www.firmplay.com Open in urlscan Pro
198.185.159.145 Public Scan

URL:
https://www.firmplay.com/
Submission: On January 21 via manual (January 21st 2021, 7:52:39 am UTC) from PH

Summary HTTP 74 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 20 domains to perform 74 HTTP transactions. The main IP is 198.185.159.145, located in New York, United States and belongs to SQUARESPACE, US. The main domain is www.firmplay.com.
TLS certificate: Issued by R3 on January 1st 2021. Valid for: 3 months.

This is the only time www.firmplay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	198.185.159.145 198.185.159.145	53831 (SQUARESPACE) (SQUARESPACE)
5	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4	151.101.112.237 151.101.112.237	54113 (FASTLY) (FASTLY)
1 3	151.101.112.238 151.101.112.238	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE)
7	151.101.12.238 151.101.12.238	54113 (FASTLY) (FASTLY)
1	104.108.67.60 104.108.67.60	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700:e6:... 2606:4700:e6::ac40:cb1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:205... 2600:9000:2057:f400:1f:f723:6fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:285::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.9.73.59 65.9.73.59	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 1	65.9.73.61 65.9.73.61	16509 (AMAZON-02) (AMAZON-02)
8	65.9.73.88 65.9.73.88	16509 (AMAZON-02) (AMAZON-02)
3	99.83.219.81 99.83.219.81	16509 (AMAZON-02) (AMAZON-02)
74	27

7 198.185.159.145 (New York, United States)

ASN53831 (SQUARESPACE, US)

www.firmplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:ba0a (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.112.237 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

assets.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.112.238 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

static1.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.12.238 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

images.squarespace-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.67.60 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-67-60.deploy.static.akamaitechnologies.com

www.equinix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e6::ac40:cb1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:f400:1f:f723:6fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:285::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.59 (Seattle, United States)

ASN16509 (AMAZON-02, US)

tr.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.61 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 65.9.73.88 (Seattle, United States)

ASN16509 (AMAZON-02, US)

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.83.219.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	intercomcdn.com js.intercomcdn.com	418 KB
7	squarespace-cdn.com images.squarespace-cdn.com	275 KB
7	squarespace.com 1 redirects assets.squarespace.com static1.squarespace.com	610 KB
7	firmplay.com www.firmplay.com	27 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	209 KB
6	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	116 KB
6	typekit.net use.typekit.net p.typekit.net	77 KB
5	google.com www.google.com	1009 B
4	intercom.io 1 redirects widget.intercom.io api-iam.intercom.io	6 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
2	google.de www.google.de	637 B
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
2	lfeeder.com sc.lfeeder.com tr.lfeeder.com	5 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	13 KB
1	googletagmanager.com www.googletagmanager.com	45 KB
1	equinix.com www.equinix.com	17 KB
0	intercomassets.com Failed static.intercomassets.com Failed
74	20

	Domain	Requested by
8	js.intercomcdn.com	widget.intercom.io js.intercomcdn.com www.firmplay.com
7	images.squarespace-cdn.com	www.firmplay.com
7	www.firmplay.com	www.firmplay.com assets.squarespace.com
5	www.google.com	assets.squarespace.com www.gstatic.com www.firmplay.com
5	ka-f.fontawesome.com	kit.fontawesome.com www.firmplay.com
5	fonts.gstatic.com	fonts.googleapis.com
5	use.typekit.net	www.firmplay.com
4	assets.squarespace.com	www.firmplay.com
3	api-iam.intercom.io	js.intercomcdn.com
3	static1.squarespace.com	1 redirects www.firmplay.com
2	www.google.de	www.firmplay.com
2	px.ads.linkedin.com	1 redirects www.firmplay.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	widget.intercom.io	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	assets.squarespace.com
1	tr.lfeeder.com	www.firmplay.com
1	www.linkedin.com	1 redirects
1	p.typekit.net	www.firmplay.com
1	www.gstatic.com	www.google.com
1	sc.lfeeder.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	www.firmplay.com
1	kit.fontawesome.com	www.firmplay.com
1	www.equinix.com	www.firmplay.com
1	ajax.googleapis.com	www.firmplay.com
1	fonts.googleapis.com	www.firmplay.com
0	static.intercomassets.com Failed
74	29

This site contains no links.

Subject Issuer	Validity	Valid
www.firmplay.com R3	`2021-01-01` - `2021-04-01`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.squarespace.com DigiCert SHA2 High Assurance Server CA	`2020-08-18` - `2021-03-30`	7 months	crt.sh
*.squarespace-cdn.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-02-05`	a year	crt.sh
www.equinix.com DigiCert Secure Site ECC CA-1	`2020-06-04` - `2021-09-03`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-13` - `2021-10-12`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.lfeeder.com Amazon	`2020-09-04` - `2021-10-06`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.intercomcdn.com Amazon	`2020-03-29` - `2021-04-29`	a year	crt.sh
*.intercom.com Amazon	`2020-05-13` - `2021-06-13`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.firmplay.com/
Frame ID: 0D63725F8B3153ECE4E4163C7BE79B7F
Requests: 57 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeiLKUZAAAAAInNHvd5vMMDcTpNYyFgOtNAWbQJ&co=aHR0cHM6Ly93d3cuZmlybXBsYXkuY29tOjQ0Mw..&hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&theme=light&size=normal&cb=wkjoqs7w9y4
Frame ID: F1CD1721B46A2703E208C17B0A2400FF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&k=6LeiLKUZAAAAAInNHvd5vMMDcTpNYyFgOtNAWbQJ&cb=8j5yurfy4zdb
Frame ID: 1B4B61CD4945E6C76BC65C762CA61968
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.6b19704d.js
Frame ID: A3B543E95998E694B8AE0761E17CDF17
Requests: 10 HTTP requests in this frame

Frame: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Frame ID: 7B6E3456409D487B7FC21427B5BC0529
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/images/dismiss.249568e7.png
Frame ID: AE96E6BCA71314248D47524070AE2754
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Squarespace (CMS) Expand

Overall confidence: 100%
Detected patterns

html //i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

74
Requests

93 %
HTTPS

64 %
IPv6

20
Domains

29
Subdomains

27
IPs

6
Countries

1871 kB
Transfer

5766 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://static1.squarespace.com/static/5e39e477babebc1530d6dfd7/t/5e39fdfe3e66de3c75cea641/1609797885780/?format=1500w HTTP 301
https://images.squarespace-cdn.com/content/5e39e477babebc1530d6dfd7/1580858879017-F5LOCAAM7Z7RHTLTOLCO/FP+Blue.png?content-type=image%2Fpng

Request Chain 47

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=53790&time=1611215542024&url=https%3A%2F%2Fwww.firmplay.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D53790%26time%3D1611215542024%26url%3Dhttps%253A%252F%252Fwww.firmplay.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=53790&time=1611215542024&url=https%3A%2F%2Fwww.firmplay.com%2F&liSync=true

Request Chain 57

https://widget.intercom.io/widget/myqg7b9w HTTP 302
https://js.intercomcdn.com/shim.latest.js

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.firmplay.com/ 78 KB
17 KB 324ms
104ms Document
text/html 198.185.159.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firmplay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.145 New York, United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

5fb66abf5f49a9651c243eef01aee46f153a2a1ef4fbc690b6e1eafcfd0d9b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.firmplay.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

accept-ranges: bytes
age: 52404
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 20 Jan 2021 17:18:56 GMT
etag: W/"5ab0deac32eb1110d4ab1a17792bc837--gzip"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
set-cookie: crumb=BcxJmzj16cHXZDBjZjc1N2VkNWE4ZWQwNjUxMGJjODljNDk5ZGFl;Path=/
strict-transport-security: max-age=43200
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: hNtE9BOq/LW9z3tIn
content-length: 17231

