 1; mode=block

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 5604 930 B
2 KB 208ms
55ms Document
text/html 2600:9000:2057:8000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 146
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 16:26:41 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-id: NNFPOWvvbM1wfvIzSnBUJMcE8OsveJ642KLu1fgPYUCLcA4LK84BoQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 Mediation-Co-footer-logo.png
thetcmgroup.com/wp-content/uploads/2022/06/ 6 KB
6 KB 92ms
89ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/06/Mediation-Co-footer-logo.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56395a307931ba8c8af322da569d8fbf232a6a2a198beff060bc60a0cb67f40c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:06 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5783
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 09:32:54 GMT
server: cloudflare
etag: "1697-5e21a236847b7"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEhaPWjSKc1jo6gsYVN7NlAWFKCwlK8ruDTZ1JMKRy0saQTXpGWD8aC0pvSwFLjHgvzsJox8xb6i8QeLMEw%2Bi3qMC8JyGTWbvUy5PbuqNblaGsztdiLYem9buTpDoRiDzGtXyb%2FKgi680nltdSM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb6a309dd24f0-LHR

GET
H3 200 PC-footer-logo.png
thetcmgroup.com/wp-content/uploads/2023/07/ 3 KB
4 KB 104ms
101ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2023/07/PC-footer-logo.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6add0582c5120aa7b4b92c4d565789d2fac17eaecede5d6abee7fad99c23083e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:06 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3155
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 18 Jul 2023 16:19:55 GMT
server: cloudflare
etag: "c53-600c549251993"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xy2glscRRgaenV2%2BPFk2n7FUiDUAntaTVSZWmETwYz9xSHWT20HSq4w8LXCosrMl0%2BJuUe2vebFCODuvaC7hZkPrqS5OcmfLdwmOTgk6%2F847Vgh%2Fm6WpB1GktniQnOgVH48JYx2PKhmXSdvT2e0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb6a309de24f0-LHR

GET
H3 200 Total-Conflict-logo.png
thetcmgroup.com/wp-content/uploads/2022/06/ 3 KB
4 KB 76ms
73ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/06/Total-Conflict-logo.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c9bd32be3014ae8c43d7d46a6d3a6ce34a26305777b44a1dff3df56e24fad1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:06 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3432
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 09:32:43 GMT
server: cloudflare
etag: "d68-5e21a22c04ef2"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pq2N5B0PrQMw3UiMpEqi0bnwkszy4BgsJgQDPRIAvGY86xc7wIqFPj%2Bz85%2BKqnb1nHjQ0eCUWlFjIRfmevrGwYLDemcizv30kW%2FVBQW8AcC0UonETCrHd%2F7rPkTyFpEvCQXZLeCvpeQ%2BsVDPe6I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb6a309e124f0-LHR

GET
H3 200 aubergine-logo.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 5 KB
3 KB 111ms
109ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/aubergine-logo.svg

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccc25886abb8e064a290ed03b5051df4125812743217ad3f71bfa7d7466e7803

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:06 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"135f-5ded292a56fe9-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Yqf4rJrPwvK%2Fc1UtcoPveiI3V2%2Fvq%2FJx0R%2F5l1iEyz8abAvP0Nf0nCpZfQikuVwCAz6upWv4NoZ8dcwo0GFwM%2FgjNmSzHk%2F7T%2F5pUBS4AxxS4Le3XCa2531F6kGtuzEtGKUKQlylX2Bpk4CewI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821eb6a309e524f0-LHR

GET
H3 200 book-popup.png
thetcmgroup.com/wp-content/plugins/tcm-footer-popup-html/assets/ 105 KB
106 KB 115ms
113ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/plugins/tcm-footer-popup-html/assets/book-popup.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bf7d28b7817a3c5f5138d907b26704c1d9d5ee6daedf4bf9f305e5e0fbe48f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:06 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 107485
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 27 Sep 2023 12:35:18 GMT
server: cloudflare
etag: "1a3dd-606566c881e3b"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zn0qXsrdIlkmECjqATq0uhu1mH%2BpeMiLMhHi76Xn%2FYGR6p3JyZ2IZvrqZ6MyV%2BCy4tR0GVbmRHlukZ%2F%2B%2Bo6a1OqWFxp7LYKl5QCmFvesHeNTO9eHq7wAOgjXqwX%2Fcnb6m6l8m1gfMhw%2FspBNROo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb6a309e624f0-LHR

GET
H3 200 blue-close-tab.png
thetcmgroup.com/wp-content/plugins/tcm-footer-popup-html/assets/ 4 KB
4 KB 102ms
101ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/plugins/tcm-footer-popup-html/assets/blue-close-tab.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58c726abb9961e46616b46c8e5e8a714fb1403afd60457932edec76913bc21d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:06 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3592
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 27 Sep 2023 12:35:18 GMT
server: cloudflare
etag: "e08-606566c881e3b"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXynRXUY4arU7qpgA8lJSOsQ6%2Bc0yamRm%2BvnOa9jcHd0VY3XTihMLRD6CMFeialiuVedN7S0iy1Og5cJGzw2IrbWBXvDI6kKlJBJBGhXxty5eUOQ2wVLcMnBqWe0Jy3i6KSiDayyMutga2mEskk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb6a309e724f0-LHR

