app.truework.com Open in urlscan Pro
18.118.75.249 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/
Submission: On May 01 via manual (May 1st 2023, 3:25:46 pm UTC) from US — Scanned from DE

Summary HTTP 99 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 22 domains to perform 99 HTTP transactions. The main IP is 18.118.75.249, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is app.truework.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 25th 2023. Valid for: a year.

This is the only time app.truework.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	18.118.75.249 18.118.75.249	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2600:9000:225... 2600:9000:2251:200:6:12a5:ec40:93a1	16509 (AMAZON-02) (AMAZON-02)
7	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
5	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::ac43:a57f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:5b0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
3	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
2	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.32.118.85 13.32.118.85	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1490	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	44.227.186.215 44.227.186.215	16509 (AMAZON-02) (AMAZON-02)
10	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8	23.36.162.205 23.36.162.205	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:20e... 2600:9000:20eb:5a00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:22::1726:62ed	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:205... 2600:9000:2057:6e00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.187.57.130 54.187.57.130	16509 (AMAZON-02) (AMAZON-02)
1	104.198.23.205 104.198.23.205	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
99	32

9 18.118.75.249 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-118-75-249.us-east-2.compute.amazonaws.com

app.truework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2251:200:6:12a5:ec40:93a1 (United States)

ASN16509 (AMAZON-02, US)

dgoidxrjgsomp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:a57f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-in-prod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:5b0::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

truework-contact.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.118.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-85.fra60.r.cloudfront.net

d2yyd1h5u9mauk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.227.186.215 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-227-186-215.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.36.162.205 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-205.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:5a00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:22::1726:62ed (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:6e00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.57.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-57-130.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.23.205 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 205.23.198.104.bc.googleusercontent.com

r.lr-in-prod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	stripe.com js.stripe.com — Cisco Umbrella Rank: 2411 q.stripe.com — Cisco Umbrella Rank: 20152 r.stripe.com — Cisco Umbrella Rank: 7419 m.stripe.com — Cisco Umbrella Rank: 2198	357 KB
10	cloudfront.net dgoidxrjgsomp.cloudfront.net d2yyd1h5u9mauk.cloudfront.net	1 MB
9	6sc.co j.6sc.co — Cisco Umbrella Rank: 12305 c.6sc.co — Cisco Umbrella Rank: 16337 ipv6.6sc.co — Cisco Umbrella Rank: 13024 b.6sc.co — Cisco Umbrella Rank: 7606	14 KB
9	segment.com cdn.segment.com — Cisco Umbrella Rank: 2324	65 KB
9	truework.com app.truework.com	36 KB
6	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2815 ekr.zdassets.com — Cisco Umbrella Rank: 3252	416 KB
3	sentry.io sentry.io — Cisco Umbrella Rank: 324	1 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2930 www.google.com — Cisco Umbrella Rank: 16	764 B
3	unpkg.com unpkg.com — Cisco Umbrella Rank: 1180	12 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	234 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2669	16 KB
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 733 px4.ads.linkedin.com — Cisco Umbrella Rank: 6554	1 KB
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604	746 B
2	gstatic.com fonts.gstatic.com	31 KB
2	zendesk.com truework-contact.zendesk.com	2 KB
2	lr-in-prod.com cdn.lr-in-prod.com — Cisco Umbrella Rank: 19575 r.lr-in-prod.com — Cisco Umbrella Rank: 18364	187 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3425	562 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	2 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1344	175 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1365	5 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 751	14 KB
99	22

	Domain	Requested by
10	r.stripe.com	js.stripe.com
9	cdn.segment.com	dgoidxrjgsomp.cloudfront.net cdn.segment.com
9	app.truework.com	app.truework.com dgoidxrjgsomp.cloudfront.net
7	js.stripe.com	app.truework.com js.stripe.com
7	dgoidxrjgsomp.cloudfront.net	app.truework.com dgoidxrjgsomp.cloudfront.net
6	b.6sc.co	app.truework.com
5	static.zdassets.com	app.truework.com static.zdassets.com
4	q.stripe.com	app.truework.com
3	d2yyd1h5u9mauk.cloudfront.net	app.truework.com
3	sentry.io	app.truework.com
3	unpkg.com	app.truework.com
3	fonts.googleapis.com	app.truework.com
3	www.googletagmanager.com	app.truework.com cdn.segment.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	cdn.linkedin.oribi.io	dgoidxrjgsomp.cloudfront.net
2	fonts.gstatic.com	fonts.googleapis.com
2	truework-contact.zendesk.com	static.zdassets.com
2	www.google.de	app.truework.com
2	region1.analytics.google.com	www.googletagmanager.com
1	r.lr-in-prod.com	dgoidxrjgsomp.cloudfront.net
1	m.stripe.com	m.stripe.network
1	ipv6.6sc.co	dgoidxrjgsomp.cloudfront.net
1	c.6sc.co	dgoidxrjgsomp.cloudfront.net
1	www.google.com	app.truework.com
1	px4.ads.linkedin.com	app.truework.com
1	px.ads.linkedin.com	1 redirects
1	j.6sc.co	app.truework.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	api.segment.io	dgoidxrjgsomp.cloudfront.net
1	snap.licdn.com	cdn.segment.com
1	cdn.optimizely.com	dgoidxrjgsomp.cloudfront.net
1	cdn.lr-in-prod.com	dgoidxrjgsomp.cloudfront.net
1	ekr.zdassets.com	static.zdassets.com
1	stats.g.doubleclick.net	www.googletagmanager.com
99	34

This site contains links to these domains. Also see Links.

Domain
help.truework.com
www.truework.com

Subject Issuer	Validity	Valid
app.truework.com Amazon RSA 2048 M01	`2023-02-25` - `2024-03-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-06-01`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-04-20` - `2023-08-05`	4 months	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.segment.com Amazon RSA 2048 M01	`2023-02-24` - `2024-01-12`	a year	crt.sh
sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-07-04`	a year	crt.sh
truework-contact.zendesk.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.segment.io Amazon RSA 2048 M01	`2023-02-10` - `2024-02-10`	a year	crt.sh
6sc.co R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
api.logrocket.com R3	`2023-03-10` - `2023-06-08`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/
Frame ID: 2FC2307640FD8FF2E165C2B99E2980D4
Requests: 70 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-c0c9b7521aeb969bfe7a.js
Frame ID: 40C3A2123CEAC98A78CE8A4C6FB3774C
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html
Frame ID: ED0B38D69661961A53E96B41E3D14988
Requests: 15 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 704900DED8117A57DF58C63FFF9AB512
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: D71660B4498DCCD6100F2B79217F3793
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Verification Request | Truework

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

99
Requests

98 %
HTTPS

53 %
IPv6

22
Domains

34
Subdomains

32
IPs

4
Countries

2506 kB
Transfer

9691 kB
Size

21
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://help.truework.com/hc/en-us/articles/5549968612759-Supported-Internet-Browsers
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.truework.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=321004&time=1682954741791&url=https%3A%2F%2Fapp.truework.com%2Femployer%2Fincoming%2Freport%2FAAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=321004&time=1682954741791&url=https%3A%2F%2Fapp.truework.com%2Femployer%2Fincoming%2Freport%2FAAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-%2F&e_ipv6=AQIEoGd-l0hz4QAAAYfX62iC76Y0WtiZ2z4B8wUinn9F62GGoTJH9SAvafW4L_9s7bMN9ihPN2FsIfUieliCB8e5KE8RYA

99 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/ 7 KB
4 KB 351ms
109ms Document
text/html 18.118.75.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.118.75.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-118-75-249.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

bf720da9121cd38a840aadd1f288be43dfa6213ce90dd060b99483564915ba4b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://encompassloconnect.com https://.encompassloconnect.com https://ellieservices.com https://.ellieservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://encompassloconnect.com https://*.encompassloconnect.com https://ellieservices.com https://*.ellieservices.com;
content-security-policy-report-only: report-uri https://sentry.io/api/285406/security/?sentry_key=4838404aafea4aa3a71968579571e131 ; default-src 'self' data: https: wss: ; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: wss: ; style-src 'self' 'unsafe-inline' https: ; img-src 'self' data: blob: https: ; font-src 'self' data: https: ; connect-src 'self' https: wss: ; child-src 'self' blob: ; frame-src 'self' https: ; worker-src 'self' blob:
content-type: text/html
date: Mon, 01 May 2023 15:25:40 GMT
etag: W/"64498eed-1daf"
last-modified: Wed, 26 Apr 2023 20:51:57 GMT
referrer-policy: same-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
83 KB 46ms
24ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KZX4MD5XZJ

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aaab62f4aa0f4f350b445b733c9037e26e5c750eec0e52c5feafb883ba13e301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84713
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 01 May 2023 15:25:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
824 B 38ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc009aaad13ca958a1c99a1b73a2c807e433fe4cb76cbf6b63c82a690fc1d399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 May 2023 15:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 May 2023 15:25:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 May 2023 15:25:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 39ms
18ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Mono:400,700|Roboto:400,400i,500,700,700i,900

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96b736afc032ee718b04348120b5032b09a40dd37143ed0ccf3f51e3a66f53cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 May 2023 15:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 May 2023 15:25:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 May 2023 15:25:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@100;200;300;400;500;600;700&display=swap

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

14f9e0ca9b6fe4553fc71e6761aa783e1f160e6e99b78db18e8df64ffd52a345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 May 2023 15:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 May 2023 15:09:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 May 2023 15:25:40 GMT

GET
H2 200 bootstrap-3-3-7.min.css
app.truework.com/assets/css/ 118 KB
25 KB 111ms
110ms Stylesheet
text/css 18.118.75.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truework.com/assets/css/bootstrap-3-3-7.min.css

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.118.75.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-118-75-249.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

934b265c36a554e34c2ad890d922f7a6f5f33900f835ba2db4cc5ac0944331a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://encompassloconnect.com https://.encompassloconnect.com https://ellieservices.com https://.ellieservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://encompassloconnect.com https://*.encompassloconnect.com https://ellieservices.com https://*.ellieservices.com;
content-encoding: gzip
x-dns-prefetch-control: off
content-security-policy-report-only: report-uri https://sentry.io/api/285406/security/?sentry_key=4838404aafea4aa3a71968579571e131 ; default-src 'self' data: https: wss: ; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: wss: ; style-src 'self' 'unsafe-inline' https: ; img-src 'self' data: blob: https: ; font-src 'self' data: https: ; connect-src 'self' https: wss: ; child-src 'self' blob: ; frame-src 'self' https: ; worker-src 'self' blob:
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 26 Apr 2023 20:46:52 GMT
server: nginx
etag: W/"64498dbc-1d943"
x-download-options: noopen
x-frame-options: sameorigin
content-type: text/css
cache-control: max-age=31536000, public
expires: Tue, 30 Apr 2024 15:25:40 GMT

GET
H2 200 es5.js Show response
unpkg.com/bowser@2.11.0/ 25 KB
6 KB 34ms
17ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/bowser@2.11.0/es5.js

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1be5ea9bb591a419d35215e734bc9aa5ca1b0fe447009a221c9f960ed28332a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:40 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1597424
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01G0GGAFGM6S8HNH11VK2D9ZF9-fra
server: cloudflare
etag: W/"658c-XW2aDp7SRio4xztlFpSvHsTPHtA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0909d5ef1a5c56-FRA