GET
H2 200 06DpDQ8bzV6B31pqUymX2dW42Zh0p0HiMj1Hop4ckNGfeGSIfFHN4UJLFRbh52jhWDm8wD88F2SajcBKZA4RwQ9DwebhZeZqFU7yMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0-emtjAy8ZY4zdKuXjW4yd... Show response
use.typekit.net/ik/ 17 KB
7 KB 35ms
22ms Script
text/javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ik/06DpDQ8bzV6B31pqUymX2dW42Zh0p0HiMj1Hop4ckNGfeGSIfFHN4UJLFRbh52jhWDm8wD88F2SajcBKZA4RwQ9DwebhZeZqFU7yMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0-emtjAy8ZY4zdKuXjW4yd1sudeIl-ai7jKoDSWmyScmDSeBRZPoRdhXCHKoDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0dcmXOeBDOcu8OeZTScu3deBoOcFzdPUGZWyy-emqScN0OWsyScB0iYmCjPunihTKO1FUiABkZWF3jAF8OcFzdPUCdhFydeyzSabCSaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdPUaiaS0jAFu-WsoShFGZAsude80ZkoRdhXCiaiaOcBRiA8XpWFR-emqiAUTdcS0dcmXOYiaikoySkolZPUaiaS0Zc8kdWgCjWq0jhNlOYiaikoGZWyy-emqScN0OWsyScB0iYmCjPunihTKO1FUiABkZWF3jAF8OcFzdPUaiaS0SaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdPJ4Z1mXiW4yOWgXH6qJy89bMg62JMJ7fbKImsMMeMb6MKG4fVN9IMMjgPMfH6qJ6m9bMg6YJMHbMLLwxVbB.js

Requested by

Host: www.firmplay.com
URL: https://www.firmplay.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

10211b3377883b224a1fe1497015115794e217c92c34ffa195f1ecea126f55de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 21 Jan 2021 07:52:21 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 6862

GET
H2 200 css
fonts.googleapis.com/ 5 KB
805 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,700i,400i|Libre+Franklin:700i,700

Requested by

Host: www.firmplay.com
URL: https://www.firmplay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47aef73ad4a579b003119658b8c14067e139d7193a54f5cba8e9d0cc28255028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jan 2021 07:52:21 GMT
server: ESF
date: Thu, 21 Jan 2021 07:52:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jan 2021 07:52:21 GMT

GET
H2 200 cldr-resource-pack-d2b6094e965c882c2de89-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 119 KB
24 KB 24ms
23ms Script
text/javascript 151.101.112.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-d2b6094e965c882c2de89-min.en-US.js
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 508f7c626b1756e0d6fa8024d1db52d010ba731badb9950292367eb09b5c2aa1

Request headers

Origin: https://www.firmplay.com
Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 1162723
x-cache: HIT, HIT
x-cache-hits: 1, 129242
content-encoding: gzip
content-length: 24853
x-served-by: cache-bwi5128-BWI, cache-hhn4021-HHN
last-modified: Thu, 05 Nov 2020 15:18:58 GMT
server: UploadServer
x-timer: S1611215541.486786,VS0,VE0
etag: "2440347a76948a1b9c7ab70f7f4e253a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jan 2022 20:53:38 GMT

GET
H2 200 common-vendors-5bfde57f439f3dd235e46-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 706 KB
198 KB 23ms
22ms Script
text/javascript 151.101.112.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-5bfde57f439f3dd235e46-min.en-US.js
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da2ff0a0613f8705f74a832fb71b45957efccbc390655d7596d79849a9295336

Request headers

Origin: https://www.firmplay.com
Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 552757
x-cache: HIT, HIT
x-cache-hits: 1, 48534
content-encoding: gzip
content-length: 201957
x-served-by: cache-bwi5128-BWI, cache-hhn4021-HHN
last-modified: Thu, 14 Jan 2021 21:39:27 GMT
server: UploadServer
x-timer: S1611215541.486760,VS0,VE0
etag: "13e2bba5c01789ad83315623904419eb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 22:19:43 GMT

GET
H2 200 common-0fbd3adf0f5b02a423bb0-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 903 KB
234 KB 22ms
21ms Script
text/javascript 151.101.112.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-0fbd3adf0f5b02a423bb0-min.en-US.js
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c904bcb22cbaef306f7c3b6ab8abaf1fe654e37638430d376cca4bcab8f789b8

Request headers

Origin: https://www.firmplay.com
Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 145261
x-cache: HIT, HIT
x-cache-hits: 2, 4027
content-encoding: gzip
content-length: 239014
x-served-by: cache-bwi5151-BWI, cache-hhn4021-HHN
last-modified: Tue, 19 Jan 2021 13:57:36 GMT
server: UploadServer
x-timer: S1611215541.486753,VS0,VE0
etag: "10459b165b0eb87486cee68dc0d73178"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jan 2022 15:31:20 GMT

GET
H2 200 performance-e8f0bc9aa26cee507ecf9-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 115 KB
32 KB 63ms
63ms Script
text/javascript 151.101.112.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/performance-e8f0bc9aa26cee507ecf9-min.en-US.js
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a429abfa6f63a7f7c37bdae7dd8f39365c21d583fd89bacf0d1ec8c3e30b1a26

Request headers

Origin: https://www.firmplay.com
Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 4175886
x-cache: HIT, HIT
x-cache-hits: 1, 104602
content-encoding: gzip
content-length: 32305
x-served-by: cache-bwi5121-BWI, cache-hhn4021-HHN
last-modified: Thu, 03 Dec 2020 22:36:13 GMT
server: UploadServer
x-timer: S1611215542.530332,VS0,VE0
etag: "d3430d84ab605cf24b750e14804805cf"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Dec 2021 23:54:15 GMT

GET
H2 200 site.css
static1.squarespace.com/static/sitecss/5e39e477babebc1530d6dfd7/388/55f0aac0e4b0f0a5b7e0b22e/5e39e478babebc1530d6dfed/341-05142015/1600286981334/ 898 KB
81 KB 23ms
22ms Stylesheet
text/css 151.101.112.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/sitecss/5e39e477babebc1530d6dfd7/388/55f0aac0e4b0f0a5b7e0b22e/5e39e478babebc1530d6dfed/341-05142015/1600286981334/site.css?&filterFeatures=false

Requested by

Host: www.firmplay.com
URL: https://www.firmplay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

260cdf5210d2547f69bf401fd49f1178c8f5363203501511e700bddc2cd83706

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 660831
x-cache: HIT, HIT
x-contextid: s0a2wt4v/3WKCVxb5
x-cache-hits: 1, 1
content-length: 82813
x-served-by: cache-dfw18632-DFW, cache-hhn4083-HHN
pragma: cache
server: Squarespace
x-timer: S1611215542.642592,VS0,VE1
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: www.firmplay.com
URL: https://www.firmplay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 06:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3331
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jan 2022 06:56:50 GMT

GET
H2

200

FP+Blue.png
images.squarespace-cdn.com/content/5e39e477babebc1530d6dfd7/1580858879017-F5LOCAAM7Z7RHTLTOLCO/
Redirect Chain

https://static1.squarespace.com/static/5e39e477babebc1530d6dfd7/t/5e39fdfe3e66de3c75cea641/1609797885780/?format=1500w
https://images.squarespace-cdn.com/content/5e39e477babebc1530d6dfd7/1580858879017-F5LOCAAM7Z7RHTLTOLCO/FP+Blue.png?content-type=image%2Fpng

6 KB
6 KB

118ms
118ms

Image
image/png

151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/5e39e477babebc1530d6dfd7/1580858879017-F5LOCAAM7Z7RHTLTOLCO/FP+Blue.png?content-type=image%2Fpng
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7b556c464e797fec797812fc736533756d82240e411a8ee23d53c07f89306d3d

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:22 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 500320
x-cache: HIT, MISS
content-length: 6484
x-served-by: cache-bwi5132-BWI, cache-fra19157-FRA
x-timer: S1611215542.934525,VS0,VE93
tracepoint: Fastly
etag: CO3Fru+2iesCEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

Redirect headers

date: Thu, 21 Jan 2021 07:52:21 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 55522
x-cache: HIT, MISS
x-contextid: WIMub8Q4/bGisCD4o
x-cache-hits: 1, 0
content-length: 0
x-served-by: cache-dfw18659-DFW, cache-hhn4083-HHN
pragma: cache
server: Squarespace
x-timer: S1611215542.733311,VS0,VE116
location: https://images.squarespace-cdn.com/content/5e39e477babebc1530d6dfd7/1580858879017-F5LOCAAM7Z7RHTLTOLCO/FP+Blue.png?content-type=image%2Fpng
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *, *
tracepoint: Fastly

GET
H/1.1 200
OK fileAsset
www.equinix.com/contentAsset/raw-data/953cabaf-9d39-4f5d-83c6-a477a9bf1c6b/ 17 KB
17 KB 107ms
38ms Image
image/png 104.108.67.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.equinix.com/contentAsset/raw-data/953cabaf-9d39-4f5d-83c6-a477a9bf1c6b/fileAsset?language_id=1

Requested by

Host: www.firmplay.com
URL: https://www.firmplay.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.108.67.60 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-67-60.deploy.static.akamaitechnologies.com