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 2FD9 58 KB
33 KB 85ms
84ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcZ4CAbAAAAAOPsAuBbNZsFh13A3_lMp_JxI6o4&co=aHR0cHM6Ly90aGV0Y21ncm91cC5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=ndqs7tf9pdp5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1bb376c879734e002d96fe998a54524f84e005c76b96e9cb15101377f4eb2710

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nbSCxy0Iv_CnS-RKYj3-7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-nbSCxy0Iv_CnS-RKYj3-7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:29:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame B78E 474 B
865 B 173ms
66ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 4b4e2fd962c12448fbb7303ba8a992df1457176a77844c907e298477619e4049

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Nov 2023 16:28:12 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified: Fri, 03 Nov 2023 20:43:33 GMT
server: Cloudfront
age: 55
x-amz-cf-pop: FRA6-C1
etag: "9d2b7c68f3688d63062ae3c45959953a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: EXxuTa1LqfzlsOpXKpW19ROhK1RmHi-o-0GUth66dUUayQRNWFY80g==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame B78E 474 B
862 B 158ms
67ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 4b4e2fd962c12448fbb7303ba8a992df1457176a77844c907e298477619e4049

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Nov 2023 16:28:12 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified: Fri, 03 Nov 2023 20:43:33 GMT
server: Cloudfront
age: 55
x-amz-cf-pop: FRA6-C1
etag: "9d2b7c68f3688d63062ae3c45959953a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: Qy2QHhlnaJa739pz32Or1Cscu8pgI5q1US-Q-I37i730nqY2EjDj0A==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 77D4 474 B
865 B 109ms
68ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 4b4e2fd962c12448fbb7303ba8a992df1457176a77844c907e298477619e4049

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Nov 2023 16:28:12 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified: Fri, 03 Nov 2023 20:43:33 GMT
server: Cloudfront
age: 55
x-amz-cf-pop: FRA6-C1
etag: "9d2b7c68f3688d63062ae3c45959953a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: -EyROnLlJNtoK7dFeWX05MmPOMyEBVf3zgER9jqmCRDqxxjrqafpYQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 77D4 474 B
863 B 102ms
68ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 4b4e2fd962c12448fbb7303ba8a992df1457176a77844c907e298477619e4049

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Nov 2023 16:28:12 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified: Fri, 03 Nov 2023 20:43:33 GMT
server: Cloudfront
age: 55
x-amz-cf-pop: FRA6-C1
etag: "9d2b7c68f3688d63062ae3c45959953a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: sRaVW_c-cSG1W1jgmd9Jeg0b_PgLDdol7zSxufAOSjFumSOV2dnB1Q==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ Frame 2FD9 55 KB
24 KB 172ms
55ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcZ4CAbAAAAAOPsAuBbNZsFh13A3_lMp_JxI6o4&co=aHR0cHM6Ly90aGV0Y21ncm91cC5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=ndqs7tf9pdp5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 14:16:12 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ Frame 2FD9 467 KB
187 KB 200ms
83ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 13:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191376
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 13:59:34 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 5604 0
491 B 448ms
433ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699288147039338
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1699288147038903
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 5604 87 KB
14 KB 66ms
64ms Script
text/javascript 2600:9000:2057:8000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:28:35 GMT
content-encoding: br
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 32
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: rawEniwVhMymtOnJuv6byQTxIIgcEdFSEK3rScn_yYXA66_B5UloMg==

GET
H2 200 en-GB-de258e70e6f927eb403fbbc08d1e847f.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame B78E 133 KB
24 KB 70ms
69ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/en-GB-de258e70e6f927eb403fbbc08d1e847f.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

612a484bf603116cfc8df65f8d75bc4d1718f4abc9fe3b4b8e94bf220cbbf60e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Nov 2023 16:09:37 GMT
content-encoding: br
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1170
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:06:50 GMT
server: Cloudfront
etag: W/"de258e70e6f927eb403fbbc08d1e847f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Pi7_7DBpHeTvZFTcmThnlg2CUdUcmMyM0JVooO0pfU6f6DIYy-wfYg==

GET
H2 200 en-GB-de258e70e6f927eb403fbbc08d1e847f.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame B78E 133 KB
24 KB 74ms
73ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/en-GB-de258e70e6f927eb403fbbc08d1e847f.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