GET
H2 200 truework.main.c935b18dd351f34a6ecf.min.js Show response
dgoidxrjgsomp.cloudfront.net/assets/js/ 717 KB
219 KB 8ms
8ms Script
text/javascript 2600:9000:2251:200:6:12a5:ec40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js
Requested by: Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:200:6:12a5:ec40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9c7e9af9a62a0e04239f3a6f7f2d53364655bc832d7582d0541f598bf1aab99

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 03:54:10 GMT
content-encoding: gzip
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Wed, 26 Apr 2023 20:52:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 41491
x-amz-server-side-encryption: AES256
etag: W/"5982600cb129e2e3958276d092a25f89"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=31536000
x-amz-cf-id: tC2UtC4WWjV0lFbJU-p27BOmh6aeB0im7y4G3p4e4Sm_Ld-k0iCKWg==

GET
H2 200 truework.466cb31e2bb3e32b4038.css
dgoidxrjgsomp.cloudfront.net/assets/css/ 19 KB
4 KB 47ms
7ms Stylesheet
text/css 2600:9000:2251:200:6:12a5:ec40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgoidxrjgsomp.cloudfront.net/assets/css/truework.466cb31e2bb3e32b4038.css
Requested by: Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:200:6:12a5:ec40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e9d74c03793ecf94c5680eb028c200c330854aa0e45ff6866aa1702e0644d11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:52:18 GMT
content-encoding: gzip
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Wed, 26 Apr 2023 20:52:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 5603
x-amz-server-side-encryption: AES256
etag: W/"3e66b81529991ca29809c6bffbe6eded"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public,max-age=31536000
x-amz-cf-id: -284kIg7asSYcODMDZbAA2hcRzNfu7IL4J1c_VRjHWZ1Dqo8GvrvqA==

GET
H2 200 logo.svg
app.truework.com/assets/images/ 1 KB
2 KB 109ms
108ms Image
image/svg+xml 18.118.75.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truework.com/assets/images/logo.svg

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.118.75.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-118-75-249.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b4adf4d6ac73d474c6a49c40a8989a9174524af20e8e578204dc27df6af764e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://encompassloconnect.com https://.encompassloconnect.com https://ellieservices.com https://.ellieservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://encompassloconnect.com https://*.encompassloconnect.com https://ellieservices.com https://*.ellieservices.com;
x-dns-prefetch-control: off
content-security-policy-report-only: report-uri https://sentry.io/api/285406/security/?sentry_key=4838404aafea4aa3a71968579571e131 ; default-src 'self' data: https: wss: ; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: wss: ; style-src 'self' 'unsafe-inline' https: ; img-src 'self' data: blob: https: ; font-src 'self' data: https: ; connect-src 'self' https: wss: ; child-src 'self' blob: ; frame-src 'self' https: ; worker-src 'self' blob:
content-length: 1450
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 26 Apr 2023 20:46:52 GMT
server: nginx
etag: "64498dbc-5aa"
x-download-options: noopen
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Tue, 30 Apr 2024 15:25:40 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 473 KB
128 KB 42ms
8ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2c4f8d66c9bae8c9f00d858fd7192dffcb5f86c4f2775a3abb1ac6143347b460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 01 May 2023 15:25:40 GMT
via: 1.1 varnish
age: 21
x-cache: HIT
content-length: 130379
x-request-id: 77627978-b9d6-4ba2-bd27-264030ee0874
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Sun, 30 Apr 2023 10:26:47 GMT
server: Fastly
etag: "e0c2fcb6f1be2cfafacb1bed780a0f67"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 fetch.umd.js Show response
unpkg.com/whatwg-fetch@3.0.0/dist/ 14 KB
4 KB 16ms
16ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/whatwg-fetch@3.0.0/dist/fetch.umd.js

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a0c4301b6e804a7a808eb69694ed08567605811ae9bef1d3f19c88e20bdec92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:40 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 15947641
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FK4T9B6X7BTRW71YV8YBZD7P
server: cloudflare
etag: W/"39d5-UI75N4tJ00i8iMkuAvRZcklx6l8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0909d63f585c56-FRA

GET
H2 200 polyfill.min.js Show response
unpkg.com/promise-polyfill@8.1.3/dist/ 3 KB
1 KB 15ms
14ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/promise-polyfill@8.1.3/dist/polyfill.min.js

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d66a9e827146c7cffff75212032752172352dc9eca81efe3ff413eb9e008f73a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:40 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7444277
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GRE39EEAGZATJEDW9RPGXEVH-fra
server: cloudflare
etag: W/"caf-UsKWMWUo1TBY0X5TKxxITvk219g"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0909d66f9d5c56-FRA

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
7 KB 34ms
19ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=02408aa8-e1cb-44df-84d5-6a362558e3c8

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21d2ea81f22f44525f201ad9f4702029e0b2bfe65d5a2b534104dbe4b2346bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:40 GMT
x-amz-version-id: PBHdtxERTX7HUmm2o8dmki0ZTZF0krHp
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QP2SBNNP88CPGSGC
age: 38
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: kkYPuRF8YRQavZKW9nxjx9qO1/aklTj8puEZDtsrJPGahxlc0+e9Od2iMCLJJyz6EfSMYRsrqxM=
last-modified: Fri, 17 Mar 2023 01:24:00 GMT
server: cloudflare
etag: W/"35755063f184195a50a9c07a2c71693a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BtJjGIUUKdTwgHVkUGAyAD09HDiVUNrKQjk69A%2BB5Hp%2B0Yjy%2FyC2utZKlkupj%2FeVK06TlrySg9pitKb%2Flq1xw9ynj1TKi1SHifdh0jNbJUPhx5qgQsUySQUKdBUUxDHW3oKOC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 7c0909d69cc5bb9b-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 36ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KZX4MD5XZJ&gtm=45je34q0&_p=1644271028&_gaz=1&cid=1428141367.1682954740&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682954740&sct=1&seg=0&dl=https%3A%2F%2Fapp.truework.com%2Femployer%2Fincoming%2Freport%2FAAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-%2F&dt=Truework%20%7C%20Employment%20%26%20Income%20Verification&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KZX4MD5XZJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.truework.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 63ms
21ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KZX4MD5XZJ&cid=1428141367.1682954740&gtm=45je34q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KZX4MD5XZJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.truework.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 64ms
43ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KZX4MD5XZJ&cid=1428141367.1682954740&gtm=45je34q0&aip=1&z=1262407672

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 02408aa8-e1cb-44df-84d5-6a362558e3c8 Show response
ekr.zdassets.com/compose/ 440 B
1 KB 206ms
190ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/02408aa8-e1cb-44df-84d5-6a362558e3c8

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=02408aa8-e1cb-44df-84d5-6a362558e3c8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56782be53aef9b2853cf9efe899fdb83340b9701e794e92be2a86b69b8b846a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:40 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 7bdc041d1a696901-SEA, 7bdc041d1a696901-SEA
x-runtime: 0.003973
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"56782be53aef9b2853cf9efe899fdb83"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LWnR%2FfrFoC4ILtIIOZ4zCUbqAV725jZlAaJrc%2FlENywcCo%2BKweZKr%2FG9WmFu%2BZmlYQqRuzSLSviW9qHGtcucsQMJelaNbiGeIAdWMTIgY3uzuTf9GQhZcqAj%2FGRV%2BLLbB8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 7c0909d75f375b50-FRA

GET
H2 200 logger-1.min.js Show response
cdn.lr-in-prod.com/ 819 KB
163 KB 66ms
29ms Script
text/javascript 2606:4700:3034::ac43:a57f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-in-prod.com/logger-1.min.js

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a57f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c33a79b0af93000386340e5bcf6e653ea2a4b3350e18a6cabf43d770a90cac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:40 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 135
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230051-FRA
last-modified: Fri, 28 Apr 2023 21:55:35 GMT
server: cloudflare
x-timer: S1682719028.240130,VS0,VE1
etag: W/"4799df945afa5e9142f69d67805baa8d638420b21d4406d9bf6a12887c942048"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ou4VhwkK3bG7i6R6%2FCcxE%2BCPJfIHLshXzBr6wgxPInjAFpjvygDRsJceBgQgbFLEwR%2B%2BBdQF7sFDy4Cry1tadiuITKou9j9nUGEnkII2cyQ7O%2BRLkob6%2BFj31FvMyjgzbtHX1cifqH9rJSEMMuubRjw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7c0909d82c173830-FRA
x-cache-hits: 1

GET
H2 200 9vTRwbu1YJYpxrM5ZYMkHD.json Show response
cdn.optimizely.com/datafiles/ 97 KB
14 KB 224ms
148ms XHR
application/json 2a02:26f0:480:5b0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/datafiles/9vTRwbu1YJYpxrM5ZYMkHD.json

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:5b0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0e96b42bdcb409694d7f6e7731db738778af49ef5790dccd278b48eecfc6c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: nEof3ukMfX4QIOSupB6RU1D95xBFkHzc
content-encoding: gzip
date: Mon, 01 May 2023 15:25:40 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: YF4BXYGE4CA5T2MC
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 3259
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=MISS, edge; dur=5, origin; dur=108, cdn;desc="AkamaiION";dur=0,rtt;desc="23";dur=0,cdnip;desc="2a02:26f0:480:5b0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="467487_35115186_568100475_11262_1985_23_0";dur=1
content-length: 13528
x-amz-id-2: f4lXxs8SHKRslSVtuv+twp6+yDvs4zJJnqyZIvhI4aHs2axmv4GSl9OMXvlvnwj1gj+to3yG6Wc=
last-modified: Fri, 28 Apr 2023 21:05:28 GMT
server: AmazonS3
etag: "2c4ce7ee6936077c7b2b4613c53fa78e"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 604800
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length
cache-control: max-age=118
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/ 104 KB
28 KB 270ms
204ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/analytics.min.js
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f65b66433c24c480f9dac5e30b155110e23580a6f404da61d549d651aedab41f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: ixpGkh6vyL5V.H2hITJilpaZCdF3dNEv
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
date: Mon, 01 May 2023 15:25:41 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Apr 2023 22:13:57 GMT
server: AmazonS3
etag: W/"7b6bf7eaaaff65a0dd29401fbc44e5ca"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: 9vLp-2DlclrMA1YeuYUPxJzUvfPmGsFE2qHYiyElI16oLVuEXqk0XQ==

POST
H/1.1 200
OK / Show response
sentry.io/api/1374969/envelope/ 2 B
442 B 475ms
116ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1374969/envelope/?sentry_key=e39052abc6d140d39d4d3c9858aa2d82&sentry_version=7&sentry_client=sentry.javascript.react%2F7.36.0

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.truework.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 01 May 2023 15:25:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
vary: origin,access-control-request-method,access-control-request-headers
Content-Type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 2

GET
H2 200 is-authenticated Show response
app.truework.com/api/auth/ 27 B
505 B 123ms
123ms Fetch
application/json 18.118.75.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truework.com/api/auth/is-authenticated

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.118.75.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-118-75-249.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4d8a159b47d1f254ea6e4a392d3eee330ca0b0c1c5230ca3390bd46f5cb34dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
accept-language: de-DE,de;q=0.9
X-TW-LogRocket-ID: undefined
X-TW-Page-Request-ID: c623101c-161d-49d9-bbe1-2d6f6fb6c181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Accept: application/json
Referer: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/
TW-Tracking-Id
X-CSRFToken
X-LogRocket-URL

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:40 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
x-api-version: e3dd64959eef967d3a32ef2bca745df217d49125
cross-origin-opener-policy: same-origin
allow: GET, OPTIONS, HEAD
x-frame-options: DENY
content-type: application/json
vary: Origin, Cookie
cache-control: no-cache, no-store, must-revalidate
content-length: 27
truework-trace-id: 6WcnthsdhQrdpQ41AbXEYX
expires: 0

