info.workmoney.org Open in urlscan Pro
2606:4700:10::6816:14a3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

• https://13560696.fls.doubleclick.net/activityi;src=13560696;type=pavev0;cat=workm0;ord=9225557795770;npa=1;auiddc=572899573.1720208446;u1=https%3A%2F%2Finfo.workmoney.org%2F;ps=1;pcor=2125076548;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9153343598z8831084863za201zb831084863;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Finfo.workmoney.org%2F HTTP 302
• https://13560696.fls.doubleclick.net/activityi;dc_pre=CK-LievTkIcDFWjEwgQdVoYPDQ;src=13560696;type=pavev0;cat=workm0;ord=9225557795770;npa=1;auiddc=572899573.1720208446;u1=https%3A%2F%2Finfo.workmoney.org%2F;ps=1;pcor=2125076548;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9153343598z8831084863za201zb831084863;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Finfo.workmoney.org%2F

Request Chain 43

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1720208446285&url=https%3A%2F%2Finfo.workmoney.org%2F&tm=gtmv2 HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1720208446285&url=https%3A%2F%2Finfo.workmoney.org%2F&tm=gtmv2&e_ipv6=AQJio4vyE1hiCwAAAZCEadS41H9NdWFH7nVMDGYAX35o1KuK91Ui1TH9b_rdWDgOP5b6Iy-H

Request Chain 65

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A33AD1E4C9954DE4952A1D6FB2B91D56&RedC=c.clarity.ms&MXFR=23A3AA16DE1A6194243EBEA5DA1A6F64 HTTP 302
• https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A33AD1E4C9954DE4952A1D6FB2B91D56&MUID=08D067DCD83161221819736FD9BA60F6

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response info.workmoney.org/	5 KB 2 KB	181ms 80ms	Document text/html	2606:4700:10::6816:14a3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:14a3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 257d738f1bc601ff7f746f848302a8a3f9f9c53175f3ecffd1efc1e38130bd94 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 26230 cache-control public,max-age=0,must-revalidate cache-status "Netlify Edge"; hit cf-cache-status DYNAMIC cf-ray 89e9d41c3f4b1e14-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 05 Jul 2024 19:40:44 GMT netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare strict-transport-security max-age=31536000 vary Accept-Encoding x-nf-request-id 01J226KKE9SY2AZ0XSBGHAGS9R
GET H2	200	optimize.js Show response www.googleoptimize.com/	178 KB 65 KB	451ms 67ms	Script application/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleoptimize.com/optimize.js?id=OPT-K7D6LJW Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a90665cfa1251da4410201fe459ef84fdb9669182fabcc62a6e8f4f11577741e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65989 x-xss-protection 0 last-modified Fri, 05 Jul 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 05 Jul 2024 19:40:45 GMT
GET H2	200	c30fd87fd9a3444e.css info.workmoney.org/_next/static/css/	4 KB 1 KB	238ms 237ms	Stylesheet text/css	2606:4700:10::6816:14a3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.workmoney.org/_next/static/css/c30fd87fd9a3444e.css Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:14a3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e861f5f9e36bf1c5785ea5914498cb70cc16095f3e6d007a7304cdb9493afe3b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J226KKGHPSRKB5EPSDX043BY date Fri, 05 Jul 2024 19:40:45 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=stale etag W/"322fa8d79f8e3e2f5ac932710bc0e043-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89e9d41cc8311e14-FRA
GET H2	200	553c5f65ce8b0e1a.css info.workmoney.org/_next/static/css/	9 KB 3 KB	330ms 330ms	Stylesheet text/css	2606:4700:10::6816:14a3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.workmoney.org/_next/static/css/553c5f65ce8b0e1a.css Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:14a3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d431fcd16062a4486d7635d687b5db67f00694529e9be191bb771bfc718dd4b8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J226KKMBWZM1BBQF45X6EH1F date Fri, 05 Jul 2024 19:40:45 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"e6c7167270362504a4d595be27d2012e-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89e9d41cc8351e14-FRA
GET H2	200	webpack-9b312e20a4e32339.js Show response info.workmoney.org/_next/static/chunks/	2 KB 959 B	86ms 84ms	Script application/javascript	2606:4700:10::6816:14a3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.workmoney.org/_next/static/chunks/webpack-9b312e20a4e32339.js Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:14a3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c28ee2b2973f6d6e13388d4d57b1e148070d844bd6c5481859a1db612eacc0d7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J226KKHKDE2H9ABS56892Q61 date Fri, 05 Jul 2024 19:40:44 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; hit etag W/"3ca0fad41538eef63fdd20126ff73af4-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89e9d41ce8631e14-FRA
GET H2	200	framework-5f4595e5518b5600.js Show response info.workmoney.org/_next/static/chunks/	127 KB 42 KB	75ms 73ms	Script application/javascript	2606:4700:10::6816:14a3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.workmoney.org/_next/static/chunks/framework-5f4595e5518b5600.js Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:14a3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J226KKH4BSSZ410E96H6R58V date Fri, 05 Jul 2024 19:40:44 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; hit etag W/"af3f2059afa1698882c96400fe2e154e-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89e9d41ce8661e14-FRA
GET H2	200	main-0428a4405aeed0e6.js Show response info.workmoney.org/_next/static/chunks/	107 KB 32 KB	93ms 91ms	Script application/javascript	2606:4700:10::6816:14a3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.workmoney.org/_next/static/chunks/main-0428a4405aeed0e6.js Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:14a3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0dcf080cc6b48588e80909539ad2ef92c30899cca39515ebd0737deebb7c5f97 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J226KKHSW1XFPM5ANA24TVRY date Fri, 05 Jul 2024 19:40:44 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; hit etag W/"05381b0f02b60336d112ca4995d135d5-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89e9d41ce8691e14-FRA
GET H2	200	_app-5cafe407be7ec0d2.js Show response info.workmoney.org/_next/static/chunks/pages/	7 KB 3 KB	380ms 379ms	Script application/javascript	2606:4700:10::6816:14a3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.workmoney.org/_next/static/chunks/pages/_app-5cafe407be7ec0d2.js Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:14a3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a85eb6117ecfad62bfa72b92babe152665ac22e9ccc2b7019c4f62eb11bda4f0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J226KKMPYG1RATQ21Z4MT1Z7 date Fri, 05 Jul 2024 19:40:45 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"350fda6f1cbf57fad2c7514a516d7675-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89e9d41ce86b1e14-FRA