612a484bf603116cfc8df65f8d75bc4d1718f4abc9fe3b4b8e94bf220cbbf60e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Nov 2023 16:15:03 GMT
content-encoding: br
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1170
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:06:50 GMT
server: Cloudfront
etag: W/"de258e70e6f927eb403fbbc08d1e847f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 4UnV5CpR2O8OAOOdeTRjTPKVIhJ8dY1JG_PXGpOBB-SqqE6TpaAY4g==

GET
H2 200 en-GB-de258e70e6f927eb403fbbc08d1e847f.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 77D4 133 KB
24 KB 111ms
110ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/en-GB-de258e70e6f927eb403fbbc08d1e847f.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

612a484bf603116cfc8df65f8d75bc4d1718f4abc9fe3b4b8e94bf220cbbf60e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-af2b1a0930aabaabdd88bbaa62023e98.html
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Nov 2023 16:15:03 GMT
content-encoding: br
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1170
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 03 Nov 2023 20:06:50 GMT
server: Cloudfront
etag: W/"de258e70e6f927eb403fbbc08d1e847f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: gKpMZJ4vhHK8nzoowVlDehzeCt2lKMbZ-6AXxzoOUz3ViWfQPLOVJw==

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 77D4 2 KB
3 KB 444ms
265ms Fetch
application/json 52.49.17.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.49.17.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-17-168.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b27711839b478a5b861a595c51efba35456037214ef331a67389e1f94c731b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy-report-only: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
cross-origin-resource-policy: same-site
content-length: 1971
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 8B19 627 B
812 B 189ms
55ms Document
text/html 2a02:26f0:3500:887::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=a9237bd4-3780-4145-9699-99e148d3c75c&consentmode-dataredaction=undefined
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=30056826
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 16:29:06 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Sat, 19 Oct 2024 13:36:12 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1699288146895_388276619_2015295052_25_713_51_65_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/a9237bd4-3780-4145-9699-99e148d3c75c/ 271 KB
62 KB 121ms
121ms Script
application/x-javascript 2a02:26f0:3500:18::1724:a29d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/a9237bd4-3780-4145-9699-99e148d3c75c/cc.js?renew=false&referer=thetcmgroup.com&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=a9237bd4-3780-4145-9699-99e148d3c75c&consentmode-dataredaction=undefined
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a29d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1adc342f9ffdd6abc6165bddf5f1584c6a56d60cba0f9981a7fe7bc372977905

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:06 GMT
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 16:29:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
cross-origin-resource-policy: cross-origin
content-length: 63335
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 8ACA 19 KB
8 KB 122ms
118ms Document
text/html 2a00:1450:4013:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c07::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cddc6db7de78ce447b2416ba6e79448fe371d7f1a76266864446960cebd7af95

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-KdT_ETz-t3Mmklgz2aVgnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-KdT_ETz-t3Mmklgz2aVgnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 06 Nov 2023 16:29:06 GMT
expires: Mon, 06 Nov 2023 16:29:06 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B78E 0
274 B 314ms
289ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147039676
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699288147039090
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B78E 0
274 B 313ms
290ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040249
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699288147039543
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B78E 0
274 B 314ms
292ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147039869
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699288147039129
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B78E 0
274 B 301ms
280ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147039656
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699288147039103
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B78E 0
274 B 296ms
279ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147039831
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699288147039146
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B78E 0
274 B 305ms
290ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040052
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699288147039483
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B78E 0
274 B 333ms
319ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147039830
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1699288147039166
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B78E 0
274 B 303ms
291ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147039747
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699288147039158
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B78E 0
274 B 315ms
305ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040181
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699288147039626
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B78E 0
274 B 313ms
305ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040148
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699288147039588
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 301ms
277ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040222
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 10
x-stripe-client-envoy-start-time-us: 1699288147039653
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 285ms
261ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040156
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699288147039665
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 288ms
264ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040432
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699288147039689
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 288ms
264ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040129
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699288147039753
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 271ms
248ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040333
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699288147039750
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 270ms
248ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040555
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699288147039821
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 282ms
262ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040608
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699288147039975
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 282ms
263ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040435
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699288147039869
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 265ms
247ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040324
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699288147039887
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 255ms
239ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040486
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699288147039922
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 278ms
264ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040671
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699288147039972
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 289ms
276ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040775
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 8
x-stripe-client-envoy-start-time-us: 1699288147040123
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
273 B 274ms
261ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147040477
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699288147040011
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 425ms
416ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147241403
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699288147240938
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
273 B 427ms
419ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147241624
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699288147241001
access-control-allow-credentials: true
content-length: 0

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KO8gEaUwHFo.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame 8ACA 158 KB
56 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KO8gEaUwHFo.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriw6xNp8j07wy07DnFbmqomu282-g/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78067e0b948364de4f70b00aed14c87dc9976fcea6ecedd392f2b5fe98faa4f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 16:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 432650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 08:39:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 16:18:17 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 5604 156 B
668 B 659ms
216ms XHR
application/json 44.228.215.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.215.240 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-215-240.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8968aaa5fb98fa01396332a6cd2eb38b11ae5517eea42db23603d28bf927165a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 06 Nov 2023 16:29:07 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699288147564522
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699288147564018
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 336ms
336ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147241481
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699288147241103
access-control-allow-credentials: true
content-length: 0