GET
H2 200 / Show response
app.truework.com/api/auth/csrf/ 2 B
599 B 124ms
123ms Fetch
application/json 18.118.75.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truework.com/api/auth/csrf/

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.118.75.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-118-75-249.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
accept-language: de-DE,de;q=0.9
X-TW-LogRocket-ID: undefined
X-TW-Page-Request-ID: c623101c-161d-49d9-bbe1-2d6f6fb6c181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Accept: application/json
Referer: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/
TW-Tracking-Id
X-CSRFToken
X-LogRocket-URL

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:40 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
x-api-version: e3dd64959eef967d3a32ef2bca745df217d49125
cross-origin-opener-policy: same-origin
x-frame-options: DENY
allow: GET, OPTIONS
content-type: application/json
vary: Cookie, Origin
cache-control: no-cache, no-store, must-revalidate
content-length: 2
truework-trace-id: 3IAQY92Q3JDPyjpw06Sbe8
expires: 0

POST
H2 200 / Show response
app.truework.com/api/trueflag/experiments/ 617 B
1 KB 140ms
139ms Fetch
application/json 18.118.75.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truework.com/api/trueflag/experiments/

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.118.75.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-118-75-249.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a2eaf030b7afbdc298e2f68f9ff9992469b87b5d1effc296bb525fe27bacc45e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
accept-language: de-DE,de;q=0.9
X-TW-LogRocket-ID: undefined
X-TW-Page-Request-ID: c623101c-161d-49d9-bbe1-2d6f6fb6c181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/
TW-Tracking-Id
X-CSRFToken
X-LogRocket-URL

Response headers

date: Mon, 01 May 2023 15:25:40 GMT
x-content-type-options: nosniff
x-api-version: e3dd64959eef967d3a32ef2bca745df217d49125
content-length: 617
pragma: no-cache
referrer-policy: same-origin
server: nginx
cross-origin-opener-policy: same-origin
allow: POST, OPTIONS
x-frame-options: DENY
content-type: application/json
vary: Origin, Cookie
access-control-allow-origin: https://app.truework.com
access-control-expose-headers: content-length
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
truework-trace-id: 5W74yRMBSt9aZFli1hleUz
expires: 0

GET
H2 200 web-widget-framework-c0c9b7521aeb969bfe7a.js Show response
static.zdassets.com/web_widget/latest/ Frame 40C3 163 KB
51 KB 23ms
23ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-c0c9b7521aeb969bfe7a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=02408aa8-e1cb-44df-84d5-6a362558e3c8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

558ab8aa7080f2b2aa2087c887a56a0b70a5c72b53652b5834db974a2da251a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:40 GMT
x-amz-version-id: Ha_jeBLFDxKqCRZFj4ioZtS8.P8OrmHL
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: N1WGMCR8MNGBN63H
age: 472664
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: yJyucI3OAiKL89/D4BP7DiphAVqb4zdylpYOwb0Li+Jg/HH6gtJ/TNaR8phEr1kv9ipysY3Gkbj9LefmEicc5g==
last-modified: Fri, 21 Apr 2023 11:12:24 GMT
server: cloudflare
etag: W/"79caa19bb3d48aa779ab7af954c6b913"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYB%2Bt7fOWFntO3ZJIaYzHXRQ1dYc8ST46sRqlaqiwhHgFeiCIYMfLEDtaX7eBjJJOPlzKT1ei8aSypx0Pjeuv7i07Z23vCuJ219zubZ4E7yAHKPJF9pkBEdTlRD4hHYGNJKu0Cs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7c0909d8ff35bb9b-FRA
expires: Sat, 20 Apr 2024 11:12:23 GMT

GET
BLOB 200
OK b56234c4-f4e6-41bb-a5b7-feab17e45a8c
https://app.truework.com/ 455 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.truework.com/b56234c4-f4e6-41bb-a5b7-feab17e45a8c
Requested by: Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ac350e2b079daf1247e25cd7868f1479d63f91506caed4db9b75053b917305c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 465832
Content-Type

GET
H2 200 config Show response
truework-contact.zendesk.com/embeddable/ Frame 40C3 1017 B
1 KB 184ms
142ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://truework-contact.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c0c9b7521aeb969bfe7a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84db296f8f6211a7ab1ecce758665dbfe51fa9458eff32005c619c0d28463da5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-7cc8bfb759-vbj6t
x-cached: MISS
x-request-id: 7c0909d9bfecbb8c-IAD
x-runtime: 0.002529
last-modified: Mon, 01 May 2023 15:25:40 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzlorQnnL2BX5ErSF0I8FV4oTKVD45lyA91zeZuWQTT2BZtwOVBjytaFzy5I9btI%2BYTB3b0LM5jgpzY81XOmhA8MFwRwg%2FTomNbMQottci5ombN3qtECVIvLJN6jrcXG2ktWEmdto%2FvB%2B2CM%2FwU%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 7c0909d9bfecbb8c-FRA

GET
H2 200 truework.403.edbe8c270279a2747f7d.min.js Show response
dgoidxrjgsomp.cloudfront.net/assets/js/ 969 KB
200 KB 8ms
7ms Script
text/javascript 2600:9000:2251:200:6:12a5:ec40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.403.edbe8c270279a2747f7d.min.js
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:200:6:12a5:ec40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8853a2b610928c278c709e5868fc6c272b3f826a992382b5fcb47f949e4f3cba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:32:38 GMT
content-encoding: gzip
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Wed, 26 Apr 2023 20:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 71583
x-amz-server-side-encryption: AES256
etag: W/"8163353dd2bba92469de6288cefa5bb9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=31536000
x-amz-cf-id: VzUvXsHCqfDcNqC7LphTLW3jvMg9yGjj8uqEOGdM2ay4SCQ2H7L0Hg==

GET
H2 200 truework.118.b9c527d92fdf9c22ad76.min.js Show response
dgoidxrjgsomp.cloudfront.net/assets/js/ 1 MB
291 KB 8ms
8ms Script
text/javascript 2600:9000:2251:200:6:12a5:ec40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.118.b9c527d92fdf9c22ad76.min.js
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:200:6:12a5:ec40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 180014f647e930e88f3e873bb4a44422087c5bf894a356b6fbb3408706620e53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 21:29:30 GMT
content-encoding: gzip
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Wed, 26 Apr 2023 20:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 64571
x-amz-server-side-encryption: AES256
etag: W/"a5660dfbac8feb18b745b3178e847a64"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=31536000
x-amz-cf-id: 9kPOen1riuSMcmC-Z1mQrZq58UdDNY1oU-iW-FsgRtNEnXG43tq0mA==

GET
H2 200 truework.81.e916101e31c267893224.min.js Show response
dgoidxrjgsomp.cloudfront.net/assets/js/ 248 KB
69 KB 22ms
22ms Script
text/javascript 2600:9000:2251:200:6:12a5:ec40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.81.e916101e31c267893224.min.js
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:200:6:12a5:ec40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d8d1143500cfe495523a1b8a3cd35ae9857d8d6b4ad0d2da02838874f0dbc9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 21:29:30 GMT
content-encoding: gzip
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Wed, 26 Apr 2023 20:52:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 64570
x-amz-server-side-encryption: AES256
etag: W/"96166eaa95d092b01df47a9942492675"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=31536000
x-amz-cf-id: OB99IwtvkdnDbODtVIi0vutPNn7WHpscS-VsuD9Gf5OJfkubTGKTTg==

GET
H2 200 truework.e1084d0435c39f06c6e2.css
dgoidxrjgsomp.cloudfront.net/assets/css/ 445 B
825 B 44ms
44ms Stylesheet
text/css 2600:9000:2251:200:6:12a5:ec40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgoidxrjgsomp.cloudfront.net/assets/css/truework.e1084d0435c39f06c6e2.css
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:200:6:12a5:ec40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a4f785d62a155af5d5663e799162c761b322ab778fb6678123875f7c0caa624

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 20:10:22 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Wed, 26 Apr 2023 20:52:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 69319
etag: "af39c0c29908152f15fe91af493db635"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 445
x-amz-cf-id: UXoa_sbApiupuMW7TUs_BlLY_QnAUaO0aD8yCDqwoXgRzh51YO4c1w==

GET
H2 200 truework.839.6f93ef32a6d4ad795dbb.min.js Show response
dgoidxrjgsomp.cloudfront.net/assets/js/ 893 KB
231 KB 45ms
45ms Script
text/javascript 2600:9000:2251:200:6:12a5:ec40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.839.6f93ef32a6d4ad795dbb.min.js
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:200:6:12a5:ec40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 566a16d2bf032bcf6828d55a4fef40cc306348ce7b8e107599a6ae0978d874f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 21:29:31 GMT
content-encoding: gzip
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Wed, 26 Apr 2023 20:52:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 64570
x-amz-server-side-encryption: AES256
etag: W/"d1a62a12b189bbb9ce3fd0b63866badf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=31536000
x-amz-cf-id: DI7P9-sPr2N6m9E1YWK_WjUoRHWo0t88FMr17Pqx3Sq6D9HgYvrcMg==

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/ 5 KB
2 KB 94ms
9ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/settings
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccc5c0e08b51c13a10d1d6471e34d923479cf4a51dab3833248d6275b9535730

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 3MnxdQn4WYQhVFcLBaCcYCILzn40BA3d
content-encoding: br
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
date: Mon, 01 May 2023 12:48:51 GMT
x-amz-cf-pop: FRA6-C1
age: 9410
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Apr 2023 22:13:58 GMT
server: AmazonS3
etag: W/"a07af1d64ecfe2c97a2e70c2e70ba6bb"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: 7W7ENLMfBWYTfxG-GIyMGRa3OH1f2esf-WvT-o2OMqZL-6arcFMC0w==

GET
H/1.1 200
OK delighted.js Show response
d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/WEDNdoDF0ZWfbhEj/ 91 KB
31 KB 263ms
202ms Script
text/javascript 13.32.118.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/WEDNdoDF0ZWfbhEj/delighted.js