GET H2	200	357-be7e21b3c393de44.js Show response info.workmoney.org/_next/static/chunks/	9 KB 3 KB	374ms 372ms	Script application/javascript	2606:4700:10::6816:14a3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.workmoney.org/_next/static/chunks/357-be7e21b3c393de44.js Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:14a3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4abd1f2156606c66e1a6edf3ad8624a0c6461e313f14d946e7ecd870f8a8deed Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J226KKMNB22MBWQM2XW1H83Q date Fri, 05 Jul 2024 19:40:45 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"dc2f6111fa20c82a6b397f21bcb781f7-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89e9d41ce86d1e14-FRA
GET H2	200	index-5158d737c9656ab5.js Show response info.workmoney.org/_next/static/chunks/pages/	3 KB 1 KB	201ms 200ms	Script application/javascript	2606:4700:10::6816:14a3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.workmoney.org/_next/static/chunks/pages/index-5158d737c9656ab5.js Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:14a3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0068d7f99afc36e4c8a40eb6d7ec5aafa32b8599a8c944ec2ae8954b23fb44d4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J226KKHG6BQ4DTNV57ED2TV0 date Fri, 05 Jul 2024 19:40:45 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"e3dfa98b78897bbe303112262a46d852-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89e9d41ce86f1e14-FRA
GET H2	200	_buildManifest.js Show response info.workmoney.org/_next/static/dmjmmWacHOBsfRIJRWyFN/	691 B 464 B	290ms 289ms	Script application/javascript	2606:4700:10::6816:14a3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.workmoney.org/_next/static/dmjmmWacHOBsfRIJRWyFN/_buildManifest.js Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:14a3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58d2eb36e412322f604ff9958e06726b8006122e5840b596baaa44c4c747e220 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J226KKHF2FTJV8TJ29WNX56J date Fri, 05 Jul 2024 19:40:45 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"9916d62a548f6dcba161035e655f6e2f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89e9d41ce8711e14-FRA
GET H2	200	_ssgManifest.js Show response info.workmoney.org/_next/static/dmjmmWacHOBsfRIJRWyFN/	117 B 187 B	288ms 287ms	Script application/javascript	2606:4700:10::6816:14a3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.workmoney.org/_next/static/dmjmmWacHOBsfRIJRWyFN/_ssgManifest.js Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:14a3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b52975a71f8058089468ee24551dfc73b625d17ff948b02283923b28f1177e50 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J226KKHJNC12SHZNFN05ET3Z date Fri, 05 Jul 2024 19:40:45 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"e221dbee9ce4ca37249c8dbd00aced44-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate cf-ray 89e9d41ce8721e14-FRA
GET H2	200	logo.svg info.workmoney.org/images/	8 KB 4 KB	188ms 188ms	Image image/svg+xml	2606:4700:10::6816:14a3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://info.workmoney.org/images/logo.svg Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:14a3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fabdf294f66cf630f62e0dcc1dd65d270cc6918ce505ec966e1fe860fe03c87b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J226KKMPNPHCPAEBWQAGY68N date Fri, 05 Jul 2024 19:40:45 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; hit etag W/"18bceb802a7eb671f71b490e5cf60d42-ssl-df" vary Accept-Encoding content-type image/svg+xml cache-control public,max-age=0,must-revalidate cf-ray 89e9d41d08ab1e14-FRA
GET H2	200	j.php Show response dev.visualwebsiteoptimizer.com/	7 KB 3 KB	140ms 44ms	Script application/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/j.php?a=738876&u=https%3A%2F%2Finfo.workmoney.org%2F&f=1&vn=1.5 Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gfra1 / Resource Hash 0aad9f4d40a8dfa4f4b22348548e71a7f28ed5310c3dff97ae6b3bd4256acabe Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:45 GMT content-encoding gzip via 1.1 google server gfra1 etag W/"1720173477_EA" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0, no-cache, must-revalidate timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	v.gif dev.visualwebsiteoptimizer.com/	35 B 143 B	413ms 412ms	Image image/gif	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=738876&d=info.workmoney.org&u=D5098EA765CE5850BEE804E5AC1645DEF&h=a4450d0d18abac9f19ac6afe2d727f72&t=false Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gnv1c / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:45 GMT via 1.1 google x-content-type-options nosniff server gnv1c content-type image/gif access-control-allow-origin * cache-control public, max-age=43200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35
GET H2	200	css2 fonts.googleapis.com/	2 KB 851 B	144ms 48ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap Requested by Host: info.workmoney.org URL: https://info.workmoney.org/_next/static/css/c30fd87fd9a3444e.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 51f5b1e8bf23c87b2ab7d5a8de0205944338068a34b06c1c74a79930e26f18a3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Fri, 05 Jul 2024 19:40:45 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 05 Jul 2024 19:16:22 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 05 Jul 2024 19:40:45 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	193ms 68ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://info.workmoney.org Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 18:57:16 GMT x-content-type-options nosniff age 89009 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7816 x-xss-protection 0 last-modified Fri, 22 Mar 2024 00:00:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jul 2025 18:57:16 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	198ms 74ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://info.workmoney.org Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 16:21:03 GMT x-content-type-options nosniff age 98382 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7884 x-xss-protection 0 last-modified Fri, 22 Mar 2024 00:00:38 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jul 2025 16:21:03 GMT
GET H2	200	klaviyo.js Show response static.klaviyo.com/onsite/js/	2 KB 1 KB	181ms 66ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Vcq7JM Requested by Host: info.workmoney.org URL: https://info.workmoney.org/_next/static/chunks/main-0428a4405aeed0e6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 8e151c80335d6d5d4ae6df332cb8f2f0c977f508cb7317a2c8eb93a7971190b8 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; report-uri /csp/ Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; report-uri /csp/ content-encoding br via 1.1 varnish, 1.1 varnish date Fri, 05 Jul 2024 19:40:45 GMT age 13477 x-cache HIT, HIT content-length 814 x-served-by cache-lga21954-LGA, cache-fra-etou8220098-FRA server nginx x-timer S1720208445.476164,VS0,VE1 etag "8be5d4903f967e17b477f325208dadc1" allow OPTIONS, GET access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * content-language en-us cache-control max-age=1, stale-while-revalidate=10800 access-control-allow-credentials true content-type application/javascript vary Accept-Encoding x-resp-is-stale true accept-ranges bytes access-control-allow-headers x-cache-hits 79, 0