Software

Apache-Coyote/1.1 /

Resource Hash

e7958c7dee2ba94f6e2a814b4899ccd0ee83ef1a34a716277ec7b89ed06a8ed6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 07:52:21 GMT
Last-Modified: Sat, 06 Jul 2019 09:29:34 +0000
conasst_info: /contentAsset/raw-data/953cabaf-9d39-4f5d-83c6-a477a9bf1c6b/fileAsset<--->language_id=1&sl_locale=la-GL
ETag: dot:69a1e8ee-ce64-4237-bff8-bcea504bed1c:1562405374000:17028
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, private, max-age=2051166
Content-Disposition: inline; filename="Equinix-logo_1200x627.png"
Connection: keep-alive
Content-Length: 17028
Server: Apache-Coyote/1.1
Expires: Sun, 14 Feb 2021 01:38:27 GMT

GET
H2 200 site-bundle.js Show response
static1.squarespace.com/static/ta/55f0a9b0e4b0f3eb70352f6d/341/scripts/ 131 KB
41 KB 64ms
63ms Script
application/javascript 151.101.112.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/ta/55f0a9b0e4b0f3eb70352f6d/341/scripts/site-bundle.js

Requested by

Host: www.firmplay.com
URL: https://www.firmplay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

316aa052d7c6501f533d5c74d1e905369b9a305c615a0d2d5fd5cc36798639d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501213
x-cache: HIT, HIT
x-contextid: GyxLIHQk/XQXYLQZt
x-cache-hits: 20018, 288
content-length: 42173
x-served-by: cache-dfw18647-DFW, cache-hhn4083-HHN
pragma: cache
server: Squarespace
x-timer: S1611215542.700462,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 8f7ea3ec58.js Show response
kit.fontawesome.com/ 11 KB
4 KB 47ms
29ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/8f7ea3ec58.js

Requested by

Host: www.firmplay.com
URL: https://www.firmplay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

579e85c12cf83a01140c64fccc3592f076609a8a6e6946e9f3830f348abca994

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Origin: https://www.firmplay.com
Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: MISS
strict-transport-security: max-age=31536000; preload
cf-request-id: 07c5872dd00000bece989cf000000001
x-request-id: Flwv_6UsP2bGs3k2uxsB
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 614f748fbbafbece-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 123 KB
45 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-597PH39

Requested by

Host: www.firmplay.com
URL: https://www.firmplay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14632b2fd9a85b0bca6b5aafd0d7b757b32a32ee66a0a73c9be71bd0e790daea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45773
x-xss-protection: 0
last-modified: Thu, 21 Jan 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Jan 2021 07:52:21 GMT

GET
H2 200 ui-icons.svg
www.firmplay.com/assets/ 8 KB
8 KB 211ms
210ms Other
image/svg+xml 198.185.159.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firmplay.com/assets/ui-icons.svg

Requested by

Host: www.firmplay.com
URL: https://www.firmplay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.145 New York, United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

ded1e2af9a5d3937cc8d26fbb6d0212702f611ca62607c4eb3e7b4dc3b196d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: cache
date: Wed, 20 Jan 2021 17:38:47 GMT
x-content-type-options: nosniff
server: Squarespace
cache-control: public, max-age=94608000
age: 51213
etag: W/"678e9235668f84d7ac6a4563a9bd871b"
strict-transport-security: max-age=43200
content-type: image/svg+xml
access-control-allow-origin: *
x-contextid: hNtE9BOq/2iM2iDq5
accept-ranges: bytes
content-length: 8459
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,700i,400i|Libre+Franklin:700i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.firmplay.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,700i,400i|Libre+Franklin:700i,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 20:14:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 560294
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Fri, 14 Jan 2022 20:14:07 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,700i,400i|Libre+Franklin:700i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.firmplay.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,700i,400i|Libre+Franklin:700i,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 06:27:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 523471
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Sat, 15 Jan 2022 06:27:50 GMT

GET
H2 200 jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhycKkANDPTedX18mE.woff
fonts.gstatic.com/s/librefranklin/v6/ 17 KB
17 KB 9ms
7ms Font
font/woff 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v6/jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhycKkANDPTedX18mE.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,700i,400i|Libre+Franklin:700i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4b0c7475464f088e98a85ff4eaf831e33157a09fe8329ab4f457f34f8c9d511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.firmplay.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,700i,400i|Libre+Franklin:700i,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 06:03:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:02:30 GMT
server: sffe
age: 524949
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17720
x-xss-protection: 0
expires: Sat, 15 Jan 2022 06:03:12 GMT

GET
H2 200 jizMREVItHgc8qDIbSTKq4XkRiUawTk7f45UM9y05oabQ-DLR-B109GFZQw.woff
fonts.gstatic.com/s/librefranklin/v6/ 19 KB
19 KB 9ms
7ms Font
font/woff 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v6/jizMREVItHgc8qDIbSTKq4XkRiUawTk7f45UM9y05oabQ-DLR-B109GFZQw.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,700i,400i|Libre+Franklin:700i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c5eaf7fb6c13cc73c64e0ee3bf4641bdb940d93f74e45f91762d74fe3f2bcf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.firmplay.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,700i,400i|Libre+Franklin:700i,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 18 Jan 2021 23:16:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:03:09 GMT
server: sffe
age: 203726
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19688
x-xss-protection: 0
expires: Tue, 18 Jan 2022 23:16:55 GMT

GET
H3-Q050 200 S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v17/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,700i,400i|Libre+Franklin:700i,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.firmplay.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,700i,400i|Libre+Franklin:700i,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 11:28:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 73443
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14864
x-xss-protection: 0
expires: Thu, 20 Jan 2022 11:28:18 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 59 KB
13 KB 42ms
25ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free.min.css?token=8f7ea3ec58
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/8f7ea3ec58.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 07c5872e66000005f122189000000001
last-modified: Wed, 13 Jan 2021 18:32:18 GMT
server: cloudflare
etag: W/"4ecc071b77d6b1790fa9fb8a5173f972"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b0aRxx%2Be1LDv1RB3cDn3M%2B152PteJe38%2B5jExwysMZTLVSqBTLUxfZno4ESzdBAvCamo4%2FPkNY0zIClFCYcPnK5CGlPTuOw2gSIxkDqsbd8bya55OjLqIgXLTfzOQ5MHfg%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 614f7490aafe05f1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: p9vAkStIJTjBJHNmmEDevQW5JHq21AVOfdk5CC8pR65yhi4AFo7cpw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 26 KB
4 KB 39ms
22ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free-v4-shims.min.css?token=8f7ea3ec58
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/8f7ea3ec58.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 248944
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 07c5872e66000005f183108000000001
last-modified: Wed, 13 Jan 2021 18:32:17 GMT
server: cloudflare
etag: W/"1848e71668f42835079e5fa2af6cf4a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WZrfHEBJzQRL5oPzPhK6LCQ85ljzZAr7E9qjjnyaZFc748grO%2B8HUodj1oZUJTzGavMOs7cd1K6DSAX2om50xAlLLVLrboJjDCcogdZFo0KNPUoR0rDLNEG7G12gUSsCTQ%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA6-C1
cf-ray: 614f7490ab0105f1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: NfLn3SlC6cWpS4JSqEGVq4GD5PLdmcIkAt1KQJ2D6wwkCzGtOHgpJA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 3 KB
2 KB 31ms
15ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free-v4-font-face.min.css?token=8f7ea3ec58
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/8f7ea3ec58.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87a2729abe4d824617c1cf16d8cd2aa780095253d7b237655e654f926872d58e

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 248944
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 07c5872e67000005f1540b8000000001
last-modified: Wed, 13 Jan 2021 18:32:16 GMT
server: cloudflare
etag: W/"252773908df2cc3deb0e09dc1817e64b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4kXKfaxihylDdlj3fRR6l4EExG1bYRV5T0Anwq5tUqYNnfJkQHFWQNkn%2FOhKCkMe6GDbX9p1AqxCGNgeSGlVvgCK3kRC4c0x%2Bp%2B3kitshsfKo3TrRp3j0xkFYDO1JM8MFA%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA6-C1
cf-ray: 614f7490ab0205f1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: aElMSJhExOxGmrZ3CSYFKErZdMiPJ-e0a6zYY52cuVfmWUJ9xd-mBg==