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-85.fra60.r.cloudfront.net

Software

Resource Hash

193344b577448c1a61b6f2d4a5c7dc1ef44e2e12a8eba901e6257914cc425a98

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com http://fonts.intercomcdn.com http://.auryc.com https://dcx14qs33eg2z.cloudfront.net; style-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.weglot.com https://fonts.googleapis.com https://tagmanager.google.com https://heapanalytics.com https://app-sj30.marketo.com https://cdn.zapier.com https://dcx14qs33eg2z.cloudfront.net; object-src 'none'; media-src 'self' https://beacon-v2.helpscout.net https://js.intercomcdn.com/ https://dcx14qs33eg2z.cloudfront.net; img-src 'self' data: http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.google.com https://app.intercom.io https://app.pendo.io https://a.opmnstr.com https://api.omappapi.com https://analytics.twitter.com https://app-sj30.marketo.com https://bat.bing.com https://beacon-v2.helpscout.net https://cdn.heapanalytics.com https://cdn.pendo.io https://cdn.weglot.com https://connect.facebook.net https://ct.capterra.com https://data.pendo.io https://googleads.g.doubleclick.net https://heapanalytics.com https://js.intercomcdn.com https://js.pusher.com https://js.stripe.com https://munchkin.marketo.net https://pendo-io-static.storage.googleapis.com https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://rum-static.pingdom.net https://script.crazyegg.com https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://widget.intercom.io https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://zapier.com https://cdn.zapier.com https://.quora.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://public.profitwell.com https://static.profitwell.com https://polyfill.io https://d3dy5gmtp8yhk7.cloudfront.net/ https://d2yyd1h5u9mauk.cloudfront.net https://dcx14qs33eg2z.cloudfront.net; frame-src 'self' https://accounts.google.com https://app.pendo.io https://js.stripe.com https://beacon-v2.helpscout.net https://bid.g.doubleclick.net https://tpc.googlesyndication.com https://app-sj30.marketo.com https://qglobalops.co1.qualtrics.com; connect-src 'self' https://delighted.com https://.delighted.com https://api.delighted.com https://accounts.google.com https://api-iam.intercom.io https://api-ping.intercom.io https://api.intercom.io https://api.zapier.com https://zapier.com https://app.pendo.io https://bat.bing.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://cdn.weglot.com https://cdn-api-weglot.com https://d3hb14vkzrxvla.cloudfront.net https://data.pendo.io https://heapanalytics.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://script.crazyegg.com https://stats.g.doubleclick.net https://tracking.crazyegg.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://www.google-analytics.com https://www.google.com https://www2.profitwell.com https://099-SJL-057.mktorest.com https://.pusher.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://.quora.com https://.auryc.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io wss://ws.pusher.com wss://ws.pusherapp.com https://dcx14qs33eg2z.cloudfront.net; report-uri https://fb4qdnkh2k.execute-api.us-east-1.amazonaws.com/default
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 15:25:41 GMT
Content-Security-Policy: default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com http://fonts.intercomcdn.com http://*.auryc.com https://dcx14qs33eg2z.cloudfront.net; style-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.weglot.com https://fonts.googleapis.com https://tagmanager.google.com https://heapanalytics.com https://app-sj30.marketo.com https://cdn.zapier.com https://dcx14qs33eg2z.cloudfront.net; object-src 'none'; media-src 'self' https://beacon-v2.helpscout.net https://js.intercomcdn.com/ https://dcx14qs33eg2z.cloudfront.net; img-src 'self' data: http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.google.com https://app.intercom.io https://app.pendo.io https://a.opmnstr.com https://api.omappapi.com https://analytics.twitter.com https://app-sj30.marketo.com https://bat.bing.com https://beacon-v2.helpscout.net https://cdn.heapanalytics.com https://cdn.pendo.io https://cdn.weglot.com https://connect.facebook.net https://ct.capterra.com https://data.pendo.io https://googleads.g.doubleclick.net https://heapanalytics.com https://js.intercomcdn.com https://js.pusher.com https://js.stripe.com https://munchkin.marketo.net https://pendo-io-static.storage.googleapis.com https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://rum-static.pingdom.net https://script.crazyegg.com https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://widget.intercom.io https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://zapier.com https://cdn.zapier.com https://*.quora.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://public.profitwell.com https://static.profitwell.com https://polyfill.io https://d3dy5gmtp8yhk7.cloudfront.net/ https://d2yyd1h5u9mauk.cloudfront.net https://dcx14qs33eg2z.cloudfront.net; frame-src 'self' https://accounts.google.com https://app.pendo.io https://js.stripe.com https://beacon-v2.helpscout.net https://bid.g.doubleclick.net https://tpc.googlesyndication.com https://app-sj30.marketo.com https://qglobalops.co1.qualtrics.com; connect-src 'self' https://delighted.com https://*.delighted.com https://api.delighted.com https://accounts.google.com https://api-iam.intercom.io https://api-ping.intercom.io https://api.intercom.io https://api.zapier.com https://zapier.com https://app.pendo.io https://bat.bing.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://cdn.weglot.com https://cdn-api-weglot.com https://d3hb14vkzrxvla.cloudfront.net https://data.pendo.io https://heapanalytics.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://script.crazyegg.com https://stats.g.doubleclick.net https://tracking.crazyegg.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://www.google-analytics.com https://www.google.com https://www2.profitwell.com https://099-SJL-057.mktorest.com https://*.pusher.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://*.quora.com https://*.auryc.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io wss://ws.pusher.com wss://ws.pusherapp.com https://dcx14qs33eg2z.cloudfront.net; report-uri https://fb4qdnkh2k.execute-api.us-east-1.amazonaws.com/default
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 29118d1e3d74a921883b9059d9853b8d
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.095613
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=120, public
X-Amz-Cf-Id: Jq3hzGnLD_fzXf-IzHA60n1k9WZUmIWH6fwyLemmE8CJ41KXPoPZLw==

GET
H/1.1 200
OK delightedCsat.js Show response
d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/8OUbyxY7uJGpZTp6/ 89 KB
31 KB 408ms
347ms Script
text/javascript 13.32.118.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/8OUbyxY7uJGpZTp6/delightedCsat.js

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-85.fra60.r.cloudfront.net

Software

Resource Hash

415752888b1c945ea301c8e5505260c730d781bc5afbe9bd5307ae08e7b5a196

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com http://fonts.intercomcdn.com http://.auryc.com https://dcx14qs33eg2z.cloudfront.net; style-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.weglot.com https://fonts.googleapis.com https://tagmanager.google.com https://heapanalytics.com https://app-sj30.marketo.com https://cdn.zapier.com https://dcx14qs33eg2z.cloudfront.net; object-src 'none'; media-src 'self' https://beacon-v2.helpscout.net https://js.intercomcdn.com/ https://dcx14qs33eg2z.cloudfront.net; img-src 'self' data: http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.google.com https://app.intercom.io https://app.pendo.io https://a.opmnstr.com https://api.omappapi.com https://analytics.twitter.com https://app-sj30.marketo.com https://bat.bing.com https://beacon-v2.helpscout.net https://cdn.heapanalytics.com https://cdn.pendo.io https://cdn.weglot.com https://connect.facebook.net https://ct.capterra.com https://data.pendo.io https://googleads.g.doubleclick.net https://heapanalytics.com https://js.intercomcdn.com https://js.pusher.com https://js.stripe.com https://munchkin.marketo.net https://pendo-io-static.storage.googleapis.com https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://rum-static.pingdom.net https://script.crazyegg.com https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://widget.intercom.io https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://zapier.com https://cdn.zapier.com https://.quora.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://public.profitwell.com https://static.profitwell.com https://polyfill.io https://d3dy5gmtp8yhk7.cloudfront.net/ https://d2yyd1h5u9mauk.cloudfront.net https://dcx14qs33eg2z.cloudfront.net; frame-src 'self' https://accounts.google.com https://app.pendo.io https://js.stripe.com https://beacon-v2.helpscout.net https://bid.g.doubleclick.net https://tpc.googlesyndication.com https://app-sj30.marketo.com https://qglobalops.co1.qualtrics.com; connect-src 'self' https://delighted.com https://.delighted.com https://api.delighted.com https://accounts.google.com https://api-iam.intercom.io https://api-ping.intercom.io https://api.intercom.io https://api.zapier.com https://zapier.com https://app.pendo.io https://bat.bing.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://cdn.weglot.com https://cdn-api-weglot.com https://d3hb14vkzrxvla.cloudfront.net https://data.pendo.io https://heapanalytics.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://script.crazyegg.com https://stats.g.doubleclick.net https://tracking.crazyegg.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://www.google-analytics.com https://www.google.com https://www2.profitwell.com https://099-SJL-057.mktorest.com https://.pusher.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://.quora.com https://.auryc.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io wss://ws.pusher.com wss://ws.pusherapp.com https://dcx14qs33eg2z.cloudfront.net; report-uri https://fb4qdnkh2k.execute-api.us-east-1.amazonaws.com/default
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 15:25:41 GMT
Content-Security-Policy: default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com http://fonts.intercomcdn.com http://*.auryc.com https://dcx14qs33eg2z.cloudfront.net; style-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.weglot.com https://fonts.googleapis.com https://tagmanager.google.com https://heapanalytics.com https://app-sj30.marketo.com https://cdn.zapier.com https://dcx14qs33eg2z.cloudfront.net; object-src 'none'; media-src 'self' https://beacon-v2.helpscout.net https://js.intercomcdn.com/ https://dcx14qs33eg2z.cloudfront.net; img-src 'self' data: http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.google.com https://app.intercom.io https://app.pendo.io https://a.opmnstr.com https://api.omappapi.com https://analytics.twitter.com https://app-sj30.marketo.com https://bat.bing.com https://beacon-v2.helpscout.net https://cdn.heapanalytics.com https://cdn.pendo.io https://cdn.weglot.com https://connect.facebook.net https://ct.capterra.com https://data.pendo.io https://googleads.g.doubleclick.net https://heapanalytics.com https://js.intercomcdn.com https://js.pusher.com https://js.stripe.com https://munchkin.marketo.net https://pendo-io-static.storage.googleapis.com https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://rum-static.pingdom.net https://script.crazyegg.com https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://widget.intercom.io https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://zapier.com https://cdn.zapier.com https://*.quora.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://public.profitwell.com https://static.profitwell.com https://polyfill.io https://d3dy5gmtp8yhk7.cloudfront.net/ https://d2yyd1h5u9mauk.cloudfront.net https://dcx14qs33eg2z.cloudfront.net; frame-src 'self' https://accounts.google.com https://app.pendo.io https://js.stripe.com https://beacon-v2.helpscout.net https://bid.g.doubleclick.net https://tpc.googlesyndication.com https://app-sj30.marketo.com https://qglobalops.co1.qualtrics.com; connect-src 'self' https://delighted.com https://*.delighted.com https://api.delighted.com https://accounts.google.com https://api-iam.intercom.io https://api-ping.intercom.io https://api.intercom.io https://api.zapier.com https://zapier.com https://app.pendo.io https://bat.bing.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://cdn.weglot.com https://cdn-api-weglot.com https://d3hb14vkzrxvla.cloudfront.net https://data.pendo.io https://heapanalytics.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://script.crazyegg.com https://stats.g.doubleclick.net https://tracking.crazyegg.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://www.google-analytics.com https://www.google.com https://www2.profitwell.com https://099-SJL-057.mktorest.com https://*.pusher.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://*.quora.com https://*.auryc.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io wss://ws.pusher.com wss://ws.pusherapp.com https://dcx14qs33eg2z.cloudfront.net; report-uri https://fb4qdnkh2k.execute-api.us-east-1.amazonaws.com/default
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 0ecc0422f527b5f39291d4ff2fbb3533
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.060619
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=120, public
X-Amz-Cf-Id: 7DAIJ3O0yWcGa6ZadfnwpzBhsPFS7Gy_Zb3_bPhpAyTHJajafEPCsg==

GET
H/1.1 200
OK delightedCsat2.js Show response
d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/09Bnn89MeKVQ9Osk/ 89 KB
31 KB 226ms
165ms Script
text/javascript 13.32.118.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/09Bnn89MeKVQ9Osk/delightedCsat2.js