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 8ACA 2 KB
2 KB 155ms
154ms Other
text/html 2a00:1450:4013:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: thetcmgroup.com
URL: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c07::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2FD9 2 KB
2 KB 55ms
55ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 15:15:26 GMT
x-content-type-options: nosniff
age: 350021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 09 Nov 2023 15:15:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2FD9 15 KB
15 KB 57ms
55ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 221464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2FD9 15 KB
15 KB 66ms
65ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:06:30 GMT
x-content-type-options: nosniff
age: 339757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:06:30 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 2FD9 102 B
133 B 66ms
66ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c8bb9d1a8eec9d58deb70c22a52e8bc5bcfd0f57eb7ba9a3a3f3312c184da91

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcZ4CAbAAAAAOPsAuBbNZsFh13A3_lMp_JxI6o4&co=aHR0cHM6Ly90aGV0Y21ncm91cC5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&cb=ndqs7tf9pdp5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 06 Nov 2023 16:29:07 GMT

GET
DATA 200
OK truncated
/ 293 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KO8gEaUwHFo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylL... Frame 8ACA 73 KB
27 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KO8gEaUwHFo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0DVug9w.L.B1.O/am=EIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrg-TN3aB0TI8culLBT8tJcoIyaeew/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KO8gEaUwHFo.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriw6xNp8j07wy07DnFbmqomu282-g/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4015ac21b2cb45037b1ac90210cee8231d2c118bef4881ac5df076214e9b239d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 16:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27249
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 08:39:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 16:41:22 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KO8gEaUwHFo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylL... Frame 8ACA 9 KB
4 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KO8gEaUwHFo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0DVug9w.L.B1.O/am=EIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrg-TN3aB0TI8culLBT8tJcoIyaeew/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11de1f093f6aed430c95ea75fa1a1d987ff7120e60d808763645a0ce8ae541c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 17:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 08:39:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 17:46:52 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KO8gEaUwHFo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylL... Frame 8ACA 37 KB
14 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KO8gEaUwHFo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0DVug9w.L.B1.O/am=EIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrg-TN3aB0TI8culLBT8tJcoIyaeew/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

200b9d78addcec527f6be0e5bf3292b42436688a145033a1963e3aec1aa0dc29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 17:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14056
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 08:39:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 17:46:52 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame B78E 0
274 B 222ms
218ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147563508
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1699288147563035
access-control-allow-credentials: true
content-length: 0

GET
H3 200 PC-footer-logo.png
thetcmgroup.com/wp-content/uploads/2023/07/ 3 KB
4 KB 58ms
56ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2023/07/PC-footer-logo.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6add0582c5120aa7b4b92c4d565789d2fac17eaecede5d6abee7fad99c23083e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 3155
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 18 Jul 2023 16:19:55 GMT
server: cloudflare
etag: "c53-600c549251993"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yo2vEiCU4znM5dgmtOCV%2BkKGDqOZ79TshlIj7J131Za7nQroPb9u3s22XmuQewJ%2B2RwXxtls8EkC%2F44cP7%2BIUsMVDHezRYGVhMg2AQjfLP7bh6MU4vKXvvH25Bu9wz75WrnY1RSk3M7DAlLsRkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb6a9aab524f0-LHR

GET
H3 200 Total-Conflict-logo.png
thetcmgroup.com/wp-content/uploads/2022/06/ 3 KB
4 KB 68ms
66ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/06/Total-Conflict-logo.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c9bd32be3014ae8c43d7d46a6d3a6ce34a26305777b44a1dff3df56e24fad1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 3432
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 09:32:43 GMT
server: cloudflare
etag: "d68-5e21a22c04ef2"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIgXKO1VzzFwczceuH9C2IoJj94tT6QnzCJHVrUqdm6Bvn7NZhiZstt4OnLOTTZdN6JfGWMRjP2Km0kpsFFpM8w5%2FVALbIlJltHAN5K0etLX2EIQO1C7N%2B4MTwj8KzpzHNc4h%2BZeeFhc4FmPOpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb6a9aab724f0-LHR

GET
H3 200 Mediation-Co-footer-logo.png
thetcmgroup.com/wp-content/uploads/2022/06/ 6 KB
6 KB 69ms
66ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/06/Mediation-Co-footer-logo.png

Requested by

Host: thetcmgroup.com
URL: https://thetcmgroup.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56395a307931ba8c8af322da569d8fbf232a6a2a198beff060bc60a0cb67f40c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 5783
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 09:32:54 GMT
server: cloudflare
etag: "1697-5e21a236847b7"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsHxgupZiFqqR%2F6oWwcIbZyemdGcynn2OJ3BwQPDLxnYHpkLahYeliYlf9pKldbh95eUL9nY%2BF1JQiJ9bbSlOghLLjSUnEgzeRtS4cRRsFlEor2H3E4NSWG4yH2nKr2%2FVl%2Fh1OYxPfwQGCRobVU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb6a9aab824f0-LHR