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	203ms 48ms	Script application/javascript	2a04:4e42:200::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: info.workmoney.org URL: https://info.workmoney.org/_next/static/chunks/main-0428a4405aeed0e6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:45 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 1613016 x-cache HIT, HIT content-length 30875 x-served-by cache-lga21931-LGA, cache-mxp6967-MXP last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1720208446.501470,VS0,VE0 etag W/"28feccc0-15d9d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 19, 828667
GET H2	200	gtm.js Show response www.googletagmanager.com/	505 KB 135 KB	231ms 126ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3b6136fdb410df09aa3378e66a5c08fbc91c2917a0f7bf5b7ff3cef90e59f484 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 138258 x-xss-protection 0 last-modified Fri, 05 Jul 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 05 Jul 2024 19:40:45 GMT
GET H2	200	fender_analytics.f692ee00c71150d7db91.js Show response static-tracking.klaviyo.com/onsite/js/	31 KB 13 KB	169ms 39ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static-tracking.klaviyo.com/onsite/js/fender_analytics.f692ee00c71150d7db91.js?cb=1 Requested by Host: static.klaviyo.com URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Vcq7JM Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Origin https://info.workmoney.org Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id 5WJy..Lo4mK2jnII0rHa1l5haINArMgZ content-encoding br via 1.1 varnish, 1.1 varnish date Fri, 05 Jul 2024 19:40:45 GMT x-amz-request-id 41Y2RTP149KA3F25 age 307 x-amz-server-side-encryption AES256 x-cache HIT, HIT x-amz-meta-surrogate-control max-age=31536000 x-amz-meta-surrogate-key fender-asset content-length 12748 x-amz-id-2 mKL1xWMRGO3xerTYlPL0yRvVbZ5DZgnzOEYw7UzT/IairFK8mTlaNUFMOeD5za6kjnB4D8Fzjtw= x-served-by cache-lga21947-LGA, cache-fra-etou8220061-FRA last-modified Thu, 11 Apr 2024 15:48:20 GMT server AmazonS3 etag "cb6418619f08d5e582cf68f2d2432438" vary Accept-Encoding x-amz-meta-entrypoints-hash f762585ddd3a013913c4e420e75aa2819d1084f2 content-type application/javascript access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=10800 accept-ranges bytes x-cache-hits 10, 121
GET H2	200	static.500134348b1f0969ffe3.js Show response static-tracking.klaviyo.com/onsite/js/	2 KB 1 KB	181ms 52ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1 Requested by Host: static.klaviyo.com URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Vcq7JM Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Origin https://info.workmoney.org Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id 2L_.X11dgB5ItJdIxOLpsdUl7RuAaHwi via 1.1 varnish, 1.1 varnish content-encoding br date Fri, 05 Jul 2024 19:40:45 GMT x-amz-request-id F82JVRQFRQE0D0ND age 307 x-amz-server-side-encryption AES256 x-cache HIT, HIT x-amz-meta-surrogate-control max-age=31536000 x-amz-meta-surrogate-key fender-asset content-length 1029 x-amz-id-2 XmO+iStmg5njyuMH7vXkQdM03SQBJDOIcVKuFvHQmczFeeUes7JtthO+XbG+RcAUTnJlfLyP1tUWCT8PTcmHv+9kgXg+SY0S x-served-by cache-lga21976-LGA, cache-fra-etou8220061-FRA last-modified Wed, 27 Mar 2024 10:30:34 GMT server AmazonS3 etag "64de10774c3382fe4adddab07ea17f0d" vary Accept-Encoding x-amz-meta-entrypoints-hash 2825b63e6933b08d1be25eea4d99ad73625b8faa content-type application/javascript access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=10800 accept-ranges bytes x-cache-hits 3169, 124
GET H2	200	runtime.f13f5620f7c42944ecc8.js Show response static.klaviyo.com/onsite/js/	20 KB 8 KB	134ms 44ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.klaviyo.com/onsite/js/runtime.f13f5620f7c42944ecc8.js?cb=1 Requested by Host: static.klaviyo.com URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Vcq7JM Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 8c0d76857850ab08a60d062b8c851eeaeed82c769ded972c294ee57405dd01f1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Origin https://info.workmoney.org Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id sbeHbmAbm.lKIeh1yG25Y4oVLAZ7igom content-encoding br via 1.1 varnish, 1.1 varnish date Fri, 05 Jul 2024 19:40:45 GMT x-amz-request-id F6KA43TA4HR4RZSE age 307 x-amz-server-side-encryption AES256 x-cache HIT, HIT x-amz-meta-surrogate-control max-age=31536000 x-amz-meta-surrogate-key fender-asset content-length 7698 x-amz-id-2 6tfNMWv9UDa5A1kEOM+pnloiAQ/7AeNHVMv/rXqjUUmI/ZJC9kRbkyCRwatNRo9ydLnPuA3Bb5c= x-served-by cache-lga21977-LGA, cache-fra-etou8220097-FRA last-modified Fri, 05 Jul 2024 14:03:58 GMT server AmazonS3 etag "b8b606f3532eee7bf73fb4dc75ceeead" vary Accept-Encoding x-amz-meta-entrypoints-hash 0ce5661f0c04834d5e46332d55a0c598e8faae2f content-type application/javascript access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=10800 accept-ranges bytes x-cache-hits 260, 4
GET H2	200	sharedUtils.58c71a5d906c1c27c8e6.js Show response static.klaviyo.com/onsite/js/	48 KB 18 KB	135ms 49ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.klaviyo.com/onsite/js/sharedUtils.58c71a5d906c1c27c8e6.js?cb=1 Requested by Host: static.klaviyo.com URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Vcq7JM Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 43f84fc07ca84521ccdd33195be1d62cbe8b43720aecc3e26d859b15061c3b30 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Origin https://info.workmoney.org Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id ITWaxvCLmiXAceusM0.5yRJFy.eMUuuz content-encoding br via 1.1 varnish, 1.1 varnish date Fri, 05 Jul 2024 19:40:45 GMT x-amz-request-id FY7ATG7XXCNQ66H2 age 307 x-amz-server-side-encryption AES256 x-cache HIT, HIT x-amz-meta-surrogate-control max-age=31536000 x-amz-meta-surrogate-key fender-asset content-length 17916 x-amz-id-2 dnsW8FA9YHOznUgcBOOipeCChPutGh4+MstMRwg50IZcDj4sMsAEPm03Ts6wH4QAP830M5Y+miU= x-served-by cache-lga21941-LGA, cache-fra-etou8220097-FRA last-modified Thu, 27 Jun 2024 09:36:48 GMT server AmazonS3 etag "6cc01be3baf017cfa85878bcac0f9e8f" vary Accept-Encoding x-amz-meta-entrypoints-hash 912e2bb7dd18552828727b3c1954397389e047e7 content-type application/javascript access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=10800 accept-ranges bytes x-cache-hits 425464, 150
GET H2	200	js Show response www.googletagmanager.com/gtag/	344 KB 109 KB	88ms 87ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-NSRYKVYF8Z&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c504d3634c0357a3f5d55b01df6c95f4d4bfcd96de8f1e52488dc151a2b0dff4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 111055 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 05 Jul 2024 19:40:45 GMT