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-85.fra60.r.cloudfront.net

Software

Resource Hash

c1203199deb1245f3cb663dc9d4093ce13652383d1fef18f99231ab04cef0b69

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com http://fonts.intercomcdn.com http://.auryc.com https://dcx14qs33eg2z.cloudfront.net; style-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.weglot.com https://fonts.googleapis.com https://tagmanager.google.com https://heapanalytics.com https://app-sj30.marketo.com https://cdn.zapier.com https://dcx14qs33eg2z.cloudfront.net; object-src 'none'; media-src 'self' https://beacon-v2.helpscout.net https://js.intercomcdn.com/ https://dcx14qs33eg2z.cloudfront.net; img-src 'self' data: http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.google.com https://app.intercom.io https://app.pendo.io https://a.opmnstr.com https://api.omappapi.com https://analytics.twitter.com https://app-sj30.marketo.com https://bat.bing.com https://beacon-v2.helpscout.net https://cdn.heapanalytics.com https://cdn.pendo.io https://cdn.weglot.com https://connect.facebook.net https://ct.capterra.com https://data.pendo.io https://googleads.g.doubleclick.net https://heapanalytics.com https://js.intercomcdn.com https://js.pusher.com https://js.stripe.com https://munchkin.marketo.net https://pendo-io-static.storage.googleapis.com https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://rum-static.pingdom.net https://script.crazyegg.com https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://widget.intercom.io https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://zapier.com https://cdn.zapier.com https://.quora.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://public.profitwell.com https://static.profitwell.com https://polyfill.io https://d3dy5gmtp8yhk7.cloudfront.net/ https://d2yyd1h5u9mauk.cloudfront.net https://dcx14qs33eg2z.cloudfront.net; frame-src 'self' https://accounts.google.com https://app.pendo.io https://js.stripe.com https://beacon-v2.helpscout.net https://bid.g.doubleclick.net https://tpc.googlesyndication.com https://app-sj30.marketo.com https://qglobalops.co1.qualtrics.com; connect-src 'self' https://delighted.com https://.delighted.com https://api.delighted.com https://accounts.google.com https://api-iam.intercom.io https://api-ping.intercom.io https://api.intercom.io https://api.zapier.com https://zapier.com https://app.pendo.io https://bat.bing.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://cdn.weglot.com https://cdn-api-weglot.com https://d3hb14vkzrxvla.cloudfront.net https://data.pendo.io https://heapanalytics.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://script.crazyegg.com https://stats.g.doubleclick.net https://tracking.crazyegg.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://www.google-analytics.com https://www.google.com https://www2.profitwell.com https://099-SJL-057.mktorest.com https://.pusher.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://.quora.com https://.auryc.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io wss://ws.pusher.com wss://ws.pusherapp.com https://dcx14qs33eg2z.cloudfront.net; report-uri https://fb4qdnkh2k.execute-api.us-east-1.amazonaws.com/default
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 15:25:41 GMT
Content-Security-Policy: default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com http://fonts.intercomcdn.com http://*.auryc.com https://dcx14qs33eg2z.cloudfront.net; style-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.weglot.com https://fonts.googleapis.com https://tagmanager.google.com https://heapanalytics.com https://app-sj30.marketo.com https://cdn.zapier.com https://dcx14qs33eg2z.cloudfront.net; object-src 'none'; media-src 'self' https://beacon-v2.helpscout.net https://js.intercomcdn.com/ https://dcx14qs33eg2z.cloudfront.net; img-src 'self' data: http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.google.com https://app.intercom.io https://app.pendo.io https://a.opmnstr.com https://api.omappapi.com https://analytics.twitter.com https://app-sj30.marketo.com https://bat.bing.com https://beacon-v2.helpscout.net https://cdn.heapanalytics.com https://cdn.pendo.io https://cdn.weglot.com https://connect.facebook.net https://ct.capterra.com https://data.pendo.io https://googleads.g.doubleclick.net https://heapanalytics.com https://js.intercomcdn.com https://js.pusher.com https://js.stripe.com https://munchkin.marketo.net https://pendo-io-static.storage.googleapis.com https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://rum-static.pingdom.net https://script.crazyegg.com https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://widget.intercom.io https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://zapier.com https://cdn.zapier.com https://*.quora.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://public.profitwell.com https://static.profitwell.com https://polyfill.io https://d3dy5gmtp8yhk7.cloudfront.net/ https://d2yyd1h5u9mauk.cloudfront.net https://dcx14qs33eg2z.cloudfront.net; frame-src 'self' https://accounts.google.com https://app.pendo.io https://js.stripe.com https://beacon-v2.helpscout.net https://bid.g.doubleclick.net https://tpc.googlesyndication.com https://app-sj30.marketo.com https://qglobalops.co1.qualtrics.com; connect-src 'self' https://delighted.com https://*.delighted.com https://api.delighted.com https://accounts.google.com https://api-iam.intercom.io https://api-ping.intercom.io https://api.intercom.io https://api.zapier.com https://zapier.com https://app.pendo.io https://bat.bing.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://cdn.weglot.com https://cdn-api-weglot.com https://d3hb14vkzrxvla.cloudfront.net https://data.pendo.io https://heapanalytics.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://script.crazyegg.com https://stats.g.doubleclick.net https://tracking.crazyegg.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://www.google-analytics.com https://www.google.com https://www2.profitwell.com https://099-SJL-057.mktorest.com https://*.pusher.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://*.quora.com https://*.auryc.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io wss://ws.pusher.com wss://ws.pusherapp.com https://dcx14qs33eg2z.cloudfront.net; report-uri https://fb4qdnkh2k.execute-api.us-east-1.amazonaws.com/default
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 863a88d71c4f7e4f09b948e78ef1f42c
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.057756
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=120, public
X-Amz-Cf-Id: YQv6oaoqTiQ0Zag2xBtV6JAa5_FNvneWbL3wRPFk5DisWTwpJpW1mg==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 166ms
9ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono:400,700|Roboto:400,400i,500,700,700i,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.truework.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 205377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:22:44 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 157ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono:400,700|Roboto:400,400i,500,700,700i,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.truework.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 206126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:10:15 GMT

GET
H2 200 logo-mark.svg
app.truework.com/assets/images/ 459 B
1 KB 110ms
110ms Image
image/svg+xml 18.118.75.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truework.com/assets/images/logo-mark.svg

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.118.75.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-118-75-249.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f44c4cfd53120d742fc5b3f284e90f3c624fd7d853b17654e0c0c0e451e1454a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://encompassloconnect.com https://.encompassloconnect.com https://ellieservices.com https://.ellieservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://encompassloconnect.com https://*.encompassloconnect.com https://ellieservices.com https://*.ellieservices.com;
x-dns-prefetch-control: off
content-security-policy-report-only: report-uri https://sentry.io/api/285406/security/?sentry_key=4838404aafea4aa3a71968579571e131 ; default-src 'self' data: https: wss: ; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: wss: ; style-src 'self' 'unsafe-inline' https: ; img-src 'self' data: blob: https: ; font-src 'self' data: https: ; connect-src 'self' https: wss: ; child-src 'self' blob: ; frame-src 'self' https: ; worker-src 'self' blob:
content-length: 459
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 26 Apr 2023 20:46:52 GMT
server: nginx
etag: "64498dbc-1cb"
x-download-options: noopen
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Tue, 30 Apr 2024 15:25:41 GMT

GET
H2 200 controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html Show response
js.stripe.com/v3/ Frame ED0B 325 B
736 B 29ms
28ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f299570812f10a5431a335b867b9b72fa745fe0050f071f443603a47f34a8cdd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 51
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 01 May 2023 15:25:41 GMT
etag: "83cdc86c0f3d8d83bf6bac9f58a55da5"
last-modified: Thu, 27 Apr 2023 20:12:06 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 12
x-content-type-options: nosniff
x-request-id: 31ba543d-9ce5-4880-92d5-b45dbec32bc8
x-served-by: cache-fra-eddf8230079-FRA

GET
H2 404 / Show response
app.truework.com/api/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/incoming/ 23 B
378 B 126ms
125ms Fetch
application/json 18.118.75.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truework.com/api/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/incoming/

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.118.75.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-118-75-249.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

cacf8a32e69eabea7d57711f4ccbeed4d284e1bbd0789137936d388da707b9de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
accept-language: de-DE,de;q=0.9
X-TW-LogRocket-ID: 5-b3fe9aa9-d760-481b-9520-9e573ab1ad4c/0
X-TW-Page-Request-ID: c623101c-161d-49d9-bbe1-2d6f6fb6c181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Accept: application/json
Referer: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/
TW-Tracking-Id
X-CSRFToken: hMg0ykfNGi0I7nMg4hoEAIBlmbDdjKJb
X-LogRocket-URL

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:41 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
x-api-version: e3dd64959eef967d3a32ef2bca745df217d49125
cross-origin-opener-policy: same-origin
allow: GET, POST, HEAD, OPTIONS
x-frame-options: DENY
content-type: application/json
vary: Origin, Cookie
cache-control: no-cache, no-store, must-revalidate
content-length: 23
truework-trace-id: 5JN5YcXZ4250jcENysijrt
expires: 0

GET
H2 200 ajs-destination.bundle.a1b5627f72b6c90f2baa.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 6ms
6ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.a1b5627f72b6c90f2baa.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d976009e0ff2a163ec0fec368655f9d213b36817354f1d3f02cfbc99dbff51e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 20:54:43 GMT
x-amz-version-id: Fjraw.Lsd8HbYPy_0cCEVx.u3xIkkAr4
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1535459
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 13 Apr 2023 20:09:29 GMT
server: AmazonS3
etag: W/"dba2c033bf5f6f351c330af3a7fde619"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: lAr5wTYWPg6yxJAwefFDLFABMqCcGSzBdPpeNi-2S3HdfOUHjmMqBw==

GET
H2 200 web-widget-main-3a32751.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 40C3 1 MB
300 KB 23ms
23ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-3a32751.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c0c9b7521aeb969bfe7a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86ffd072440f9fa6f904bfa6dc20cc166dbd7dfc15d03c28425cef1a8ad2e6e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:41 GMT
x-amz-version-id: 9V4Ock9.KBDA21dgEE7tHkByHdjNJNtv
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: N1WJH0SDP9HR3AMK
age: 472665
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: iwvjz4kqmb/OKlxVYu18bAgBJr2tzaIOfmk7lF90zFBHAyEfgsJhl3DNpZ/xZwcnn1x4gbevtnM=
last-modified: Fri, 21 Apr 2023 11:15:05 GMT
server: cloudflare
etag: W/"1e776ee80f034fbe12faa2b2d77519e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izqiX6KB5q9U5SMQG1RpQ5lJggqnpHRpLs15oxE%2FdRE5TDRnrwZ%2BEPQuTIet6qqOwTPq6RFEhZVCMp2FRlyp0igSjXw1slK3XPPPUBAO%2BXs%2BLH4AeM5%2FB0%2BusZu4j8a%2B%2BhEAnKw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7c0909dcab31bb9b-FRA
expires: Sat, 20 Apr 2024 11:15:04 GMT

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 8ms
8ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 00:10:37 GMT
x-amz-version-id: MniMHHUYFjJc54scO3EWeBryCREtRHVz
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2214905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 06 Apr 2023 00:06:35 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: Wr0YtzA9TjtzxVV9MEfMnGucpehL1I1lcwTzmFc5fMEQzUZh9mamEQ==

GET
H2 200 google-adwords-new.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-adwords-new/1.3.0/ 4 KB
2 KB 8ms
7ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-adwords-new/1.3.0/google-adwords-new.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a33ab3ce110e9444cf5f27ced2788d62eb4343dfc8185a9c9e4e8e6fa38c7612

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 16:40:21 GMT
content-encoding: gzip
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-version-id: 6EqlUttx9xjgQs6Y82NaNS9Hy_6_uQd7
x-amz-cf-pop: FRA6-C1
age: 2328321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1656
last-modified: Thu, 23 Mar 2023 13:55:25 GMT
server: AmazonS3
etag: "76e6caac3528e83f1b3e2a920d4ec781"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: bOWzrh8QiVeWxbnHZk9NQI8C9a_jese1BYQGueiMuP9jlVK-bQQPFQ==