GET
H3 200 close-quotemarks.svg
thetcmgroup.com/wp-content/themes/tcm/images/ 973 B
1 KB 84ms
81ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/themes/tcm/images/close-quotemarks.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b727f16d85c160feb1177c586ff68936a86f7742a029d031ac09505c088c536c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 15:54:28 GMT
server: cloudflare
etag: W/"3cd-5ded292a57f89-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQMwuCA1N9JXIa9eQLFc8i8pwPrAXyF943%2BQsUbXvngQ6mLWXWAX1MRrHFrsUBrj3K6aMc6qf3xRWUg%2B5Of63M%2FOM%2FQ8f62d6bPTGgu6yRgU61Vh8ZJuULZ2NV1q9RXJMm%2BjARw5CeKNilkNljs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 821eb6a9aabc24f0-LHR

GET
H3 200 RF-footer-logo@2x.png
thetcmgroup.com/wp-content/uploads/2022/03/ 3 KB
3 KB 65ms
63ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/03/RF-footer-logo@2x.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edb23b3a54b2a8135bd8913696fdb0bf9e3365f36ca2bcd90efff2fa915fc758

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 2993
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 16:45:48 GMT
server: cloudflare
etag: "bb1-5d9dff2385b4a"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwwvYFhQQXQU9uLhxyiol1tn2iufTwvv8fBvmd%2BrXwRWZsJeC5D6E1HA5pybSXKkIaIXX8htt6Z5NMV8uouNU8O3FDE%2BKiCl7qO%2BeS1M2GYZIVHuRyVdfIz0PAS9UbB1cGw7oe%2B7XlFRh0kyBUg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb6a9aabd24f0-LHR

GET
H3 200 PCA-logo.png
thetcmgroup.com/wp-content/uploads/2023/03/ 8 KB
9 KB 65ms
63ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2023/03/PCA-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ae4fc38640e214543ed0088f833f7500da172eb97f91bee5a296ee603e81ca5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 8286
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Mar 2023 17:10:51 GMT
server: cloudflare
etag: "205e-5f68ed7e657cf"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttv%2BqjtuFKyHl3h%2FY2HUGLAqgSuHP174F09FtdXdLHyXK4NA4sZyYuiKsGqbjlys2Zyd3ZkNyvPUByAab2ghyQ4dwWM01W90%2Bs9Y8Mhw4%2FiyTDkkkNzKX3q10X7cyTk7nD2layosDxq3aKbw8%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb6a9aac224f0-LHR

GET
H3 200 EL-footer-logo@2x.png
thetcmgroup.com/wp-content/uploads/2022/03/ 3 KB
4 KB 66ms
64ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/03/EL-footer-logo@2x.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b75fd7bd020f88e34a1861d1db246057777bc7050ff7adbad2e3b0d82c666bfe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 3378
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 16:45:45 GMT
server: cloudflare
etag: "d32-5d9dff21542c0"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1c88GsbU9L0eZ7gUkdH33HdfPaYbES3nMhDJ274i7Y%2B%2Foi6A7x%2BPeGqEPQ5Qi87rNt7r5jofiKjtMQLI6KI%2BwLODskAvA19w8ok9z8iaw7Jtj3LRdB7URuMAUSdpZ218C%2FFd95m%2FVVcWyZxqYfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb6a9aac524f0-LHR

GET
H3 200 Engage-Coaching-footer-logo.png
thetcmgroup.com/wp-content/uploads/2022/06/ 4 KB
4 KB 71ms
69ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thetcmgroup.com/wp-content/uploads/2022/06/Engage-Coaching-footer-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff66cd8b354fba69134c2fc2066b72c5e2bb3fa62a87f1819a74288e8ee37523

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thetcmgroup.com/tcm_course/workplace-investigation-mistakes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 3911
x-served-by: 6d2dbe6f0a5b735021f3d16029a81efd
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 09:32:47 GMT
server: cloudflare
etag: "f47-5e21a22fd67da"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQ5egf1Zz9XvKyCFGmmYi5dJoJFUXhXDQ1a%2FQHvwx%2FTBlOLFG00sQoabydelZlTPJsjEppKPNEcL5zQQe29dZWXRQsB9aXomrpsbgXzJFojN4Covv98st%2BEIywMxQ65TIo%2B8jOAMVTozZ7a8%2BzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 821eb6a9aaca24f0-LHR

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 223ms
222ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147571312
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699288147570574
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 223ms
222ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147573133
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699288147572616
access-control-allow-credentials: true
content-length: 0