GET H2	200	/ Show response geolocation-db.com/json/	144 B 256 B	351ms 54ms	XHR text/html	159.89.102.253 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://geolocation-db.com/json/ Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.89.102.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash d42d8d5390b0da6b5b9e11debe8e04a11c16337046086b6c263a5f7eda10ea5a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Fri, 05 Jul 2024 19:40:46 GMT content-encoding gzip server nginx/1.14.0 (Ubuntu) content-type text/html; charset=UTF-8
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	222 KB 59 KB	335ms 40ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 05 Jul 2024 19:40:46 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58293 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1297, tbw=2810, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug PdhXtfr7hjwxIrDalK+33TaEuhIBTjGjRsn3EZN2FREn4l7oeMfmOz9+sSmV1stbKZCB8RsIZdV+QWAafIo7Ow== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	tfa.js Show response cdn.taboola.com/libtrc/unip/1301021/	70 KB 22 KB	611ms 335ms	Script application/javascript	151.101.65.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/unip/1301021/tfa.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d850b3a2462bf95fbdb0a4d2ede4ee4f7244028670dff0b62c5b65091b82b851 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id 4PnB5VkKSIlWvCljaPaPuIukcbsRDhQn content-encoding gzip via 1.1 varnish date Fri, 05 Jul 2024 19:40:46 GMT x-amz-request-id N977SRPM5YM21K8Q age 0 x-amz-server-side-encryption AES256 x-cache HIT x-amz-replication-status COMPLETED content-length 21715 x-amz-id-2 gOqaTJidfC0cLwm+ldXB+8/PhdlREZPWITsfwOROnzq4DQuFYRM1/0eLhBJ9vEiD6TGlz2Pbqic= x-served-by cache-fra-etou8220119-FRA last-modified Sun, 30 Jun 2024 11:26:10 GMT server AmazonS3 x-timer S1720208446.086221,VS0,VE295 etag "0d46c651139a9bf21ba577bc2fe57f88" vary Accept-Encoding content-type application/javascript; charset=utf-8 abp 32 access-control-allow-origin * cache-control private,max-age=14401 accept-ranges bytes x-cache-hits 0
GET H2	200	scevent.min.js Show response sc-static.net/	50 KB 21 KB	327ms 65ms	Script application/javascript	3.163.248.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc-static.net/scevent.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.163.248.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash fcc3c439edc63318783aed993f9d2a5be255270297b5453bceb2384d9993886c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:46 GMT content-encoding gzip via 1.1 55c4cb6ad29c7bbcd0c8f2d8b906a83e.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop TXL50-P4 x-cache Miss from cloudfront content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control private, s-maxage=0, max-age=600 access-control-allow-headers Content-Type content-length 21453 x-amz-cf-id Qe7PK41eyDEMIrB-L33AeKcMD7-iC6MBoBrHyRA8SEH-L5nZpXyh1w==
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	324ms 63ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Fri, 05 Jul 2024 19:40:45 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 3CF37EA6565B4FC4A92BAA8B040646DA Ref B: FRA31EDGE0619 Ref C: 2024-07-05T19:40:46Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	42 KB 13 KB	310ms 49ms	Script application/javascript	2a04:4e42:600::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:46 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish last-modified Thu, 20 Jun 2024 19:23:03 GMT server snooserv nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} etag "71b328aff914ada8b774bfa8fff542c4" x-amz-server-side-encryption AES256 vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/javascript cache-control public, max-age=60 accept-ranges bytes content-length 12116
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	38 KB 14 KB	301ms 41ms	Script application/javascript	2a02:26f0:7100::1720:ee42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::1720:ee42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 18 Jun 2024 16:46:52 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=20787 accept-ranges bytes content-length 14004
GET H2	200	destination Show response www.googletagmanager.com/gtag/	216 KB 78 KB	87ms 79ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-13560696&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 765775895129d8755c33671c3aa809317a36656bafe79af8f91cba6de2911d57 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 79340 x-xss-protection 0 last-modified Fri, 05 Jul 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 05 Jul 2024 19:40:45 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 0	153ms 49ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-NSRYKVYF8Z&gtm=45je4730v877626850z8831084863za200zb831084863&_p=1720208445327&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2008638256.1720208446&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Finfo.workmoney.org%2F&dr=&dp=%2F&dt=Welcome%20To%20WorkMoney&sid=1720208446&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=&tfd=1321&_z=fetch Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-NSRYKVYF8Z&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 05 Jul 2024 19:40:46 GMT server Golfe2 content-type text/plain access-control-allow-origin https://info.workmoney.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 256 B	153ms 49ms	Ping text/plain	2a00:1450:400c:c0d::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NSRYKVYF8Z&cid=2008638256.1720208446&gtm=45je4730v877626850z8831084863za200zb831084863&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-NSRYKVYF8Z&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 05 Jul 2024 19:40:46 GMT server Golfe2 content-type text/plain access-control-allow-origin https://info.workmoney.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	130ms 63ms	Image image/gif	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NSRYKVYF8Z&cid=2008638256.1720208446&gtm=45je4730v877626850z8831084863za200zb831084863&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1906145567 Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 05 Jul 2024 19:40:46 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activityi;dc_pre=CK-LievTkIcDFWjEwgQdVoYPDQ;src=13560696;type=pavev0;cat=workm0;ord=9225557795770;npa=1;auiddc=572899573.1720208446;u1=https%3A%2F%2Finfo.workmoney.org%2F;ps=1;pcor=2125076548;uaa=x... 13560696.fls.doubleclick.net/ Frame 848C Redirect Chain https://13560696.fls.doubleclick.net/activityi;src=13560696;type=pavev0;cat=workm0;ord=9225557795770;npa=1;auiddc=572899573.1720208446;u1=https%3A%2F%2Finfo.workmoney.org%2F;ps=1;pcor=2125076548;ua... https://13560696.fls.doubleclick.net/activityi;dc_pre=CK-LievTkIcDFWjEwgQdVoYPDQ;src=13560696;type=pavev0;cat=workm0;ord=9225557795770;npa=1;auiddc=572899573.1720208446;u1=https%3A%2F%2Finfo.workmo...	0 0	198ms 197ms	Document text/html	172.217.16.198 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://13560696.fls.doubleclick.net/activityi;dc_pre=CK-LievTkIcDFWjEwgQdVoYPDQ;src=13560696;type=pavev0;cat=workm0;ord=9225557795770;npa=1;auiddc=572899573.1720208446;u1=https%3A%2F%2Finfo.workmoney.org%2F;ps=1;pcor=2125076548;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9153343598z8831084863za201zb831084863;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Finfo.workmoney.org%2F? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=DC-13560696&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://info.workmoney.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 426 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 05 Jul 2024 19:40:46 GMT expires Fri, 05 Jul 2024 19:40:46 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 05 Jul 2024 19:40:46 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://13560696.fls.doubleclick.net/activityi;dc_pre=CK-LievTkIcDFWjEwgQdVoYPDQ;src=13560696;type=pavev0;cat=workm0;ord=9225557795770;npa=1;auiddc=572899573.1720208446;u1=https%3A%2F%2Finfo.workmoney.org%2F;ps=1;pcor=2125076548;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9153343598z8831084863za201zb831084863;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Finfo.workmoney.org%2F? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	activity;register_conversion=1;src=13560696;type=pavev0;cat=workm0;ord=9225557795770;npa=1;auiddc=572899573.1720208446;u1=https%3A%2F%2Finfo.workmoney.org%2F;ps=1;pcor=2125076548;uaa=x86;uab=64;uaf... ad.doubleclick.net/	0 23 B	270ms 193ms	Image image/png	142.250.181.230 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/activity;register_conversion=1;src=13560696;type=pavev0;cat=workm0;ord=9225557795770;npa=1;auiddc=572899573.1720208446;u1=https%3A%2F%2Finfo.workmoney.org%2F;ps=1;pcor=2125076548;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9153343598z8831084863za201zb831084863;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Finfo.workmoney.org%2F? Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 05 Jul 2024 19:40:46 GMT attribution-reporting-register-trigger {"aggregatable_deduplication_keys":[{"deduplication_key":"14361996777141160048"}],"aggregatable_trigger_data":[{"filters":[{"14":["16194362"]}],"key_piece":"0x10d66aa421196c03","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xa3ea7c88ab7c6ccf","not_filters":{"14":["16194362"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"13420149462778791721","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"14361996777141160048","filters":[{"14":["16194362"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"14361996777141160048","filters":[{"14":["16194362"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"14361996777141160048","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"14361996777141160048","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["13560696"]}} x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	config Show response pixel-config.reddit.com/pixels/t2_p9hxq0oa/	3 B 124 B	342ms 48ms	XHR application/json	151.101.193.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pixel-config.reddit.com/pixels/t2_p9hxq0oa/config Requested by Host: www.redditstatic.com URL: https://www.redditstatic.com/ads/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:46 GMT content-encoding gzip via 1.1 varnish content-type application/json access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes content-length 27
GET H2	200	t2_p9hxq0oa_telemetry Show response www.redditstatic.com/ads/conversions-config/v1/pixel/config/	86 B 699 B	585ms 58ms	XHR application/json	2a04:4e42:600::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_p9hxq0oa_telemetry Requested by Host: www.redditstatic.com URL: https://www.redditstatic.com/ads/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:46 GMT content-encoding gzip via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} server snooserv vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/json access-control-allow-origin * cache-control max-age=300 accept-ranges bytes content-length 97
GET H2	200	rp.gif alb.reddit.com/	42 B 637 B	227ms 48ms	Image image/gif	151.101.129.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1720208446275&id=t2_p9hxq0oa&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=a049cafc-f352-4832-a168-6bbbbcba3371&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc= Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:46 GMT via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3} server Varnish report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type image/gif cross-origin-resource-policy cross-origin accept-ranges bytes content-length 42 retry-after 0
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 702 B	434ms 141ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept * Referer https://info.workmoney.org/ sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:46 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 48D950472A8D46BBAD17D363DFC5D23A Ref B: FRAEDGE1516 Ref C: 2024-07-05T19:40:46Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 access-control-allow-origin https://info.workmoney.org x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYchT1mzeu/qzNt9KSWdA==
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 812 B	516ms 223ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=4083108&time=1720208446285&url=https%3A%2F%2Finfo.workmoney.org%2F&tm=gtmv2 Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept * Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:46 GMT content-encoding gzip x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 50F8F77011524B6DA80D5AE1E548DA1B Ref B: FRAEDGE1207 Ref C: 2024-07-05T19:40:46Z access-control-allow-methods GET, OPTIONS x-li-fabric prod-lor1 access-control-allow-origin * x-cache CONFIG_NOCACHE content-type application/json x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-li-uuid AAYchT1nc4cKuGI+3mKq0Q== x-fs-uuid 00061c853d6773870ab8623ede62aad1
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1720208446285&url=https%3A%2F%2Finfo.workmoney.org%2F&tm=gtmv2 https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1720208446285&url=https%3A%2F%2Finfo.workmoney.org%2F&tm=gtmv2&e_ipv6=AQJio4vyE1hiCwAAAZCEadS41H9NdWFH7nVMDGYAX35o1KuK91Ui1TH9b_rdWD...	0 264 B	232ms 139ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1720208446285&url=https%3A%2F%2Finfo.workmoney.org%2F&tm=gtmv2&e_ipv6=AQJio4vyE1hiCwAAAZCEadS41H9NdWFH7nVMDGYAX35o1KuK91Ui1TH9b_rdWDgOP5b6Iy-H Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://info.workmoney.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 05 Jul 2024 19:40:46 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 7B9B66EBF38A4025AF18648BA84BA60D Ref B: FRAEDGE1319 Ref C: 2024-07-05T19:40:46Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAYchT1rICTYogxUHbs5gQ== Redirect headers date Fri, 05 Jul 2024 19:40:46 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: C8E8DB4C9AC743B8A734618E1B56E9DD Ref B: FRAEDGE1516 Ref C: 2024-07-05T19:40:46Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4083108&time=1720208446285&url=https%3A%2F%2Finfo.workmoney.org%2F&tm=gtmv2&e_ipv6=AQJio4vyE1hiCwAAAZCEadS41H9NdWFH7nVMDGYAX35o1KuK91Ui1TH9b_rdWDgOP5b6Iy-H x-li-proto http/2 content-length 0 x-li-uuid AAYchT1mzk76GFogokFhSQ==