GET
H2 200 google-tag-manager.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 3 KB
2 KB 9ms
8ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 12:26:27 GMT
content-encoding: gzip
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-version-id: dHF36.vLMjw4djQogLlGeyFi4lweQ.Er
x-amz-cf-pop: FRA6-C1
age: 2602755
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1342
last-modified: Thu, 23 Mar 2023 13:55:25 GMT
server: AmazonS3
etag: "a1bed0458702cf863f2d24fb1b9d39ae"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: yUXYfdd19IkNic56f27nmqYi6U3wnZN2pgq9biVsJC8S7-U3liYoBA==

GET
H2 200 optimizely.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/optimizely/3.5.1/ 7 KB
3 KB 10ms
9ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/optimizely/3.5.1/optimizely.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cae962a70d36874622214e00e5f0da33974facafc55fb443757d8615359c413a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 08:29:05 GMT
content-encoding: gzip
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-version-id: Xs3iGTUsFB8rIA141DajUqDoeJL1kjrC
x-amz-cf-pop: FRA6-C1
age: 4085796
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2586
last-modified: Wed, 08 Feb 2023 17:50:06 GMT
server: AmazonS3
etag: "6ac19b71da72b08483644c17ed6a4986"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: s0alWS2Wf_T_C29hgjB81ZP6I51B17L0PG90Q0Nj503lXTt0fVsayQ==

GET
H2 200 linkedin-insight-tag.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/ 2 KB
2 KB 10ms
10ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 15:38:21 GMT
content-encoding: gzip
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-version-id: WX0gUOnff2NYvKXVxhDLkMPrGi3VMINE
x-amz-cf-pop: FRA6-C1
age: 5528841
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1061
last-modified: Wed, 08 Feb 2023 17:50:06 GMT
server: AmazonS3
etag: "9fb524ce2b800e7ddc8a15d53c31c3d1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: JMISH-b2sGIEuCqVgSZObM2gbQ_lDz9lcSUZX1Cq8J_kkjD9pgzp7Q==

POST
H2 200 csp-report
q.stripe.com/ Frame ED0B 0
719 B 713ms
323ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 01 May 2023 15:25:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682954741781415
x-envoy-upstream-service-time: 151
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 63
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682954741751143
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-619a48bc285ef73b842b3144461c7fe5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame ED0B 404 KB
98 KB 10ms
9ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

031b0889db1fceb6c266f956b25a9a95fc59e64c72e6bd7c30739c8296dcad0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 01 May 2023 15:25:41 GMT
via: 1.1 varnish
age: 328322
x-cache: HIT
content-length: 99723
x-request-id: 13425dae-91f1-4a87-aa35-0eec3ccc0fd8
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Thu, 27 Apr 2023 20:12:18 GMT
server: Fastly
etag: "ffdce8bed3d361dc6ab0efb3b0d43f4f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8151

GET
H2 200 controller-29563f727e5e752fc3bb42afc31979da.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame ED0B 450 KB
123 KB 9ms
9ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-29563f727e5e752fc3bb42afc31979da.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b6918f0f7a4745c4ff5f00786438935cf32c146f14dba7b96c37a054aa2df3ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 01 May 2023 15:25:41 GMT
via: 1.1 varnish
age: 338214
x-cache: HIT
content-length: 125905
x-request-id: d26fb9a0-7c5e-4ccf-aea0-26de109232ae
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Thu, 27 Apr 2023 17:26:46 GMT
server: Fastly
etag: "4fb125a47507653ef37e355469fe710f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7401

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 9ms
6ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Aq1WI5y5Gu3fdP1P3FD12DIBXkcDji3J/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:56:43 GMT
content-encoding: gzip
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-version-id: _CDAHRpSMnFhUQgRIVvCIby4N2cITv0X
x-amz-cf-pop: FRA6-C1
age: 246539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Mon, 17 Apr 2023 06:44:02 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: rpfZTFg1ksFiwdQs_JL_0pYpyqL4dIRhhWFYy0VwzYJtXszJmzGjsQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame ED0B 474 B
599 B 25ms
9ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

67bfc9cf85e8e19f06858b8301822def51335adaf3a539cf3cd7745d59d73306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 01 May 2023 15:25:41 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 21
x-cache: HIT
content-length: 281
x-request-id: 2c2b13a6-f452-4c95-8850-69f6cf118801
x-served-by: cache-fra-eddf8230095-FRA
last-modified: Sun, 30 Apr 2023 10:53:48 GMT
server: Fastly
etag: "225817f6c65dd57c4ac2ecee5d75b6e9"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 247485

GET
H2 200 embeddable_blip Show response
truework-contact.zendesk.com/ Frame 40C3 0
458 B 124ms
124ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://truework-contact.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiYXV0aGVudGljYXRlIjp7ImhlbHBDZW50ZXIiOmZhbHNlLCJjaGF0Ijp0cnVlfX19LCJidWlkIjoiMzg5NjgyNjJmOGNlNGJhYjlhYTM1NzlmYjk2YWQ2NGUiLCJzdWlkIjoiM2QyNzM5YWE2ZWMwNDVlM2IxOWJhNWIxOThiYzgyYmYiLCJ2ZXJzaW9uIjoiM2EzMjc1MSIsInRpbWVzdGFtcCI6IjIwMjMtMDUtMDFUMTU6MjU6NDEuNTQ3WiIsInVybCI6Imh0dHBzOi8vYXBwLnRydWV3b3JrLmNvbS9lbXBsb3llci9pbmNvbWluZy9yZXBvcnQvQUFBQUFBQUNOSnNBQ0xEdkpQVGVEeFpqYjdNc1Nsd2dQN0N1d004UWpfQnlqXzZZc0x5MWtQSC0vIn0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c0c9b7521aeb969bfe7a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:41 GMT
cf-cache-status: MISS
last-modified: Mon, 01 May 2023 15:25:41 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fskaWTJjAMD%2BRZLCHaF7%2Fy7aPX36WvRJHD1eOsR%2FjmZJ%2Borp0iDkPRa%2BLiQV6Y1i%2BnF40AdhghGRUYFxGDbUM8rvcD3m4ToZjYL3jDnRhnWXA8AAmrhdawZ6QbIKO8%2FAhcm8ln584VfNS1a4vGM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7c0909debcafbb8c-FRA
content-length: 0
x-request-id: 7c0909debcafbb8c-IAD

GET
H2 200 en-us-json-3a32751.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 40C3 25 KB
6 KB 27ms
27ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-3a32751.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-3a32751.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b1e453d0d95718e19766d3023ea82dc059f728f3b112b7980773c109ac0bd31

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:41 GMT
x-amz-version-id: F6AHT_xn3trURXhJXeJ4DOoBnCPHMfcW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: SZY88M16H09VYVKQ
age: 472663
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: DAWtr1HZpJE2mCru1xbe37kBmx+ZU8dYWob7WSwxGzwePiGcNeWIqSf6yd10dWYF6wf4Ho+BGHQ=
last-modified: Fri, 21 Apr 2023 11:15:07 GMT
server: cloudflare
etag: W/"89b68f56c96d15075b04b0ea633eabf1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k55pjv88W8Q2vDDiXebsepXRr7OZoCeqTmYBpj751ud2TqTFlB0Q1hGKOiwHZr40FLI1MCi9i7VZTnVEYlp0bvF%2FTSAxPt8WCYrK1ehwPPBFdufB55Fb0K8k7Z8M2ajwHm8kW3k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7c0909debd66bb9b-FRA
expires: Sat, 20 Apr 2024 11:15:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
68 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-823916003

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55d62067bd66d181a838e31a2c3ddb65822f52e0f297a2c3cd2c68e40bc5e655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69844
x-xss-protection: 0
last-modified: Mon, 01 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 May 2023 15:25:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 233 KB
82 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCN4X7P&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

104812d390123a62b8e24b345f8e95a85c48c5c34c5fc75176bf63d545745f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83990
x-xss-protection: 0
last-modified: Mon, 01 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 May 2023 15:25:41 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 55ms
18ms Script
application/x-javascript 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=23387
accept-ranges: bytes
content-length: 4777

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
175 B 560ms
182ms Fetch
application/json 44.227.186.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.186.215 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-186-215.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://app.truework.com
date: Mon, 01 May 2023 15:25:42 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 0 Show response
r.stripe.com/ Frame ED0B 0
274 B 682ms
338ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 01 May 2023 15:25:42 GMT
x-stripe-server-envoy-start-time-us: 1682954742205275
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682954742205054
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ED0B 0
274 B 679ms
337ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 01 May 2023 15:25:42 GMT
x-stripe-server-envoy-start-time-us: 1682954742205623
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682954742205264
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ED0B 0
274 B 680ms
338ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 01 May 2023 15:25:42 GMT
x-stripe-server-envoy-start-time-us: 1682954742205916
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682954742205581
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ED0B 0
275 B 677ms
335ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 01 May 2023 15:25:42 GMT
x-stripe-server-envoy-start-time-us: 1682954742205440
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682954742205137
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ED0B 0
274 B 678ms
336ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 01 May 2023 15:25:42 GMT
x-stripe-server-envoy-start-time-us: 1682954742205609
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682954742205314
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ED0B 0
274 B 682ms
341ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 01 May 2023 15:25:42 GMT
x-stripe-server-envoy-start-time-us: 1682954742206015
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682954742205496
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ED0B 0
274 B 682ms
341ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 01 May 2023 15:25:42 GMT
x-stripe-server-envoy-start-time-us: 1682954742205737
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682954742205457
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ED0B 0
274 B 676ms
336ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 01 May 2023 15:25:42 GMT
x-stripe-server-envoy-start-time-us: 1682954742205711
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1682954742205385
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ED0B 0
274 B 683ms
343ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 01 May 2023 15:25:42 GMT
x-stripe-server-envoy-start-time-us: 1682954742205654
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682954742205195
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK / Show response
sentry.io/api/1374969/envelope/ 2 B
442 B 116ms
116ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1374969/envelope/?sentry_key=e39052abc6d140d39d4d3c9858aa2d82&sentry_version=7&sentry_client=sentry.javascript.react%2F7.36.0

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.truework.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 01 May 2023 15:25:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
vary: origin,access-control-request-method,access-control-request-headers
Content-Type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK / Show response
sentry.io/api/1374969/envelope/ 41 B
482 B 233ms
116ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1374969/envelope/?sentry_key=e39052abc6d140d39d4d3c9858aa2d82&sentry_version=7&sentry_client=sentry.javascript.react%2F7.36.0

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ec7d26acd254c146fb2652b94632dd2097d5f20281dafc17a5ab07db7695a829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.truework.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 01 May 2023 15:25:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
vary: origin,access-control-request-method,access-control-request-headers
Content-Type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 41

GET
H2 200 web-widget-chat-sdk-3a32751.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 40C3 202 KB
51 KB 27ms
27ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-3a32751.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-3a32751.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0dd9e6f31221b8432522601d43794879960167232e35bfd035187e12fbbdb89