GET
H2 200 FirmPlay+Ambassador+Hub+Overview+New.jpg
images.squarespace-cdn.com/content/v1/5e39e477babebc1530d6dfd7/1581445337850-O6GUZS95U8Y6Y2VGN3UJ/ke17ZwdGBToddI8pDm48kIkvwSWZM9dlcDsyXmdNS_V7gQa3H78H3Y0txjaiv_0fDoOvxcdMmMKkDsyUqMSsMWxHk725yiiHCCL... 84 KB
84 KB 149ms
148ms Image
image/jpeg 151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5e39e477babebc1530d6dfd7/1581445337850-O6GUZS95U8Y6Y2VGN3UJ/ke17ZwdGBToddI8pDm48kIkvwSWZM9dlcDsyXmdNS_V7gQa3H78H3Y0txjaiv_0fDoOvxcdMmMKkDsyUqMSsMWxHk725yiiHCCLfrh8O1z5QPOohDIaIeljMHgDF5CVlOqpeNLcJ80NK65_fV7S1UZ7GIVqewmVaJWJT5GXLRHhBUQmUMwxiAQJTaiCmB8BAFW-19vHGdlvPV5aDhCUMaA/FirmPlay+Ambassador+Hub+Overview+New.jpg?format=1000w
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 551bc2d8aee73c1c890159718e62ab9ac9c7cc2d5936f71c2242242e1217df99

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 595840
x-cache: HIT, MISS
content-length: 85997
x-served-by: cache-bwi5136-BWI, cache-fra19157-FRA
x-timer: S1611215542.858977,VS0,VE100
tracepoint: Fastly
etag: CNiLnPK2iesCEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 Social+Media+Policy+Header+Wide.jpg
images.squarespace-cdn.com/content/v1/5e39e477babebc1530d6dfd7/1585756222725-JNK2B4Y9X1318GQBGVMM/ke17ZwdGBToddI8pDm48kAcRuYRwUM3quGC8CorSdoAUqsxRUqqbr1mOJYKfIPR7LoDQ9mXPOjoJoqy81S2I8N_N4V1vUb5AoII... 39 KB
39 KB 119ms
118ms Image
image/jpeg 151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5e39e477babebc1530d6dfd7/1585756222725-JNK2B4Y9X1318GQBGVMM/ke17ZwdGBToddI8pDm48kAcRuYRwUM3quGC8CorSdoAUqsxRUqqbr1mOJYKfIPR7LoDQ9mXPOjoJoqy81S2I8N_N4V1vUb5AoIIIbLZhVYxCRW4BPu10St3TBAUQYVKcVoK0YWjbLhD8RSeObOHbORDWpWpqIg9_6gAXTVAlZtYQrQtuqEIhP6EIreecnV2R/Social+Media+Policy+Header+Wide.jpg?format=750w
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bd4d812348ada1073e2321b68e42edfdfa161ce9dabdbf85ebe97b7cf06f9a28

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 92436
x-cache: HIT, MISS
content-length: 39826
x-served-by: cache-bwi5149-BWI, cache-fra19157-FRA
x-timer: S1611215542.858931,VS0,VE92
tracepoint: Fastly
etag: CI7s+Ne2iesCEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 921 B
675 B 16ms
15ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__grecaptchaOnLoadCallback&render=explicit

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-0fbd3adf0f5b02a423bb0-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

69b88cc5a790f4fc69324577438a86250f356e55c484d4af89c1b931df0337d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Thu, 21 Jan 2021 07:52:21 GMT

GET
H2 200 Before+Employee+Advocacy+small.jpg
images.squarespace-cdn.com/content/v1/5e39e477babebc1530d6dfd7/1591560487620-3K52IHU9TGGUATH7192E/ke17ZwdGBToddI8pDm48kMwFrHESeymqx2G59_QuUrFZw-zPPgdn4jUwVcJE1ZvWEtT5uBSRWt4vQZAgTJucoTqqXjS3CfNDSuu... 5 KB
5 KB 34ms
30ms Image
image/jpeg 151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5e39e477babebc1530d6dfd7/1591560487620-3K52IHU9TGGUATH7192E/ke17ZwdGBToddI8pDm48kMwFrHESeymqx2G59_QuUrFZw-zPPgdn4jUwVcJE1ZvWEtT5uBSRWt4vQZAgTJucoTqqXjS3CfNDSuuf31e0tVG7P4Dwq9JtLex_pFybt7mmtQ6TCnon4I24joR2E3QAfUWOW8hgl4jPfejttcjVcig/Before+Employee+Advocacy+small.jpg?format=500w
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e1f14152b81e1202b23c7510e876f2c2b72be29aea2d34e9ddb83c7e1fd9a931

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 569967
x-cache: HIT, HIT
content-length: 4782
x-served-by: cache-bwi5125-BWI, cache-fra19157-FRA
x-timer: S1611215542.900206,VS0,VE1
tracepoint: Fastly
etag: CIny28m2iesCEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 After+Employee+Advocacy.jpg
images.squarespace-cdn.com/content/v1/5e39e477babebc1530d6dfd7/1591560497027-PGRWZTOO7P4LZ6C7WKFR/ke17ZwdGBToddI8pDm48kMwFrHESeymqx2G59_QuUrFZw-zPPgdn4jUwVcJE1ZvWEtT5uBSRWt4vQZAgTJucoTqqXjS3CfNDSuu... 12 KB
12 KB 127ms
124ms Image
image/jpeg 151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5e39e477babebc1530d6dfd7/1591560497027-PGRWZTOO7P4LZ6C7WKFR/ke17ZwdGBToddI8pDm48kMwFrHESeymqx2G59_QuUrFZw-zPPgdn4jUwVcJE1ZvWEtT5uBSRWt4vQZAgTJucoTqqXjS3CfNDSuuf31e0tVG7P4Dwq9JtLex_pFybt7mmtQ6TCnon4I24joR2E3QAfUWOW8hgl4jPfejttcjVcig/After+Employee+Advocacy.jpg?format=500w
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6829092be00cab6e7f873723bdde564009ef4783322a0060ac9bc489e52fd44c

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 426467
x-cache: HIT, MISS
content-length: 12629
x-served-by: cache-bwi5127-BWI, cache-fra19157-FRA
x-timer: S1611215542.900192,VS0,VE94
tracepoint: Fastly
etag: CLjvuaK2iesCEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 PlantDoodle.png
images.squarespace-cdn.com/content/v1/5e39e477babebc1530d6dfd7/1581396578847-19YKXGAAKPY9MK0YRQJS/ke17ZwdGBToddI8pDm48kL3VKmwKI3leYB51VJjLFB8UqsxRUqqbr1mOJYKfIPR7LoDQ9mXPOjoJoqy81S2I8N_N4V1vUb5AoII... 69 KB
70 KB 213ms
210ms Image
image/png 151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5e39e477babebc1530d6dfd7/1581396578847-19YKXGAAKPY9MK0YRQJS/ke17ZwdGBToddI8pDm48kL3VKmwKI3leYB51VJjLFB8UqsxRUqqbr1mOJYKfIPR7LoDQ9mXPOjoJoqy81S2I8N_N4V1vUb5AoIIIbLZhVYxCRW4BPu10St3TBAUQYVKcQ643Xlia2-fGNGmT0Ni4GzSBWYegu4Na6KP29i9RHf4IJOBaNFWew0RIOS0ELFXu/PlantDoodle.png?format=500w
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 06e88447f3e3a8cd987ad1102bfdfe21e37d8082dd9fc00303be4ddfb23e0826

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:22 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
content-length: 71007
x-served-by: cache-bwi5133-BWI, cache-fra19157-FRA
x-timer: S1611215542.900173,VS0,VE180
tracepoint: Fastly
etag: CJrFvfa1iesCEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H2 200 Logos+Greyscale.png
images.squarespace-cdn.com/content/v1/5e39e477babebc1530d6dfd7/1583177574925-JH73URGOWZ9FXQM43JOC/ke17ZwdGBToddI8pDm48kEIOpQHOleolE76cCPhaFEgUqsxRUqqbr1mOJYKfIPR7LoDQ9mXPOjoJoqy81S2I8N_N4V1vUb5AoII... 58 KB
58 KB 34ms
31ms Image
image/png 151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5e39e477babebc1530d6dfd7/1583177574925-JH73URGOWZ9FXQM43JOC/ke17ZwdGBToddI8pDm48kEIOpQHOleolE76cCPhaFEgUqsxRUqqbr1mOJYKfIPR7LoDQ9mXPOjoJoqy81S2I8N_N4V1vUb5AoIIIbLZhVYy7Mythp_T-mtop-vrsUOmeInPi9iDjx9w8K4ZfjXt2dhnBfoAiZpeWqb1YpZypP7u8brv5rmL6mDtXgOBLGTL2CjLISwBs8eEdxAxTptZAUg/Logos+Greyscale.png?format=1000w
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 46db99394a62038c3641fe4ed47b361e4ef435c9e127514ef3ad72dc30f56cc7