GET H2	200	996986220718083 Show response connect.facebook.net/signals/config/	61 KB 13 KB	253ms 252ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/996986220718083?v=2.9.160&r=stable&domain=info.workmoney.org&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 61bb0f4dfcd6a6eb6d761ef0d7c82784362bbff4f07060aa4860de7a84a2a788 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 05 Jul 2024 19:40:46 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=66, mss=1297, tbw=63840, tp=-1, tpl=-1, uplat=210, ullat=0 pragma public x-fb-debug S9xaZIEF2ztkONO8qaojIM+p441M98ADO8r/Noxh52YY8RUZv3ATpyszSaWE+K8dXXuy5s0HTmVie9Xxcf6pKA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	148004749.js Show response bat.bing.com/p/action/	4 KB 2 KB	72ms 71ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/148004749.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash cc4ceb3c553d6382e138885937e9148df21fe4f468e00047dfcf723db8f2bfec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Fri, 05 Jul 2024 19:40:45 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 276AC82EA3B949BBA03BF9A51E13960C Ref B: FRA31EDGE0619 Ref C: 2024-07-05T19:40:46Z vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 cache-control private,max-age=60
GET H2	204	0 bat.bing.com/action/	0 287 B	97ms 96ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=148004749&tm=gtm002&Ver=2&mid=526922b2-3d47-44a5-afc3-b8d8d091d0bd&sid=795ca5803b0611efb0781375c18e7639&vid=795cf5603b0611ef80b371e0d46a127b&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Welcome%20To%20WorkMoney&p=https%3A%2F%2Finfo.workmoney.org%2F&r=&lt=606&evt=pageLoad&sv=1&rn=133460 Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 05 Jul 2024 19:40:45 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 34333DDFDF2B473C9C380246B63F7B73 Ref B: FRA31EDGE0619 Ref C: 2024-07-05T19:40:46Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	c52aa0e9-af35-416c-b776-64389a178d7d.json Show response tr.snapchat.com/config/org/	101 B 387 B	306ms 146ms	Fetch application/json	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/config/org/c52aa0e9-af35-416c-b776-64389a178d7d.json?v=3.21.1-2407011851 Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash f0e8f04bdec051cacda6984d4c2ff1b8afdac3ac3c6e2c08d3c92bbda69d3aa1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" accept application/json Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google server API Gateway observe-browsing-topics ?1 content-type application/json access-control-allow-origin https://info.workmoney.org x-envoy-upstream-service-time 95 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 101
GET H2	200	i tr.snapchat.com/cm/ Frame 0CDB	0 0	208ms 52ms	Document text/html	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/cm/i?pid=c52aa0e9-af35-416c-b776-64389a178d7d&u_scsid=3186a9a4-7d96-46d0-bc27-99294cd4d1c6&u_sclid=b8592578-6c8e-465a-97b4-99551d1c62c6 Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://info.workmoney.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Fri, 05 Jul 2024 19:40:46 GMT server API Gateway strict-transport-security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains via 1.1 google x-envoy-upstream-service-time 0
GET H2	200	p tr.snapchat.com/	68 B 445 B	250ms 53ms	Image image/png	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tr.snapchat.com/p?pid=c52aa0e9-af35-416c-b776-64389a178d7d&ev=PAGE_VIEW&intg=gtm&pids=c52aa0e9-af35-416c-b776-64389a178d7d&u_c1=35adad66-bff0-4966-afc5-eaa7aaffb2c4&cdid=%40-3d5de497-0cc1-4a50-800f-a2ea762a2af1&u_sclid=b8592578-6c8e-465a-97b4-99551d1c62c6&u_scsid=3186a9a4-7d96-46d0-bc27-99294cd4d1c6&bg=false&bt=1d53c387&d_a=x86&d_bvs=%5B%7B%22brand%22%3A%22Not%2FA)Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126.0.6478.126%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126.0.6478.126%22%7D%5D&d_os=10.0.0&d_ot=Win32&df=true&huah=true&m_dcl=605&m_fcps=595&m_pi=209&m_pl=0&m_pv=2&m_rd=1674&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Finfo.workmoney.org%2F&trackId=a6b023c1-9638-46a4-ba69-d0dac8267b52&ts=1720208446392&v=3.21.1-2407011851 Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google server API Gateway content-type image/png access-control-allow-origin * cache-control no-cache, no-transform x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68
GET H2	200	topics_api Show response psb.taboola.com/	65 B 284 B	186ms 39ms	Fetch text/html	151.101.193.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://psb.taboola.com/topics_api Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1301021/tfa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-fra-etou8220123-FRA date Fri, 05 Jul 2024 19:40:46 GMT via 1.1 varnish server Varnish observe-browsing-topics ?1 x-timer S1720208447.619031,VS0,VE0 x-cache HIT content-type text/html; charset=utf-8 access-control-allow-origin * cache-control private, max-age=2592000 accept-ranges bytes content-length 65 retry-after 0 x-cache-hits 0
GET H2	200	json Show response trc.taboola.com/1301021/trc/3/	2 KB 2 KB	69ms 60ms	Script application/javascript	151.101.65.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/1301021/trc/3/json?tim=1720208446449&data=%7B%22id%22%3A236%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1720208446415%2C%22cv%22%3A%2220240626-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Finfo.workmoney.org%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dzeevgoichman-workmoney-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1720208446448%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Finfo.workmoney.org%2F%22%2C%22tos%22%3A26%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1301021/tfa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ca727b4ac807b906fef928b415e52862c75bbeeaa54e9cbe4b386fa1cd099261 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-vcl-time-ms 19 date Fri, 05 Jul 2024 19:40:46 GMT content-encoding gzip via 1.1 varnish cpu 0.20950000000000002 x-fastly-to-nlb-rtt 7427 x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-etou8220119-FRA x-log-content-encoding gzip server nginx x-timer S1720208446.482982,VS0,VE19 vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	200	148004749 Show response www.clarity.ms/tag/uet/	866 B 1 KB	293ms 132ms	Script application/x-javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/uet/148004749 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/148004749.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 2a9068ffff80e844cd806f77f203d8d0550cea6a706bb628c2cdebe5e80bfd17 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires -1 date Fri, 05 Jul 2024 19:40:46 GMT x-azure-ref 20240705T194046Z-r195c4c79d9mjxl7c7e9bupdd000000000r000000001bngb x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 866 request-context appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