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 8ACA 1 MB
376 KB 120ms
119ms XHR
text/html 2a00:1450:4013:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c07::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

effe22e0b88d2ec85197a1e3713263eb9f68133ab87f4197681b6403a60d2e60

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-OtSUbl-nUAB19XHaFpLkqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-OtSUbl-nUAB19XHaFpLkqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 06 Nov 2023 16:29:07 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 224ms
223ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147625373
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699288147624847
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 220ms
220ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147625227
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699288147624909
access-control-allow-credentials: true
content-length: 0

POST
H3 200 log Show response
play.google.com/ Frame 8ACA 131 B
155 B 220ms
114ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Nov 2023 16:29:07 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 219ms
88ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 06 Nov 2023 16:29:07 GMT
expires: Mon, 06 Nov 2023 16:29:07 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 202ms
88ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 06 Nov 2023 16:29:07 GMT
expires: Mon, 06 Nov 2023 16:29:07 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8ACA 131 B
155 B 220ms
114ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 06 Nov 2023 16:29:07 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Nov 2023 16:29:07 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 217ms
217ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147649496
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699288147649203
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 217ms
217ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147650068
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699288147649735
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 218ms
218ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147653364
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1699288147653043
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 217ms
216ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147655105
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699288147654725
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 77D4 0
274 B 216ms
215ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-289a1402b72005b26d9b25f09d2809b5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 06 Nov 2023 16:29:07 GMT
x-stripe-server-envoy-start-time-us: 1699288147657461
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699288147657265
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 5604 156 B
667 B 218ms
216ms XHR
application/json 44.228.215.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.215.240 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-215-240.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8968aaa5fb98fa01396332a6cd2eb38b11ae5517eea42db23603d28bf927165a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 06 Nov 2023 16:29:07 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699288147808784
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699288147808390
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 5604 156 B
667 B 267ms
266ms XHR
application/json 44.228.215.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.215.240 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-215-240.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8968aaa5fb98fa01396332a6cd2eb38b11ae5517eea42db23603d28bf927165a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 06 Nov 2023 16:29:07 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699288147858572
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699288147858119
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www2.thetcmgroup.com/	1970-01-21 01:37:28	Name: visitor_id897461 Value: 342309051
www2.thetcmgroup.com/	1970-01-21 01:37:28	Name: visitor_id897461-hash Value: 51ba1f52b5a21f0734aa517720ddedb1e89f0c75d827051d184180fb7f9021df61ff5f7e1d4d206d3caa7dc90073872d82f95f0c
.google.com/	1970-01-20 20:24:59	Name: NID Value: 511=E_HzGxznne10UraQ9h8pLH4Y-MwKxzu0fwDRtMZevLsM3Z6oCrpZpbslWKPDswntPzYN4kA3S3tqGMW2KaqodX8zC901HvoRqf6iffsLG-YDMtJKKd5hBlKCB6s5aOocD-W9189De4eIzFEr5PkjHofZ6R-OyzkCeAh6K4O8SRo
m.stripe.com/	1970-01-21 01:37:28	Name: m Value: 0a635c48-2e67-4602-a5e1-7314fc3a1624751c04
.thetcmgroup.com/	1970-01-21 00:47:04	Name: __stripe_mid Value: 5a5564d8-aedd-43c1-97c4-3c4b986ae41856de12
.thetcmgroup.com/	1970-01-20 16:01:29	Name: __stripe_sid Value: 3ad21ea7-5283-4c92-aa33-cb4dc9a3a8b59ddd90

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent.cookiebot.com
consentcdn.cookiebot.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
static.olark.com
thetcmgroup.com
widget.trustpilot.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www2.thetcmgroup.com