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 585007
x-cache: HIT, HIT
content-length: 59420
x-served-by: cache-bwi5134-BWI, cache-fra19157-FRA
x-timer: S1611215542.900159,VS0,VE1
tracepoint: Fastly
etag: CKmQ7uO2iesCEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

POST
H2 200 RecordHit Show response
www.firmplay.com/api/census/ 17 B
272 B 129ms
129ms XHR
application/json 198.185.159.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firmplay.com/api/census/RecordHit

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-0fbd3adf0f5b02a423bb0-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.145 New York, United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.firmplay.com/
X-CSRF-Token: BcxJmzj16cHXZDBjZjc1N2VkNWE4ZWQwNjUxMGJjODljNDk5ZGFl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
x-content-type-options: nosniff
server: Squarespace
strict-transport-security: max-age=43200
content-type: application/json;charset=utf-8
x-contextid: hNtE9BOq/VjTOzuDl
content-length: 17
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 form-render Show response
www.firmplay.com/api/census/ 17 B
298 B 109ms
109ms XHR
application/json 198.185.159.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firmplay.com/api/census/form-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-0fbd3adf0f5b02a423bb0-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.145 New York, United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.firmplay.com/
X-CSRF-Token: BcxJmzj16cHXZDBjZjc1N2VkNWE4ZWQwNjUxMGJjODljNDk5ZGFl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
x-content-type-options: nosniff
server: Squarespace
strict-transport-security: max-age=43200
content-type: application/json;charset=utf-8
x-contextid: hNtE9BOq/ulcosKDv
content-length: 17
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 button-render Show response
www.firmplay.com/api/census/ 17 B
142 B 118ms
117ms XHR
application/json 198.185.159.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firmplay.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-0fbd3adf0f5b02a423bb0-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.145 New York, United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.firmplay.com/
X-CSRF-Token: BcxJmzj16cHXZDBjZjc1N2VkNWE4ZWQwNjUxMGJjODljNDk5ZGFl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
x-content-type-options: nosniff
server: Squarespace
strict-transport-security: max-age=43200
content-type: application/json;charset=utf-8
x-contextid: hNtE9BOq/dP1oCFad
content-length: 17
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 button-render Show response
www.firmplay.com/api/census/ 17 B
272 B 109ms
109ms XHR
application/json 198.185.159.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firmplay.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-0fbd3adf0f5b02a423bb0-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.145 New York, United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.firmplay.com/
X-CSRF-Token: BcxJmzj16cHXZDBjZjc1N2VkNWE4ZWQwNjUxMGJjODljNDk5ZGFl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
x-content-type-options: nosniff
server: Squarespace
strict-transport-security: max-age=43200
content-type: application/json;charset=utf-8
x-contextid: hNtE9BOq/UKzhIK8A
content-length: 17
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 settings Show response
www.firmplay.com/api/1/performance/ 2 KB
499 B 99ms
99ms XHR
application/json 198.185.159.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firmplay.com/api/1/performance/settings
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-e8f0bc9aa26cee507ecf9-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.185.159.145 New York, United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 3e15fbb0fe9da208e9da07d3fc05d48c3e75b6daac53d83e4c8f9b1117679fdc

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
content-encoding: gzip
server: Squarespace
x-contextid: hNtE9BOq/MEiT6UlD
content-length: 397
vary: Accept-Encoding, User-Agent
content-type: application/json

GET
H2 200 l
use.typekit.net/af/e02f09/00000000000000007735d686/30/ 16 KB
16 KB 24ms
12ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e02f09/00000000000000007735d686/30/l?subset_id=2&fvd=n3&v=3
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a9a9cfef728eaea6eebffdc44e29f7d1b871516e5181d8e8d32520ef24b6ce74

Request headers

Origin: https://www.firmplay.com
Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
server: nginx
etag: "11d9cbc20bfa699b0033cf9db69605297258190b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 16440

GET
H2 200 l
use.typekit.net/af/eded03/00000000000000007735d67b/30/ 16 KB
16 KB 47ms
35ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/eded03/00000000000000007735d67b/30/l?subset_id=2&fvd=n4&v=3
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4589a458579539ae458fe2368ad680e07677d7f7e44c4d1e30ac4e4004e9882e

Request headers

Origin: https://www.firmplay.com
Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
server: nginx
etag: "b4b7a803a02540fc33c41ab0627fb1084c204555"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 16680

GET
H2 200 l
use.typekit.net/af/634586/00000000000000007735d64d/30/ 17 KB
17 KB 25ms
14ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/634586/00000000000000007735d64d/30/l?subset_id=2&fvd=n5&v=3
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 63aca1cf6a667edd521ee49dbde53de47abe3cf00d34c1f823c3b519f7dc1cf7

Request headers

Origin: https://www.firmplay.com
Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
server: nginx
etag: "2cf2ed80c06a91763eb86e45bf2a6ded6748e0aa"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 17484

GET
H2 200 l
use.typekit.net/af/25dd14/00000000000000007735d65e/30/ 19 KB
19 KB 27ms
16ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/25dd14/00000000000000007735d65e/30/l?subset_id=2&fvd=n7&v=3
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e7f19c16f5e05083281972d4073abf5243017b383171eb9236947508423a9688

Request headers

Origin: https://www.firmplay.com
Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
server: nginx
etag: "8b1fb8ae6c74dac8facee9c1399177cdd4ca6424"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19660

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-597PH39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1240
date: Thu, 21 Jan 2021 07:31:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 21 Jan 2021 09:31:41 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 129ms
71ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-597PH39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

6f028cf1a64a634dcc135c46244706b685cfb2b8ace97a76b7640014818f3846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12166
x-xss-protection: 0
server: cafe
etag: 11146625265121783887
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Jan 2021 07:52:22 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 24ms
11ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-597PH39
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 07:52:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=79507
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 lftracker_v1_bElvO73eVm6aZMqj.js Show response
sc.lfeeder.com/ 10 KB
5 KB 37ms
15ms Script
application/javascript 2600:9000:2057:f400:1f:f723:6fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.lfeeder.com/lftracker_v1_bElvO73eVm6aZMqj.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-597PH39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:f400:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 938efbb4a03660b661a172796d59d64a1082b199e718c407ab8cc070d73d08bf

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 11:17:19 GMT
server: AmazonS3
age: 3449
etag: W/"09fcccb817c4571ea6ff8608aceda5ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Thu, 21 Jan 2021 06:54:53 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: yTt9oe_2lBvctA-74asHyWORwnNG1OGBazqdOzdpAXA0_MNoqtApFA==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/_KUxfxvAoJ4k7SaKyLbja4Mi/ 331 KB
130 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_KUxfxvAoJ4k7SaKyLbja4Mi/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__grecaptchaOnLoadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ab2ee6c6698b57f2f3c79839a574a6808197ac57b7fbc6295b1be3ab8a4d279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.firmplay.com
Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 06:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6434
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132786
x-xss-protection: 0
last-modified: Sun, 17 Jan 2021 15:08:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jan 2022 06:05:07 GMT

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.2/webfonts/ 78 KB
79 KB 13ms
11ms Font
font/woff2 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/webfonts/free-fa-solid-900.woff2
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b94af5a5be53424e948d36a705a1169d952ba6b23761aea3098967a643765454

Request headers

Origin: https://www.firmplay.com
Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 248943
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
content-length: 80272
cf-request-id: 07c5872ecf000005f10a98c000000001
last-modified: Wed, 13 Jan 2021 18:39:13 GMT
server: cloudflare
etag: "a156119daf157b8244f7c816f85638cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5EmRNoTKvOUkHEdKN0AAFJivaFFt65LyEW%2FEN373JRD0LcNDqmeIxLzYs%2Bf62%2BCNDXwBQGvK9gH9RgG3H34JgLT6%2BNWyiV%2FopSiFayAoK4WF%2FE%2FBSiyE5mpH%2F9dVE3BEVw%3D%3D"}],"max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 614f74914c7205f1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: wZmKvhKBkzkIZ6Ni5qlpi0YSRNbbaea9qLKOWFcDA4DOG7J7wUQCCw==

GET
H2 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.2/webfonts/ 13 KB
14 KB 26ms
25ms Font
font/woff2 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/webfonts/free-fa-regular-400.woff2
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf114b3206d8f8772f9be31295020a7b2e5fc8ee8e4a924d338c420a63e2b48a