GET H2	200	/ www.facebook.com/tr/	0 274 B	155ms 41ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=996986220718083&ev=PageView&dl=https%3A%2F%2Finfo.workmoney.org%2F&rl=&if=false&ts=1720208446683&cd[dataSource]=EX&sw=1600&sh=1200&ud[uid]=_ly93ozm22j79xyzrj&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720208446681.925913712785174580&ler=empty&cdl=API_unavailable&it=1720208446364&coo=false&eid=1720209427431_17202086188841&rqm=GET Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2890, tp=-1, tpl=-1, uplat=1, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 05 Jul 2024 19:40:46 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 1 KB	325ms 213ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=996986220718083&ev=PageView&dl=https%3A%2F%2Finfo.workmoney.org%2F&rl=&if=false&ts=1720208446683&cd[dataSource]=EX&sw=1600&sh=1200&ud[uid]=_ly93ozm22j79xyzrj&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720208446681.925913712785174580&ler=empty&cdl=API_unavailable&it=1720208446364&coo=false&eid=1720209427431_17202086188841&rqm=FGET Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x2f00e06c0aabf441","source_keys":["1","2"]},{"key_piece":"0x45aa0a2c2c10b389","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Fri, 05 Jul 2024 19:40:46 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388239018590380523", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=16, mss=1297, tbw=7822, tp=-1, tpl=-1, uplat=172, ullat=0 pragma no-cache x-fb-debug aYzyFCs6hGnW5CnwDnOLPNiRfNKkBV2VK8mdFvAtHYSBduShAYdD6hBcwn/bm6zVLL7uoY3Bdc1wSJd9FDQlKg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388239018590380523"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 32 B	154ms 42ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Finfo.workmoney.org%2F&rl=&if=false&ts=1720208446689&cd[%24country]=DE&sw=1600&sh=1200&ud[uid]=_ly93ozm22j79xyzrj&v=2.9.160&r=stable&ec=1&o=4126&fbp=fb.1.1720208446681.925913712785174580&ler=empty&cdl=API_unavailable&it=1720208446364&coo=false&es=user_properties&tm=3&rqm=GET Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3177, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 05 Jul 2024 19:40:46 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 1022 B	326ms 214ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Finfo.workmoney.org%2F&rl=&if=false&ts=1720208446689&cd[%24country]=DE&sw=1600&sh=1200&ud[uid]=_ly93ozm22j79xyzrj&v=2.9.160&r=stable&ec=1&o=4126&fbp=fb.1.1720208446681.925913712785174580&ler=empty&cdl=API_unavailable&it=1720208446364&coo=false&es=user_properties&tm=3&rqm=FGET Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x35183497ea00fd9d","source_keys":["1","2"]},{"key_piece":"0xd5aeaa03fe04d0d9","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Fri, 05 Jul 2024 19:40:46 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388239018935323693", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=16, mss=1297, tbw=9060, tp=-1, tpl=-1, uplat=174, ullat=0 pragma no-cache x-fb-debug ss+6DUc3spE0dmlXt0UNsgLPHbvMX+/tkg4W+OgLXqmzCXR46v6n1Mhl7eiIo0Y+4x1javwTvC/0/U7TzGZ/6A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388239018935323693"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 103 B	153ms 42ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Finfo.workmoney.org%2F&rl=&if=false&ts=1720208446691&sw=1600&sh=1200&ud[uid]=_ly93ozm22j79xyzrj&v=2.9.160&r=stable&ec=2&o=4126&fbp=fb.1.1720208446681.925913712785174580&ler=empty&cdl=API_unavailable&it=1720208446364&coo=false&es=user_properties&tm=3&rqm=GET Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3177, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 05 Jul 2024 19:40:46 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 1021 B	323ms 212ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Finfo.workmoney.org%2F&rl=&if=false&ts=1720208446691&sw=1600&sh=1200&ud[uid]=_ly93ozm22j79xyzrj&v=2.9.160&r=stable&ec=2&o=4126&fbp=fb.1.1720208446681.925913712785174580&ler=empty&cdl=API_unavailable&it=1720208446364&coo=false&es=user_properties&tm=3&rqm=FGET Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x35183497ea00fd9d","source_keys":["1","2"]},{"key_piece":"0xd5aeaa03fe04d0d9","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Fri, 05 Jul 2024 19:40:46 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388239018493298428", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=16, mss=1297, tbw=6779, tp=-1, tpl=-1, uplat=172, ullat=0 pragma no-cache x-fb-debug Xj6EYz59mOEpR0lo/RVui0PpBxxLh58OrS++IEgHSwat7lNcWHOp9Tl1dMIkwUcncSgxoB0Bf6zklFfZnQSTKg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388239018493298428"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 102 B	40ms 39ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Finfo.workmoney.org%2F&rl=&if=false&ts=1720208446692&sw=1600&sh=1200&ud[uid]=_ly93ozm22j79xyzrj&v=2.9.160&r=stable&ec=3&o=4126&fbp=fb.1.1720208446681.925913712785174580&ler=empty&cdl=API_unavailable&it=1720208446364&coo=false&es=user_properties&tm=3&rqm=GET Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=16, mss=1297, tbw=3435, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 05 Jul 2024 19:40:46 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	146ms 146ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=996986220718083&ev=UserProperties&dl=https%3A%2F%2Finfo.workmoney.org%2F&rl=&if=false&ts=1720208446692&sw=1600&sh=1200&ud[uid]=_ly93ozm22j79xyzrj&v=2.9.160&r=stable&ec=3&o=4126&fbp=fb.1.1720208446681.925913712785174580&ler=empty&cdl=API_unavailable&it=1720208446364&coo=false&es=user_properties&tm=3&rqm=FGET Requested by Host: info.workmoney.org URL: https://info.workmoney.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x35183497ea00fd9d","source_keys":["1","2"]},{"key_piece":"0xd5aeaa03fe04d0d9","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Fri, 05 Jul 2024 19:40:46 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388239019202677632", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=16, mss=1297, tbw=3581, tp=-1, tpl=-1, uplat=103, ullat=0 pragma no-cache x-fb-debug +SEfPn44tSHeomfe1nJtT2zS0vECwGSsBaY8wuhoW05idF/T5x10X4g8QCCQ3TAl9cAvYm4nTMUxtw+KNKKk+g== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388239019202677632"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.32/	61 KB 26 KB	80ms 79ms	Script application/javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.32/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/uet/148004749 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 19:40:46 GMT content-encoding br last-modified Fri, 10 May 2024 17:30:20 GMT etag W/"0x8DC7116DE09E645" vary Accept-Encoding x-azure-ref 20240705T194046Z-r195c4c79d9mjxl7c7e9bupdd000000000r000000001bngh content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id b003f955-101e-0065-0131-ce809f000000 cache-control public, max-age=86400 x-cache TCP_HIT x-ms-version 2018-03-28 x-fd-int-roxy-purgeid 51562430
POST H2	200	p tr6.snapchat.com/	0 47 B	62ms 55ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr6.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 05 Jul 2024 19:40:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains x-envoy-upstream-service-time 2 via 1.1 google server API Gateway alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
POST H/1.1	204 No Content	collect Show response k.clarity.ms/	0 282 B	452ms 138ms	XHR text/plain	172.175.38.6 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://k.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.32/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/x-clarity-gzip Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://info.workmoney.org Date Fri, 05 Jul 2024 19:40:47 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