192.229.233.34
2600:9000:2057:8000:19:7d10:bd80:93a1
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200a
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:831::2004
2a00:1450:4013:c07::5c
2a02:26f0:3500:18::1724:a29d
2a02:26f0:3500:887::f09
2a06:98c1:3120::3
44.228.215.240
52.222.236.107
52.49.17.168
52.54.96.194
54.187.119.242
99.86.4.76
0056299071c4519f17586f5a4f9d7bacadc0978a31b36e79eebc09ec17439cbe
00b55d4c2f81b6b53aa944b364b81ac1e1a3a4f3e94818b14eb270e5f156f24b
02400eff6006674ae1b3d90e24a27433b2f7724c5002b7c82d9a3f340755357a
02b9de7b7bf138e700920ae29919c78cf2188a5725d20499e79225860d164a67
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
0312475e7974a6a7d4ca349eb9f0f1fb00387c993f1ee6627065a32a3aa8ad8b
0775857f32c100c7e98fe96ba857873809054342a1ce98fafc174f8046a1da0d
08ed8e3aab1262bd50ac7b605dfb3f628dab6f18fbb58b0e59623216dbad6727
09b662ab593f8d6554b3b463d4a352e5b7e0586bb4e60acc11f4913b428509ad
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
118e237b998bf26746914c5398bd37a71938f664dc434a27830351e778ae0ab3
11de1f093f6aed430c95ea75fa1a1d987ff7120e60d808763645a0ce8ae541c0
124f0540b0a531107030a6cd746f2c7b84acfe4469ba08b6792bb68da7edb984
12553f3efc346c133c5ffba7a493ef82fce2298e81b1a09a342b8ada10e26405
1462afd7ed679c2549f4104b64946fee49c0b7b5778e91945825783fddd05fe6
1533d5bc82424a9a3ac37a7fe543925909d25715d16938b9e02c728c86fd86e8
15c9bd32be3014ae8c43d7d46a6d3a6ce34a26305777b44a1dff3df56e24fad1
1633281d74a87f044dea32f5782acf8e587b7814f907e17b3740dc72f988e29e
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1adc342f9ffdd6abc6165bddf5f1584c6a56d60cba0f9981a7fe7bc372977905
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb376c879734e002d96fe998a54524f84e005c76b96e9cb15101377f4eb2710
1c8bb9d1a8eec9d58deb70c22a52e8bc5bcfd0f57eb7ba9a3a3f3312c184da91
1f9d95f4b70225cad9e8255322914389e70174461330a4330ad1f851b444bded
200b9d78addcec527f6be0e5bf3292b42436688a145033a1963e3aec1aa0dc29
2173fe202b54daeb55873608869a7ee5a1ef481d23f6e42b024ae666973770fa
218bc0ca7943a10d0d9fe3db6a6bf5778bf6396031d82e0680d828fdd10a7b54
23f71eff6c34c2a6aa74192072500749c9894c493a71b2ede6e988ae3dc31deb
25954a06d0ad4e02de285782538fce370efd6482e37aff9ecaa386149db1159f
27381220e3f28342d9b020614058b4ca43f5abf17efbc48d6a817ae6f05160f7
2b2e4c86ca4da9eac25c15aaed65de5428d4c30b8d308a38e1870d28498c2b18
2bdb08ca20e66e5b228a0899ec9e1fcb26cb5862ddd786bcb6694cb1f3790d21
2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03
2fc10f9452d76439d0ad3bb712d360c869347110abf205cc0d733f489d56f8c9
3115055b28056bc3d6ae03731659ea8ccc83e08f18b3f64a6dcd02f36000d4b4
32f9c687f53eaf43d8691cfc3ec89d8982f3a0da2bb8a45066891d6f7ca9b4a3
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
360d29017fa6e21cb151ddc2694fa9815fb32145c1c8cb679d1101884113ba57
3d6a1250b131483bf690875fcdb40533a394fff0880f007f48f9b8f2a1ccd8fb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4015ac21b2cb45037b1ac90210cee8231d2c118bef4881ac5df076214e9b239d
41b4c596184afae01f6dde4c334950293a9a591ebf9646fca1fb320f940fa1b1
47fdc96a7223c911f8d2238fcfe14924812518a9ff8650308e79cf3088f06cfc
49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc
4b4e2fd962c12448fbb7303ba8a992df1457176a77844c907e298477619e4049
4d3e0f5e27ff66bec2902b6dcdbe52dc22ba86b143dd6940ffce312f0ac93a9d
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5263e0259033b631c270979443ce95ea023737a1ad7f5d6d618e73bef2d64e8d
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5550f904be1dd8825d113db685b9c92507fa0087d414c6a1f64852d62758c0c4
56395a307931ba8c8af322da569d8fbf232a6a2a198beff060bc60a0cb67f40c
56de66b79ce04f8c6296659ca883c18912a0402647de8358a7ca678b0ed80226
574c3a7cc926bae5f88423285368c09ae6f625cb2ae48fbfcec9de6972fb93cc
58c726abb9961e46616b46c8e5e8a714fb1403afd60457932edec76913bc21d1
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ba9af6f12e99663f8f04285ef3d4ffd4cdbca820bccbc2dda9c40f805b5a850
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d77df9f839f005f080cc53f762fa9bdc2feb864fd18203de081d382f452518d
612a484bf603116cfc8df65f8d75bc4d1718f4abc9fe3b4b8e94bf220cbbf60e
675abb39e33edf5c534d86017f925545b7f68621897f9c688badad05303824f7
6add0582c5120aa7b4b92c4d565789d2fac17eaecede5d6abee7fad99c23083e
6bf7d28b7817a3c5f5138d907b26704c1d9d5ee6daedf4bf9f305e5e0fbe48f9