Request headers

Origin: https://www.firmplay.com
Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 151349
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
content-length: 13596
cf-request-id: 07c5872ed1000005f17c1b2000000001
last-modified: Wed, 13 Jan 2021 18:39:07 GMT
server: cloudflare
etag: "e9010f368abcaf8b49cae5e87216a2bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qv5aZj6o2DgZtXUULLUo%2BkyIXhPDSYUQXM01iIxOUurfujUWy24a7yKwYVE4H%2BOjQC1w7IAjke08NiRKSIFrRV09FvllpuFX4q5%2BwMinxT%2BWF91Vbfy6m2lWWhFedD8Xug%3D%3D"}],"max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 614f74914c7605f1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: koYczshXevsv-ibHtOtKxuJDKxO4lT4JrWESGHlro_6ZizXENN3Aig==

GET
H2 200 p.gif
p.typekit.net/ 35 B
182 B 19ms
6ms Image
image/gif 2a02:26f0:6c00:285::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=2&k=646866_5e39e477babebc1530d6dfd7&ht=tk&h=www.firmplay.com&f=10886.10884.10879.10881&a=646866&js=1.20.0&app=typekit&e=js&_=1611215541980
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:285::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:21 GMT
last-modified: Wed, 24 Jun 2020 18:11:26 GMT
server: nginx
etag: "5ef3974e-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 35

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 44ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1890321981&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firmplay.com%2F&ul=en-us&de=UTF-8&dt=FirmPlay%20%7C%20Employee%20Advocacy%20Made%20Easy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1369857761&gjid=270324834&cid=1038852947.1611215542&tid=UA-46642836-1&_gid=1403972984.1611215542&_r=1&gtm=2wg1d0597PH39&z=190891725

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 07:52:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.firmplay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=53790&time=1611215542024&url=https%3A%2F%2Fwww.firmplay.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D53790%26time%3D1611215542024%26url%3Dhttps%253A%252F%252Fwww.firmplay.com%252F%26...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=53790&time=1611215542024&url=https%3A%2F%2Fwww.firmplay.com%2F&liSync=true

0
57 B

152ms
152ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=53790&time=1611215542024&url=https%3A%2F%2Fwww.firmplay.com%2F&liSync=true
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:22 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: UBwozv8vXBYw1JtH/ioAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: MHQpyv8vXBZgbmYW6CoAAA==
pragma: no-cache
x-li-pop: afd-prod-edc2
x-msedge-ref: Ref A: FC4F62BB5A47466C8A9ABD460B918A20 Ref B: FRAEDGE1209 Ref C: 2021-01-21T07:52:22Z
x-frame-options: sameorigin
date: Thu, 21 Jan 2021 07:52:22 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=53790&time=1611215542024&url=https%3A%2F%2Fwww.firmplay.com%2F&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
tr.lfeeder.com/ 43 B
293 B 173ms
127ms Image
image/gif 65.9.73.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.lfeeder.com/?sid=bElvO73eVm6aZMqj&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTQ2NjQyODM2LTEiXSwiZ2FDbGllbnRJZHMiOlsiMTAzODg1Mjk0Ny4xNjExMjE1NTQyIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuMC4wIn0sInBhZ2VVcmwiOiJodHRwczovL3d3dy5maXJtcGxheS5jb20vIiwicGFnZVRpdGxlIjoiRmlybVBsYXkgfCBFbXBsb3llZSBBZHZvY2FjeSBNYWRlIEVhc3kiLCJyZWZlcnJlciI6IiJ9LCJldmVudCI6InRyYWNraW5nLWV2ZW50IiwiY2xpZW50VGltZXN0YW1wIjoiMjAyMS0wMS0yMVQwNzo1MjoyMi4wMjhaIiwiY2xpZW50VGltZXpvbmUiOi02MCwic2NyaXB0SWQiOiJiRWx2TzczZVZtNmFaTXFqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImFub255bWl6ZUlwIjpmYWxzZSwibGZDbGllbnRJZCI6IkxGMS4xLjIyMTdkNjU2MDBlZjg4NzguMTYxMTIxNTU0MjAyNyIsImZvcmVpZ25Db29raWVzIjpbXSwicHJvcGVydGllcyI6e319
Requested by: Host: www.firmplay.com
URL: https://www.firmplay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 07:52:22 GMT
via: 1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: hfuYU3MQ8ORIbRrKbXMk23ToqEWjcSI5JjDznmulhYV0r-wWArK5kA==

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame F1CD 0
0 25ms
25ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeiLKUZAAAAAInNHvd5vMMDcTpNYyFgOtNAWbQJ&co=aHR0cHM6Ly93d3cuZmlybXBsYXkuY29tOjQ0Mw..&hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&theme=light&size=normal&cb=wkjoqs7w9y4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_KUxfxvAoJ4k7SaKyLbja4Mi/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PyGnJa7PKJZJ+npyUjSotA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeiLKUZAAAAAInNHvd5vMMDcTpNYyFgOtNAWbQJ&co=aHR0cHM6Ly93d3cuZmlybXBsYXkuY29tOjQ0Mw..&hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&theme=light&size=normal&cb=wkjoqs7w9y4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.firmplay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.firmplay.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 21 Jan 2021 07:52:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-PyGnJa7PKJZJ+npyUjSotA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11160
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-46642836-1&cid=1038852947.1611215542&jid=1369857761&gjid=270324834&_gid=1403972984.1611215542&_u=YEBAAAAAAAAAAC~&z=680624594

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-e8f0bc9aa26cee507ecf9-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Jan 2021 07:52:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.firmplay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/959466592/ 2 KB
1 KB 61ms
57ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/959466592/?random=1611215542096&cv=9&fst=1611215542096&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.firmplay.com%2F&tiba=FirmPlay%20%7C%20Employee%20Advocacy%20Made%20Easy&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2320f014b9babfe92876ad14adf85eaa3b56b25c806f38b2cdd8ef6aca7bfa68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 07:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1014
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
238 B 58ms
57ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-46642836-1&cid=1038852947.1611215542&jid=1369857761&_u=YEBAAAAAAAAAAC~&z=392589664

Requested by

Host: www.firmplay.com
URL: https://www.firmplay.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 07:52:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 56ms
55ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-46642836-1&cid=1038852947.1611215542&jid=1369857761&_u=YEBAAAAAAAAAAC~&z=392589664

Requested by

Host: www.firmplay.com
URL: https://www.firmplay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 07:52:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/959466592/ 42 B
96 B 24ms
23ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/959466592/?random=1611215542096&cv=9&fst=1611212400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1d0&sendb=1&frm=0&url=https%3A%2F%2Fwww.firmplay.com%2F&tiba=FirmPlay%20%7C%20Employee%20Advocacy%20Made%20Easy&async=1&fmt=3&is_vtc=1&random=1409085376&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.firmplay.com
URL: https://www.firmplay.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 07:52:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/959466592/ 42 B
530 B 48ms
35ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/959466592/?random=1611215542096&cv=9&fst=1611212400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1d0&sendb=1&frm=0&url=https%3A%2F%2Fwww.firmplay.com%2F&tiba=FirmPlay%20%7C%20Employee%20Advocacy%20Made%20Easy&async=1&fmt=3&is_vtc=1&random=1409085376&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.firmplay.com
URL: https://www.firmplay.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 07:52:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame 1B4B 0
0 48ms
48ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&k=6LeiLKUZAAAAAInNHvd5vMMDcTpNYyFgOtNAWbQJ&cb=8j5yurfy4zdb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_KUxfxvAoJ4k7SaKyLbja4Mi/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dBQ+WtKKXrboKUGKUbgPkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&k=6LeiLKUZAAAAAInNHvd5vMMDcTpNYyFgOtNAWbQJ&cb=8j5yurfy4zdb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.firmplay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.firmplay.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 21 Jan 2021 07:52:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-dBQ+WtKKXrboKUGKUbgPkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1125
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/myqg7b9w
https://js.intercomcdn.com/shim.latest.js

13 KB
5 KB

63ms
21ms

Script
application/javascript

65.9.73.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1fbbd79437c21104b4259d173fe0e1aff89f2f60f963c0ef8785a9c3ae16d7bc

Request headers

Referer: https://www.firmplay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 21 Jan 2021 07:49:09 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 14:24:03 GMT
server: AmazonS3
age: 194
etag: "9693f22842f7c897e2f63b77b83ebf22"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 4812
x-amz-cf-id: 1QmlloZt8QhIAG40nVzm_sf7maFbD-wD_xKb4TN3JWubuhhbDvYDeA==