POST H2	200	p tr.snapchat.com/	0 91 B	65ms 64ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 05 Jul 2024 19:40:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google server API Gateway access-control-allow-origin https://info.workmoney.org x-envoy-upstream-service-time 1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A33AD1E4C9954DE4952A1D6FB2B91D56&RedC=c.clarity.ms&MXFR=23A3AA16DE1A6194243EBEA5DA1A6F64 https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A33AD1E4C9954DE4952A1D6FB2B91D56&MUID=08D067DCD83161221819736FD9BA60F6	42 B 442 B	62ms 61ms	Image image/gif	13.74.129.1 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A33AD1E4C9954DE4952A1D6FB2B91D56&MUID=08D067DCD83161221819736FD9BA60F6 Protocol H2 Server 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://info.workmoney.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 05 Jul 2024 19:40:46 GMT last-modified Tue, 25 Jun 2024 19:30:12 GMT server Microsoft-IIS/10.0 etag "7473f1936c7da1:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Fri, 05 Jul 2024 19:40:46 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 5CE8247F06D5458DAF24C3777FC79F21 Ref B: FRA31EDGE0619 Ref C: 2024-07-05T19:40:47Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A33AD1E4C9954DE4952A1D6FB2B91D56&MUID=08D067DCD83161221819736FD9BA60F6 cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H2	200	favicon.ico info.workmoney.org/images/	1 KB 1 KB	293ms 293ms	Other image/vnd.microsoft.icon	2606:4700:10::6816:14a3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.workmoney.org/images/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:14a3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fddba9d9e2269a901d54bb50ae984d93477e5c72bf522601ddb2896ab3334962 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J226KNN28G9VGP4T64YF9YNT date Fri, 05 Jul 2024 19:40:47 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status MISS netlify-vary cookie=__next_preview_data:presence|__prerender_bypass:presence server cloudflare cache-status "Netlify Edge"; fwd=miss etag W/"73a4e460bb2eb3213a8ec4cdcb3a2e5d-ssl" vary Accept-Encoding content-type image/vnd.microsoft.icon cache-control public,max-age=0,must-revalidate cf-ray 89e9d42a7ff21e14-FRA
GET H2	204	unip Show response trc-events.taboola.com/1301021/log/3/	0 249 B	132ms 42ms	XHR text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1301021/log/3/unip?en=pre_d_eng_tb&tos=1576&scd=0&ssd=1&est=1720208446420&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1720208447998&vi=1720208446415&ri=9c00b89480878625b7e89ded6e3533e3&ref=null&cv=20240626-2-RELEASE&item-url=https%3A%2F%2Finfo.workmoney.org%2F Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1301021/tfa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Attribution-Reporting-Eligible trigger Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin https://info.workmoney.org pragma no-cache date Fri, 05 Jul 2024 19:40:48 GMT cache-control no-cache access-control-allow-credentials true server nginx p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
OPTIONS H2	200	unip trc-events.taboola.com/1301021/log/3/ Frame	0 0	465ms 42ms	Preflight	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1301021/log/3/unip?en=pre_d_eng_tb&tos=1576&scd=0&ssd=1&est=1720208446420&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1720208447998&vi=1720208446415&ri=9c00b89480878625b7e89ded6e3533e3&ref=null&cv=20240626-2-RELEASE&item-url=https%3A%2F%2Finfo.workmoney.org%2F Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://info.workmoney.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-origin https://info.workmoney.org allow GET, HEAD, POST, TRACE, OPTIONS content-length 0 date Fri, 05 Jul 2024 19:40:48 GMT p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" server nginx
POST H/1.1	204 No Content	collect Show response k.clarity.ms/	0 282 B	127ms 125ms	XHR text/plain	172.175.38.6 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://k.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.32/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/x-clarity-gzip Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://info.workmoney.org Date Fri, 05 Jul 2024 19:40:48 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
GET H2	204	unip Show response trc-events.taboola.com/1301021/log/3/	0 248 B	44ms 44ms	XHR text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1301021/log/3/unip?en=pre_d_eng_tb&tos=4579&scd=0&ssd=1&est=1720208446420&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1720208451000&vi=1720208446415&ri=9c00b89480878625b7e89ded6e3533e3&ref=null&cv=20240626-2-RELEASE&item-url=https%3A%2F%2Finfo.workmoney.org%2F Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1301021/tfa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Attribution-Reporting-Eligible trigger Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin https://info.workmoney.org pragma no-cache date Fri, 05 Jul 2024 19:40:51 GMT cache-control no-cache access-control-allow-credentials true server nginx p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
OPTIONS H2	200	unip trc-events.taboola.com/1301021/log/3/ Frame	0 0	47ms 40ms	Preflight	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1301021/log/3/unip?en=pre_d_eng_tb&tos=4579&scd=0&ssd=1&est=1720208446420&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1720208451000&vi=1720208446415&ri=9c00b89480878625b7e89ded6e3533e3&ref=null&cv=20240626-2-RELEASE&item-url=https%3A%2F%2Finfo.workmoney.org%2F Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://info.workmoney.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-origin https://info.workmoney.org allow GET, HEAD, POST, TRACE, OPTIONS content-length 0 date Fri, 05 Jul 2024 19:40:51 GMT p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" server nginx
POST H2	204	collect region1.analytics.google.com/g/	0 0	48ms 48ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-NSRYKVYF8Z&gtm=45je4730v877626850za200zb831084863&_p=1720208445327&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2008638256.1720208446&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&dl=https%3A%2F%2Finfo.workmoney.org%2F&dr=&dp=%2F&dt=Welcome%20To%20WorkMoney&sid=1720208446&sct=1&seg=0&en=scroll&ep.content_group=&epn.percent_scrolled=90&_et=88&tfd=6428&_z=fetch Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-NSRYKVYF8Z&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 05 Jul 2024 19:40:51 GMT server Golfe2 content-type text/plain access-control-allow-origin https://info.workmoney.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	p tr6.snapchat.com/	0 13 B	58ms 58ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr6.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://info.workmoney.org/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 05 Jul 2024 19:40:51 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains x-envoy-upstream-service-time 0 via 1.1 google server API Gateway alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0