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:41 GMT
x-amz-version-id: 9Hm9o1qC8DxCYXWVIyK7A1AL4NkTIcKV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 7AJZ5SVNTJ7ZYBWE
age: 472664
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: bxUmYqaFlqEyVoeumHfj/dXmEBnjyHynJpUhlexUhcXOV+Xtdk8GRIWE6JsGD4Z38CDtg/paW47F9KmKoOQb3g==
last-modified: Fri, 21 Apr 2023 11:15:05 GMT
server: cloudflare
etag: W/"d366c0776c2bacba354d40e564c3d3e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ou4NbqQ5m6Bixdyl0n09IS28%2FIRTeYLdqa8wk5zv7NrN26m4hgHkVJhMQq%2FNWVe246xtEmwFFatseRehYkpU%2FzTu%2BHEfTU3PoCbeul54DUnuvjDLcRYGTD0xWk%2BQFOKklp1AtI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7c0909df4de2bb9b-FRA
expires: Sat, 20 Apr 2024 11:15:04 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/823916003/ 3 KB
2 KB 69ms
47ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/823916003/?random=1682954741675&cv=11&fst=1682954741675&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.truework.com%2Femployer%2Fincoming%2Freport%2FAAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-%2F&hn=www.googleadservices.com&frm=0&tiba=Verification%20Request%20%7C%20Truework&auid=571731819.1682954742&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-823916003

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

564d4f2f1f26c21418ef4787620622d74c556b9e24ea634f7d7377ab161e33be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 33 KB
11 KB 91ms
23ms Script
application/javascript 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

12ce92cc3c4eb9d74f48e9a10eb919bdf30bbdc5ccf9843c6543fec302dec54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Apr 2023 21:13:35 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "642c92ff-8319"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 10492
expires: Mon, 01 May 2023 15:25:41 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/321004/domain/app.truework.com/ 36 B
374 B 26ms
8ms XHR
application/json 2600:9000:20eb:5a00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/321004/domain/app.truework.com/token
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:14:00 GMT
content-encoding: gzip
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 701
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: a5Be3pJ-TlijUKw56PJPkzHwwp3GtwrPe0Kyf_M8UNTyfVGB5ctgsg==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=321004&time=1682954741791&url=https%3A%2F%2Fapp.truework.com%2Femployer%2Fincoming%2Freport%2FAAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=321004&time=1682954741791&url=https%3A%2F%2Fapp.truework.com%2Femployer%2Fincoming%2Freport%2FAAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy...

0
265 B

166ms
150ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=321004&time=1682954741791&url=https%3A%2F%2Fapp.truework.com%2Femployer%2Fincoming%2Freport%2FAAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-%2F&e_ipv6=AQIEoGd-l0hz4QAAAYfX62iC76Y0WtiZ2z4B8wUinn9F62GGoTJH9SAvafW4L_9s7bMN9ihPN2FsIfUieliCB8e5KE8RYA
Requested by: Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:41 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: D4A65EF94C35403187816624844BE6D8 Ref B: FRAEDGE1407 Ref C: 2023-05-01T15:25:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6o2+SqXKk22bY3nwbRg==

Redirect headers

date: Mon, 01 May 2023 15:25:41 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6BE5754EA6EA41B5950D6B25C9FECD15 Ref B: FRAEDGE1406 Ref C: 2023-05-01T15:25:41Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=321004&time=1682954741791&url=https%3A%2F%2Fapp.truework.com%2Femployer%2Fincoming%2Freport%2FAAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-%2F&e_ipv6=AQIEoGd-l0hz4QAAAYfX62iC76Y0WtiZ2z4B8wUinn9F62GGoTJH9SAvafW4L_9s7bMN9ihPN2FsIfUieliCB8e5KE8RYA
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6o2+QEKtA0j3WdAPMng==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/321004/domain/app.truework.com/ 36 B
372 B 25ms
9ms XHR
application/json 2600:9000:20eb:5a00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/321004/domain/app.truework.com/token
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:14:00 GMT
content-encoding: gzip
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 701
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: Ei56ehlAAV6UHykt7s-eV7o4m7gMKymc-CNnmy9w0szy6arFZrLiGQ==

GET
H2 200 zendesk-chat-jwt Show response
app.truework.com/api/user/ 26 B
375 B 117ms
117ms Fetch
application/json 18.118.75.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truework.com/api/user/zendesk-chat-jwt

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.118.75.249 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-118-75-249.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5815bb3d751f593285071793f3fd335a082ba6b82b3ceae2b6f8cc912c5846d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:41 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
x-api-version: e3dd64959eef967d3a32ef2bca745df217d49125
cross-origin-opener-policy: same-origin
allow: OPTIONS, GET, HEAD
x-frame-options: DENY
content-type: application/json
vary: Origin, Cookie
cache-control: no-cache, no-store, must-revalidate
content-length: 26
truework-trace-id: 29acRuaWLJEipPs16Uks1L
expires: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/823916003/ 42 B
455 B 46ms
18ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/823916003/?random=1682954741675&cv=11&fst=1682953200000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.truework.com%2Femployer%2Fincoming%2Freport%2FAAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-%2F&frm=0&tiba=Verification%20Request%20%7C%20Truework&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1930843052&rmt_tld=0&ipr=y

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/823916003/ 42 B
154 B 23ms
23ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/823916003/?random=1682954741675&cv=11&fst=1682953200000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.truework.com%2Femployer%2Fincoming%2Freport%2FAAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-%2F&frm=0&tiba=Verification%20Request%20%7C%20Truework&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1930843052&rmt_tld=1&ipr=y

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
203 B 45ms
44ms XHR
text/html 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:41 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://app.truework.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 36 B
339 B 115ms
26ms XHR
text/html 2a02:26f0:480:22::1726:62ed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62ed Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2f66ff59649f2216fb043f397173669b051e3a019b1f142016be5db7dbb03b33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:41 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://app.truework.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:ac8:20:3d00:1012:d556:13a1:8513
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467487_389993773_559301161_20_848_23_0";dur=1
content-length: 36
expires: Mon, 01 May 2023 15:25:41 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 503ms
503ms Image
image/gif 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=2dd039ef760cd339f88626a40df512e3&svisitor=null&visitor=c67a7b5a-6c8e-43f2-8864-c3ff19ba3097&session=05431c54-a064-4721-8c73-75cfa982eebc&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2001%20May%202023%2015%3A25%3A41%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2001%20May%202023%2015%3A25%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%222dd039ef760cd339f88626a40df512e3%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2001%20May%202023%2015%3A25%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2001%20May%202023%2015%3A25%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Verify%20income%20and%20employment%20for%20any%20applicant%2C%20all%20on%20one%20platform.%20Data%20returned%20instantly%20for%2035%20million%20U.S.%20employees%20(and%20growing).%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Verification%20Request%20%7C%20Truework%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fapp.truework.com%2Femployer%2Fincoming%2Freport%2FAAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-%2F&pageViewId=9ac46b25-fea0-401e-8498-03e6f0ccfed0

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:42 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 442ms
442ms Image
image/gif 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=2dd039ef760cd339f88626a40df512e3&svisitor=null&visitor=c67a7b5a-6c8e-43f2-8864-c3ff19ba3097&session=05431c54-a064-4721-8c73-75cfa982eebc&event=ipv6&q=%7B%22address%22%3A%222001%3Aac8%3A20%3A3d00%3A1012%3Ad556%3A13a1%3A8513%22%7D&isIframe=false&m=%7B%22description%22%3A%22Verify%20income%20and%20employment%20for%20any%20applicant%2C%20all%20on%20one%20platform.%20Data%20returned%20instantly%20for%2035%20million%20U.S.%20employees%20(and%20growing).%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Verification%20Request%20%7C%20Truework%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fapp.truework.com%2Femployer%2Fincoming%2Freport%2FAAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-%2F&pageViewId=9ac46b25-fea0-401e-8498-03e6f0ccfed0

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:42 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 7049 200 B
927 B 7ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 10167195
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 01 May 2023 15:25:42 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 337300
x-content-type-options: nosniff
x-request-id: 6a9f129e-fc33-4947-9d62-2297f31d6cb7
x-served-by: cache-fra-eddf8230079-FRA

POST
H2 200 0 Show response
r.stripe.com/ Frame ED0B 0
274 B 170ms
170ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 01 May 2023 15:25:42 GMT
x-stripe-server-envoy-start-time-us: 1682954742501953
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682954742501715
access-control-allow-credentials: true
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7049 0
718 B 208ms
207ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 01 May 2023 15:25:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682954742522088
x-envoy-upstream-service-time: 35
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 21
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682954742515279
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7049 0
718 B 207ms
207ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 01 May 2023 15:25:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682954742526966
x-envoy-upstream-service-time: 35
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 20
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682954742515387
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7049 631 B
491 B 6ms
6ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 01 May 2023 15:25:42 GMT
via: 1.1 varnish
age: 14584853
x-cache: HIT
content-length: 332
x-request-id: d6160a31-9e3f-4e19-8bde-846f23f8891f
x-served-by: cache-fra-eddf8230079-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 298516

GET
H2 200 inner.html Show response
m.stripe.network/ Frame D716 930 B
2 KB 50ms
8ms Document
text/html 2600:9000:2057:6e00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 295
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 01 May 2023 15:20:47 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: 5gpav_-vZAR8jODnsEWUB9aodAqV1LVw5L8j7E_zrVwnion6QeRw5A==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame D716 0
492 B 201ms
200ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.truework.com
URL: https://app.truework.com/employer/incoming/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 01 May 2023 15:25:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682954742580096
x-envoy-upstream-service-time: 29
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 13
x-stripe-client-envoy-start-time-us: 1682954742577550
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame D716 86 KB
14 KB 7ms
7ms Script
text/javascript 2600:9000:2057:6e00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 01 May 2023 15:25:21 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 22
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: Ma4xGmvj06RkVqeNi3xQ5Hh5i6iIYYMQ9RrvOrj_X3qJp-6adeGXbA==

POST
H2 200 6 Show response
m.stripe.com/ Frame D716 156 B
670 B 667ms
177ms XHR
application/json 54.187.57.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.57.130 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-57-130.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

097e754fa53d0862cf0f8584e36193610000cff937944af9593ddfcbb530c988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 01 May 2023 15:25:43 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682954743152760
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 6
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1682954743152243
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 227ms
227ms Image
image/gif 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:43 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 201 i Show response
r.lr-in-prod.com/ 24 KB
25 KB 942ms
481ms XHR
application/json 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-in-prod.com/i?a=mb6w3n%2Ftruework&r=5-b3fe9aa9-d760-481b-9520-9e573ab1ad4c&t=5d71dbda-f87d-44f6-a0e3-d9047e2fa99a&s=0&rs=0%2Cu&u=b14515ac-3eb7-4d8a-9112-7cad06c2272a&is=1

Requested by

Host: dgoidxrjgsomp.cloudfront.net
URL: https://dgoidxrjgsomp.cloudfront.net/assets/js/truework.main.c935b18dd351f34a6ecf.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

/ Express

Resource Hash

6ca09da08b9d4f873299ccad7e911693ef51da7c773c315c3468b33a507d37f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: W/"602b-eEYzIVOQogkPd1P7VkVJe0YOr1E"
x-powered-by: Express
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-ClickHouse-Override,X-LogRocket-ClickHouse-Enabled-Queries
content-length: 24619