Redirect headers

date: Mon, 23 Nov 2020 03:36:07 GMT
via: 1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
server: AmazonS3
age: 5112976
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: AMS1-C1
content-length: 0
x-amz-cf-id: cwFgoPfoNoqxnkoclrhNm5yQTt3b_I-wM9CNElr4GDBgefze0HxXpA==

GET
H2 200 frame-modern.6b19704d.js Show response
js.intercomcdn.com/ Frame A3B5 244 KB
66 KB 26ms
25ms Script
application/javascript 65.9.73.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.6b19704d.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/myqg7b9w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35c80957b2bf8835e3a6846e6366563fc9a73c3b7f1a7dadc19016630d521fda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 21 Jan 2021 06:24:07 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 14:17:49 GMT
server: AmazonS3
age: 5295
etag: "f2e44beabda4e5b824012bddea7fdcda"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 67408
x-amz-cf-id: v1tqnQ-9H_lpCwpuWJd1zOZZyE4kIYnXxVERKlGpoWyXeoj2VDY1hg==

GET
H2 200 vendor-modern.09ac2fbd.js Show response
js.intercomcdn.com/ Frame A3B5 123 KB
38 KB 26ms
26ms Script
application/javascript 65.9.73.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.09ac2fbd.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/myqg7b9w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbb04e2c9dbc68a01814401fe4349e5d1c39528bcfa871d8526d5c2c75d3a07a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 21 Jan 2021 06:16:49 GMT
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 10:11:08 GMT
server: AmazonS3
age: 5734
etag: "14e08984884865ac18f9c12b08c853c3"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 38309
x-amz-cf-id: OCgI0Vo_CG5tiQVb3EjNhIz7jgQgIAKAYdkCKLvT2-_qCzNfo1Oysw==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame A3B5 5 KB
2 KB 726ms
526ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.6b19704d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

d5e9c7f6878836ff33dda08ef6472d03c110989980a1b0f15b52fc31416e4b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Jan 2021 07:52:23 GMT
content-encoding: gzip
x-ami-version: ami-01bbcee2357c5b1cf
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0004al4hu28dsmo9kagg
x-runtime: 0.406072
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"d5e9c7f6878836ff33dda08ef6472d03"
x-ratelimit-remaining: 19999
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.firmplay.com
x-intercom-version: 971a5eaeddab85269b0e02410da6db0ea6157165
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1611215580
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

POST
H2 200 match Show response
api-iam.intercom.io/messenger/web/rulesets/10445543/ Frame A3B5 3 KB
2 KB 740ms
739ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/rulesets/10445543/match

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.6b19704d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

c5581f1c9604164769635786e22f6c4ce87a4ab95cb44aff2e29c98dd296f54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Jan 2021 07:52:34 GMT
content-encoding: gzip
x-ami-version: ami-01bbcee2357c5b1cf
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0004p1h4f8ilm6utaufg
x-runtime: 0.619903
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"c5581f1c9604164769635786e22f6c4c"
x-ratelimit-remaining: 19998
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.firmplay.com
x-intercom-version: 971a5eaeddab85269b0e02410da6db0ea6157165
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1611215580
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

POST
H2 200 12648400005945 Show response
api-iam.intercom.io/messenger/web/conversations/ Frame A3B5 3 KB
2 KB 238ms
238ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/conversations/12648400005945

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.6b19704d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

71c99850ae24c36533cf007d7cebfef3cab17a49e8298ed80a631af9b6aae26a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Jan 2021 07:52:34 GMT
content-encoding: gzip
x-ami-version: ami-01bbcee2357c5b1cf
status: 200 OK
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0004vejur55lgonfdsjg
x-runtime: 0.126697
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"71c99850ae24c36533cf007d7cebfef3"
strict-transport-security: max-age=31556952; includeSubDomains; preload
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.firmplay.com
x-intercom-version: 971a5eaeddab85269b0e02410da6db0ea6157165
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

GET
H2 200 vendors~app-modern.ab999db8.js Show response
js.intercomcdn.com/ Frame A3B5 322 KB
97 KB 22ms
21ms Script
application/javascript 65.9.73.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~app-modern.ab999db8.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.6b19704d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b77ba7baafea04a0c24926ca85eb8c18720bc4db1e0006e3be72131dd999007

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 21 Jan 2021 06:17:09 GMT
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 10:11:08 GMT
server: AmazonS3
age: 5725
etag: "567dee4f6536172d0044bc6d6398ccea"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 98501
x-amz-cf-id: 7Usw_Fa1iSdA5X6Uzbrug8AU0fXOhT1KtBa31NcfspMwRI8nOCtGLQ==

GET
H2 200 app-modern.13973a23.js Show response
js.intercomcdn.com/ Frame A3B5 663 KB
156 KB 22ms
22ms Script
application/javascript 65.9.73.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/app-modern.13973a23.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.6b19704d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b64c52cc5c69c186ee9c3e0e6a91dc2f1ed0e100d978ab2ed14b18abd7f12c00

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 21 Jan 2021 06:24:10 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 14:17:49 GMT
server: AmazonS3
age: 5305
etag: "dd7add4900b14d05dde97560e90c4253"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 159382
x-amz-cf-id: 0m0Iw0MNggelC8LOZXyDxykelpYeFcbqCQV9vojCpQy5mOh4W9E6_g==

GET
H2 206 notification.20576730.mp3
js.intercomcdn.com/audio/ Frame A3B5 22 KB
23 KB 123ms
123ms Media
audio/mpeg 65.9.73.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/audio/notification.20576730.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e6563a609efbf837985e4c598f5f41ef3f32634e60f2abe5e124594f2ea05d0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 21 Jan 2021 06:34:34 GMT
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
etag: "205767301bc13a45332af776d517aada"
last-modified: Fri, 18 Dec 2020 14:22:28 GMT
server: AmazonS3
age: 4690
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-22812/22813
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
Content-Length: 22813
x-amz-cf-id: 97rJL9oZIZES-qe2276hprikazTDImnAAXlj1XjAWFUIBc9_a0Pd3Q==

GET
H2 200 vendors~message-modern.01eeb29e.js Show response
js.intercomcdn.com/ Frame A3B5 30 KB
9 KB 21ms
21ms Script
application/javascript 65.9.73.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~message-modern.01eeb29e.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.6b19704d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2c7aef7d1403505ba5ede7dc7f9b30d58e0d9471e6af376afea5b5a8f80e275

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 21 Jan 2021 06:18:03 GMT
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 10:11:08 GMT
server: AmazonS3
age: 5713
etag: "6f40b960e86ce600387b0c4d621f9d7b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 9019
x-amz-cf-id: xoNoVqouSGFZi7YiQ406XSg--Z2u48eM_XWiEWbDfBc9MnReL8JB3w==

GET
H2 200 message-modern.c84b8454.js Show response
js.intercomcdn.com/ Frame A3B5 92 KB
24 KB 21ms
21ms Script
application/javascript 65.9.73.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/message-modern.c84b8454.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.6b19704d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b5a59d20e0a914028c01e2c53fa8cf8f581bab49115dac88b598d08251c9fbf

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 21 Jan 2021 07:52:15 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 13:42:50 GMT
server: AmazonS3
age: 20
etag: "6dbfa80eefb340344d535648e2846b34"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 24134
x-amz-cf-id: F2taBOC0Zb_naL8309Cb1l5wX6KLJ_ByDSB1pfgnMQ5YxJFJ2m3YQA==

GET proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame 7B6E 0
0

GET dismiss.249568e7.png
js.intercomcdn.com/images/ Frame AE96 0
0

GET proximanova-semibold.46e3f047.woff
js.intercomcdn.com/fonts/ Frame AE96 0
0

GET proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame AE96 0
0

GET Vasilios_Alexiou_cropped-1462408299-1462460704.jpg
static.intercomassets.com/avatars/64715/square_128/ Frame AE96 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.intercomcdn.com
URL: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff

Domain: js.intercomcdn.com
URL: https://js.intercomcdn.com/images/dismiss.249568e7.png

Domain: js.intercomcdn.com
URL: https://js.intercomcdn.com/fonts/proximanova-semibold.46e3f047.woff

Domain: js.intercomcdn.com
URL: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff

Domain: static.intercomassets.com
URL: https://static.intercomassets.com/avatars/64715/square_128/Vasilios_Alexiou_cropped-1462408299-1462460704.jpg?1462460704