6d6313f728b9513ad3cf0f152c2e08214c8e3973f46658ca12eb0b32cf86c943
6d851b0454d1ad5a29006e4d06b0e98fe70f6d324b3ebf7e8c28d4f61ef0472b
6e6e9b41bfb424a2dc0ffef4a8902dbfb4b6dbf9618c4a05b22f4a12fa7c821c
6e7d2a1ae6d18ec37ab985e42b7202b14d222cb9074a7d0f8557e8bff8759a75
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
75f49fa35612a52c9a1dde5a3c6edc9beac852ddf99c08af7b4b9830f95c8c2c
78067e0b948364de4f70b00aed14c87dc9976fcea6ecedd392f2b5fe98faa4f7
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688
78c9a9261396f69ebcea27f2163f517652d6e2ff3e14c9e6b1754bf5fa1d0331
7f29390b230580ac6995fa545c194d7ae22099bf823ca93fa9bfd1af736e0747
816259af9cec16869342c649874102bbf21eb8f7d735c40f3e7f45ebd56ff8e8
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
8484111ff018ada568ba906180a74be9b043a7f605988ab7ed5fe2d843fcb278
859a00a2a87cb8cda482aeac3f79e7c77183e868c30e4ac6da07829fdf69f705
85f7a5f0575d264e7ae61f50e1933edc81474948b6fab0ca77d92bf4074a8ad3
8968aaa5fb98fa01396332a6cd2eb38b11ae5517eea42db23603d28bf927165a
8adfbc27fffba13ab2e297324d3e0141049e272ed6439a3703ff4fdb74f5fb7f
8ae4fc38640e214543ed0088f833f7500da172eb97f91bee5a296ee603e81ca5
8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6
92b4feff9bb6c863075d35cd38d989cc254f99489f574338def1949904027d42
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
a02c9957ef409f8602001de0cde05ad5bb5953b2fb75e4b958ffafefaba6a196
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
a9355c1b32c96f1da116a0df14644c2f2a1965d5206234304174514fc209aa90
ac0a29702ebc38d8c064dc547ef86af370a27d8b2f3f758291d3cc481643872d
afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d
b27711839b478a5b861a595c51efba35456037214ef331a67389e1f94c731b95
b2ca074e06b24a5adbed403260d9a354a1d13d2eb95f13c59740e3c378f5a0c3
b6d62cb480942c8deb8161cbca06f0838d48ebdc750b7c2f535d0581212a7cfe
b727f16d85c160feb1177c586ff68936a86f7742a029d031ac09505c088c536c
b75fd7bd020f88e34a1861d1db246057777bc7050ff7adbad2e3b0d82c666bfe
b99993143ef5c98b746267c0a19fd2c2f4a6d64af3e1dae82a87573c4b9b1572
bcfd86c8d3f5891e3cbfa3fd7a67fcc2c2e9eb090c7ce73735124a01d3333aa8
c008de21b502d1a5e12ede3b27f9f595ed4388dda36a9784b4accb8149044a7c
c029f32889d72c0d738e8dfa7233bbbbba61381cef6fe8aa74bfb2d884c983f7
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c73e2fdbdfdb0c1580233e254cae0b47a72ef80bf76aa022e9257c3981af93a2
c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37
cbdd8a81111b2dbc784a4d9b9193f9d241ddd212932d440c5a4ac46277ae8f44
ccc25886abb8e064a290ed03b5051df4125812743217ad3f71bfa7d7466e7803
cddc6db7de78ce447b2416ba6e79448fe371d7f1a76266864446960cebd7af95
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620
d18587fe060f4a33ff629645aaf30ea3a4e56246d59855b78887c742dc7ce998
d585a2ee280fb3a5db922a8035d7d8c633c5e3245d1ef5ff4a97f52c6d7e3853
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d920bbb4d210be64fabcd05b8c9e567b24b82adf6db425dd400f2252691376fa
dc2d2c530c67decbf9fbbd68e9566c8d36162ad4b71c7adbe075bfe227aa6b29
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6658396ee384c7a84e83365a3ce7aabec29bbd9d55ee8400abd3c367ac72bdb
edb23b3a54b2a8135bd8913696fdb0bf9e3365f36ca2bcd90efff2fa915fc758
ef75b33904d93af24fa40e39bfc332becf6145911fb0715a252445b5e2bcb79e
effe22e0b88d2ec85197a1e3713263eb9f68133ab87f4197681b6403a60d2e60
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f1cbb0f159c0fa596ed6ca37fff10a821c055bcf7c52f7ba8f63da1d29087b8f
f316c916a4b66cc2414afe37df7ddc70fcdfc8f109519d49941b267cdc1032d5
fb689f976d6d96a8593caf251df449432d017be8923bc5557f13e8f060b07211
fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e
ff66cd8b354fba69134c2fc2066b72c5e2bb3fa62a87f1819a74288e8ee37523
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

thetcmgroup.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

170 Requests

100 %HTTPS

58 %IPv6

10 Domains

19 Subdomains

19 IPs

4 Countries

2943 kBTransfer

9442 kBSize

6 Cookies

21 Outgoing links

Page URL History

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 24 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thetcmgroup.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

100 %
HTTPS

58 %
IPv6

10
Domains

19
Subdomains

19
IPs

4
Countries

2943 kB
Transfer

9442 kB
Size

6
Cookies

170 HTTP transactions
24 data transactions