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 265ms
264ms Image
image/gif 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:44 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 259ms
259ms Image
image/gif 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:45 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 15ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KZX4MD5XZJ&gtm=45je34q0&_p=1644271028&cid=1428141367.1682954740&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1682954740&sct=1&seg=0&dl=https%3A%2F%2Fapp.truework.com%2Femployer%2Fincoming%2Freport%2FAAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-%2F&dt=Truework%20%7C%20Employment%20%26%20Income%20Verification&en=scroll&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KZX4MD5XZJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.truework.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 288ms
287ms Image
image/gif 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:46 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.truework.com/	1970-01-20 21:05:14	Name: _ga Value: GA1.1.1428141367.1682954740
.truework.com/	1970-01-20 21:05:14	Name: _ga_KZX4MD5XZJ Value: GS1.1.1682954740.1.0.1682954740.60.0.0
app.truework.com/	1970-01-20 11:30:41	Name: _lr_tabs_-mb6w3n%2Ftruework Value: {%22sessionID%22:0%2C%22recordingID%22:%225-b3fe9aa9-d760-481b-9520-9e573ab1ad4c%22%2C%22lastActivity%22:1682954740668}
app.truework.com/	1970-01-20 11:30:41	Name: _lr_hb_-mb6w3n%2Ftruework Value: {%22heartbeat%22:1682954740669}
app.truework.com/	1969-12-31 23:59:59	Name: _lr_uf_-mb6w3n Value: 5e246fee-394e-43fd-95a3-8a48d1099531
.truework.com/	1970-01-20 20:13:24	Name: csrf_token Value: hMg0ykfNGi0I7nMg4hoEAIBlmbDdjKJb
.truework.com/	1970-01-20 21:05:14	Name: tw_device_id Value: 60986c5d-b6fa-4421-af0b-f05fb7bbade2
.truework.com/	1970-01-20 13:38:50	Name: _gcl_au Value: 1.1.571731819.1682954742
.doubleclick.net/	1970-01-20 11:29:15	Name: test_cookie Value: CheckForPermission
.truework.com/	1970-01-20 20:14:50	Name: ajs_anonymous_id Value: 60986c5d-b6fa-4421-af0b-f05fb7bbade2
app.truework.com/	1970-01-20 11:30:41	Name: ln_or Value: eyIzMjEwMDQiOiJkIn0%3D
app.truework.com/	1970-01-20 21:05:14	Name: _gd_visitor Value: c67a7b5a-6c8e-43f2-8864-c3ff19ba3097
app.truework.com/	1970-01-20 11:29:29	Name: _gd_session Value: 05431c54-a064-4721-8c73-75cfa982eebc
.linkedin.com/	1970-01-20 20:14:50	Name: bcookie Value: "v=2&6a1d7ce8-544d-4109-85a4-efff586913bb"
.linkedin.com/	1970-01-20 15:48:26	Name: li_gc Value: MTswOzE2ODI5NTQ3NDE7MjswMjEdyJ7nDqv/IW4HNVa4jhwDPjl0ZJq0NjCVm6e5jbKKkw==
.linkedin.com/	1970-01-20 11:30:41	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3053:u=1:x=1:i=1682954741:t=1683041141:v=2:sig=AQFHZ5cCYjDTVdbE7JJrw1ACSBFZDo-Z"
.6sc.co/	1970-01-20 21:05:14	Name: 6suuid Value: cdd5ce1741ae0100f6d94f648b01000095110200
m.stripe.com/	1970-01-20 21:05:14	Name: m Value: 598483c7-f00b-41d7-a1af-c07d2f9f93a32e96bb
.app.truework.com/	1970-01-20 20:14:50	Name: __stripe_mid Value: 3b5619cb-f334-4257-a394-05b882601ea3cb53f1
.app.truework.com/	1970-01-20 11:29:16	Name: __stripe_sid Value: 121ad2fa-66e9-42de-8c99-0b6a794461a8502fd0
app.truework.com/	1970-01-20 11:29:15	Name: _dd_s Value: logs=1&id=d8ba4c70-f03c-4f2c-a08d-f1d7928ccb97&created=1682954740501&expire=1682955640501

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://app.truework.com/api/report/AAAAAAACNJsACLDvJPTeDxZjb7MsSlwgP7CuwM8Qj_Byj_6YsLy1kPH-/incoming/ Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://encompassloconnect.com https://.encompassloconnect.com https://ellieservices.com https://.ellieservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
app.truework.com
b.6sc.co
c.6sc.co
cdn.linkedin.oribi.io
cdn.lr-in-prod.com
cdn.optimizely.com
cdn.segment.com
d2yyd1h5u9mauk.cloudfront.net
dgoidxrjgsomp.cloudfront.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ipv6.6sc.co
j.6sc.co
js.stripe.com
m.stripe.com
m.stripe.network
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
r.lr-in-prod.com
r.stripe.com
region1.analytics.google.com
sentry.io
snap.licdn.com
static.zdassets.com
stats.g.doubleclick.net
truework-contact.zendesk.com
unpkg.com
www.google.com
www.google.de
www.googletagmanager.com
104.16.53.111
104.18.70.113
104.18.72.113
104.198.23.205
13.107.42.14
13.32.118.85
151.101.64.176
18.118.75.249
2001:4860:4802:34::36
23.36.162.205
2600:9000:2057:6e00:19:7d10:bd80:93a1
2600:9000:20eb:5a00:2:53b2:240:93a1
2600:9000:2251:200:6:12a5:ec40:93a1
2606:4700:3034::ac43:a57f
2606:4700::6810:7caf
2620:1ec:21::14
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9b
2a02:26f0:3500:16::215:1490
2a02:26f0:480:22::1726:62ed
2a02:26f0:480:5b0::13b8
35.188.42.15
44.227.186.215
54.186.23.98
54.187.159.182
54.187.57.130
99.86.8.175
031b0889db1fceb6c266f956b25a9a95fc59e64c72e6bd7c30739c8296dcad0b
097e754fa53d0862cf0f8584e36193610000cff937944af9593ddfcbb530c988
0c33a79b0af93000386340e5bcf6e653ea2a4b3350e18a6cabf43d770a90cac5
104812d390123a62b8e24b345f8e95a85c48c5c34c5fc75176bf63d545745f49
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
12ce92cc3c4eb9d74f48e9a10eb919bdf30bbdc5ccf9843c6543fec302dec54f
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
14f9e0ca9b6fe4553fc71e6761aa783e1f160e6e99b78db18e8df64ffd52a345
180014f647e930e88f3e873bb4a44422087c5bf894a356b6fbb3408706620e53
193344b577448c1a61b6f2d4a5c7dc1ef44e2e12a8eba901e6257914cc425a98
1be5ea9bb591a419d35215e734bc9aa5ca1b0fe447009a221c9f960ed28332a6
21d2ea81f22f44525f201ad9f4702029e0b2bfe65d5a2b534104dbe4b2346bbe
24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2c4f8d66c9bae8c9f00d858fd7192dffcb5f86c4f2775a3abb1ac6143347b460
2e9d74c03793ecf94c5680eb028c200c330854aa0e45ff6866aa1702e0644d11
2f66ff59649f2216fb043f397173669b051e3a019b1f142016be5db7dbb03b33
415752888b1c945ea301c8e5505260c730d781bc5afbe9bd5307ae08e7b5a196
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b1e453d0d95718e19766d3023ea82dc059f728f3b112b7980773c109ac0bd31
4d8a159b47d1f254ea6e4a392d3eee330ca0b0c1c5230ca3390bd46f5cb34dca
558ab8aa7080f2b2aa2087c887a56a0b70a5c72b53652b5834db974a2da251a3
55d62067bd66d181a838e31a2c3ddb65822f52e0f297a2c3cd2c68e40bc5e655
564d4f2f1f26c21418ef4787620622d74c556b9e24ea634f7d7377ab161e33be
566a16d2bf032bcf6828d55a4fef40cc306348ce7b8e107599a6ae0978d874f0
56782be53aef9b2853cf9efe899fdb83340b9701e794e92be2a86b69b8b846a4
5815bb3d751f593285071793f3fd335a082ba6b82b3ceae2b6f8cc912c5846d0
67bfc9cf85e8e19f06858b8301822def51335adaf3a539cf3cd7745d59d73306
6ca09da08b9d4f873299ccad7e911693ef51da7c773c315c3468b33a507d37f8
7ac350e2b079daf1247e25cd7868f1479d63f91506caed4db9b75053b917305c
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
84db296f8f6211a7ab1ecce758665dbfe51fa9458eff32005c619c0d28463da5
86ffd072440f9fa6f904bfa6dc20cc166dbd7dfc15d03c28425cef1a8ad2e6e5
8853a2b610928c278c709e5868fc6c272b3f826a992382b5fcb47f949e4f3cba
8a4f785d62a155af5d5663e799162c761b322ab778fb6678123875f7c0caa624
8d8d1143500cfe495523a1b8a3cd35ae9857d8d6b4ad0d2da02838874f0dbc9c
934b265c36a554e34c2ad890d922f7a6f5f33900f835ba2db4cc5ac0944331a5
96b736afc032ee718b04348120b5032b09a40dd37143ed0ccf3f51e3a66f53cc
9a0c4301b6e804a7a808eb69694ed08567605811ae9bef1d3f19c88e20bdec92
a0e96b42bdcb409694d7f6e7731db738778af49ef5790dccd278b48eecfc6c91
a2eaf030b7afbdc298e2f68f9ff9992469b87b5d1effc296bb525fe27bacc45e
a33ab3ce110e9444cf5f27ced2788d62eb4343dfc8185a9c9e4e8e6fa38c7612
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aaab62f4aa0f4f350b445b733c9037e26e5c750eec0e52c5feafb883ba13e301
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b4adf4d6ac73d474c6a49c40a8989a9174524af20e8e578204dc27df6af764e6
b6918f0f7a4745c4ff5f00786438935cf32c146f14dba7b96c37a054aa2df3ab
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
bf720da9121cd38a840aadd1f288be43dfa6213ce90dd060b99483564915ba4b
c0dd9e6f31221b8432522601d43794879960167232e35bfd035187e12fbbdb89
c1203199deb1245f3cb663dc9d4093ce13652383d1fef18f99231ab04cef0b69
cacf8a32e69eabea7d57711f4ccbeed4d284e1bbd0789137936d388da707b9de
cae962a70d36874622214e00e5f0da33974facafc55fb443757d8615359c413a
ccc5c0e08b51c13a10d1d6471e34d923479cf4a51dab3833248d6275b9535730
d66a9e827146c7cffff75212032752172352dc9eca81efe3ff413eb9e008f73a
d976009e0ff2a163ec0fec368655f9d213b36817354f1d3f02cfbc99dbff51e7
d9c7e9af9a62a0e04239f3a6f7f2d53364655bc832d7582d0541f598bf1aab99
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db
ec7d26acd254c146fb2652b94632dd2097d5f20281dafc17a5ab07db7695a829
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f299570812f10a5431a335b867b9b72fa745fe0050f071f443603a47f34a8cdd
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f44c4cfd53120d742fc5b3f284e90f3c624fd7d853b17654e0c0c0e451e1454a
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f65b66433c24c480f9dac5e30b155110e23580a6f404da61d549d651aedab41f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc009aaad13ca958a1c99a1b73a2c807e433fe4cb76cbf6b63c82a690fc1d399
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

app.truework.com Open in urlscan Pro 18.118.75.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

99 Requests

98 %HTTPS

53 %IPv6

22 Domains

34 Subdomains

32 IPs

4 Countries

2506 kBTransfer

9691 kBSize

21 Cookies

2 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app.truework.com Open in urlscan Pro
18.118.75.249 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

98 %
HTTPS

53 %
IPv6

22
Domains

34
Subdomains

32
IPs

4
Countries

2506 kB
Transfer

9691 kB
Size

21
Cookies

99 HTTP transactions
0 data transactions