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.firmplay.com/	1970-01-20 09:04:47	Name: _lfa Value: eyJiRWx2TzczZVZtNmFaTXFqIjoiTEYxLjEuMjIxN2Q2NTYwMGVmODg3OC4xNjExMjE1NTQyMDI3In0%3D
www.firmplay.com/	1970-01-19 15:33:37	Name: ss_cvisit Value: 1611215541955
.firmplay.com/	1970-01-19 15:35:01	Name: _gid Value: GA1.2.1403972984.1611215542
www.firmplay.com/	1970-01-19 15:33:37	Name: ss_cvt Value: 1611215541859
www.firmplay.com/	1970-01-20 09:04:47	Name: ss_cid Value: 90bc5aae-e6cd-4d14-b21b-ef54decee6b8
.firmplay.com/	1970-01-20 09:04:47	Name: _ga Value: GA1.2.1038852947.1611215542
.firmplay.com/	1970-01-19 15:33:35	Name: _gat_UA-46642836-1 Value: 1
.firmplay.com/	1970-01-19 17:43:11	Name: _gcl_au Value: 1.1.529257219.1611215542
www.firmplay.com/	1970-01-20 09:04:47	Name: ss_cvr Value: 7689f29a-3a9d-4ee6-868a-b1ef5cd2b081\|1611215541859\|1611215541859\|1611215541859\|1
www.firmplay.com/	1970-01-20 09:04:47	Name: ss_cpvisit Value: 1611215541955
www.firmplay.com/	1969-12-31 23:59:59	Name: crumb Value: BcxJmzj16cHXZDBjZjc1N2VkNWE4ZWQwNjUxMGJjODljNDk5ZGFl

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-0fbd3adf0f5b02a423bb0-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-cldr_resource_pack
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-0fbd3adf0f5b02a423bb0-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-common_vendors
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-0fbd3adf0f5b02a423bb0-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-performance

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api-iam.intercom.io
assets.squarespace.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.squarespace-cdn.com
js.intercomcdn.com
ka-f.fontawesome.com
kit.fontawesome.com
p.typekit.net
px.ads.linkedin.com
sc.lfeeder.com
snap.licdn.com
static.intercomassets.com
static1.squarespace.com
stats.g.doubleclick.net
tr.lfeeder.com
use.typekit.net
widget.intercom.io
www.equinix.com
www.firmplay.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
js.intercomcdn.com
static.intercomassets.com
104.108.67.60
151.101.112.237
151.101.112.238
151.101.12.238
172.217.23.162
198.185.159.145
2600:9000:2057:f400:1f:f723:6fc0:93a1
2606:4700::6812:1634
2606:4700:e6::ac40:cb1c
2620:1ec:21::14
2a00:1450:4001:800::200e
2a00:1450:4001:802::2003
2a00:1450:4001:802::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:816::2008
2a00:1450:4001:817::200a
2a00:1450:400c:c08::9c
2a02:26f0:6c00:285::19fd
2a02:26f0:6c00:28c::25ea
2a02:26f0:6c00::210:ba0a
2a05:f500:10:101::b93f:9105
65.9.73.59
65.9.73.61
65.9.73.88
99.83.219.81
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
06e88447f3e3a8cd987ad1102bfdfe21e37d8082dd9fc00303be4ddfb23e0826
0e6563a609efbf837985e4c598f5f41ef3f32634e60f2abe5e124594f2ea05d0
10211b3377883b224a1fe1497015115794e217c92c34ffa195f1ecea126f55de
14632b2fd9a85b0bca6b5aafd0d7b757b32a32ee66a0a73c9be71bd0e790daea
1b77ba7baafea04a0c24926ca85eb8c18720bc4db1e0006e3be72131dd999007
1fbbd79437c21104b4259d173fe0e1aff89f2f60f963c0ef8785a9c3ae16d7bc
2320f014b9babfe92876ad14adf85eaa3b56b25c806f38b2cdd8ef6aca7bfa68
260cdf5210d2547f69bf401fd49f1178c8f5363203501511e700bddc2cd83706
2ab2ee6c6698b57f2f3c79839a574a6808197ac57b7fbc6295b1be3ab8a4d279
2c5eaf7fb6c13cc73c64e0ee3bf4641bdb940d93f74e45f91762d74fe3f2bcf1
316aa052d7c6501f533d5c74d1e905369b9a305c615a0d2d5fd5cc36798639d6
35c80957b2bf8835e3a6846e6366563fc9a73c3b7f1a7dadc19016630d521fda
3e15fbb0fe9da208e9da07d3fc05d48c3e75b6daac53d83e4c8f9b1117679fdc
4589a458579539ae458fe2368ad680e07677d7f7e44c4d1e30ac4e4004e9882e
46db99394a62038c3641fe4ed47b361e4ef435c9e127514ef3ad72dc30f56cc7
47aef73ad4a579b003119658b8c14067e139d7193a54f5cba8e9d0cc28255028
508f7c626b1756e0d6fa8024d1db52d010ba731badb9950292367eb09b5c2aa1
551bc2d8aee73c1c890159718e62ab9ac9c7cc2d5936f71c2242242e1217df99
579e85c12cf83a01140c64fccc3592f076609a8a6e6946e9f3830f348abca994
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5fb66abf5f49a9651c243eef01aee46f153a2a1ef4fbc690b6e1eafcfd0d9b31
63aca1cf6a667edd521ee49dbde53de47abe3cf00d34c1f823c3b519f7dc1cf7
6829092be00cab6e7f873723bdde564009ef4783322a0060ac9bc489e52fd44c
69b88cc5a790f4fc69324577438a86250f356e55c484d4af89c1b931df0337d2
6f028cf1a64a634dcc135c46244706b685cfb2b8ace97a76b7640014818f3846
71c99850ae24c36533cf007d7cebfef3cab17a49e8298ed80a631af9b6aae26a
7b556c464e797fec797812fc736533756d82240e411a8ee23d53c07f89306d3d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87a2729abe4d824617c1cf16d8cd2aa780095253d7b237655e654f926872d58e
8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94
938efbb4a03660b661a172796d59d64a1082b199e718c407ab8cc070d73d08bf
9b5a59d20e0a914028c01e2c53fa8cf8f581bab49115dac88b598d08251c9fbf
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a429abfa6f63a7f7c37bdae7dd8f39365c21d583fd89bacf0d1ec8c3e30b1a26
a4b0c7475464f088e98a85ff4eaf831e33157a09fe8329ab4f457f34f8c9d511
a9a9cfef728eaea6eebffdc44e29f7d1b871516e5181d8e8d32520ef24b6ce74
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b64c52cc5c69c186ee9c3e0e6a91dc2f1ed0e100d978ab2ed14b18abd7f12c00
b94af5a5be53424e948d36a705a1169d952ba6b23761aea3098967a643765454
bd4d812348ada1073e2321b68e42edfdfa161ce9dabdbf85ebe97b7cf06f9a28
bf114b3206d8f8772f9be31295020a7b2e5fc8ee8e4a924d338c420a63e2b48a
c2c7aef7d1403505ba5ede7dc7f9b30d58e0d9471e6af376afea5b5a8f80e275
c5581f1c9604164769635786e22f6c4ce87a4ab95cb44aff2e29c98dd296f54b
c904bcb22cbaef306f7c3b6ab8abaf1fe654e37638430d376cca4bcab8f789b8
d5e9c7f6878836ff33dda08ef6472d03c110989980a1b0f15b52fc31416e4b61
d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101
da2ff0a0613f8705f74a832fb71b45957efccbc390655d7596d79849a9295336
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded1e2af9a5d3937cc8d26fbb6d0212702f611ca62607c4eb3e7b4dc3b196d9f
e1f14152b81e1202b23c7510e876f2c2b72be29aea2d34e9ddb83c7e1fd9a931
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e7958c7dee2ba94f6e2a814b4899ccd0ee83ef1a34a716277ec7b89ed06a8ed6
e7f19c16f5e05083281972d4073abf5243017b383171eb9236947508423a9688
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
fbb04e2c9dbc68a01814401fe4349e5d1c39528bcfa871d8526d5c2c75d3a07a
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382

www.firmplay.com Open in urlscan Pro 198.185.159.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

74 Requests

93 %HTTPS

64 %IPv6

20 Domains

29 Subdomains

27 IPs

6 Countries

1871 kBTransfer

5766 kBSize

11 Cookies

0 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.firmplay.com Open in urlscan Pro
198.185.159.145 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

93 %
HTTPS

64 %
IPv6

20
Domains

29
Subdomains

27
IPs

6
Countries

1871 kB
Transfer

5766 kB
Size

11
Cookies

74 HTTP transactions
0 data transactions