www.ontask.io Open in urlscan Pro
54.158.26.53 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t.ms00.net/s/c?3ql.19grj.1.7xhyi.362hr
Effective URL:
https://www.ontask.io/tracking-covid-19-vaccination-records
Submission: On November 30 via manual (November 30th 2021, 3:32:53 pm UTC) from IN — Scanned from DE

Summary HTTP 116 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 58 IPs in 5 countries across 52 domains to perform 116 HTTP transactions. The main IP is 54.158.26.53, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.ontask.io.
TLS certificate: Issued by R3 on October 31st 2021. Valid for: 3 months.

This is the only time www.ontask.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.39.113.144 216.39.113.144	23342 (UNITEDLAYER) (UNITEDLAYER)
15	54.158.26.53 54.158.26.53	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.99.99 13.32.99.99	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
6	34.237.215.97 34.237.215.97	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.222.236.99 52.222.236.99	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
2	54.229.143.145 54.229.143.145	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	52.217.203.184 52.217.203.184	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:73b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e8... 2620:119:50e8:101::9002:f05	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	18.66.112.111 18.66.112.111	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.139.40 18.66.139.40	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.50 143.204.98.50	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.74 18.66.122.74	16509 (AMAZON-02) (AMAZON-02)
1	34.249.212.247 34.249.212.247	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2606:4700::68... 2606:4700::6811:7d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16 22	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
1	2600:1f18:612... 2600:1f18:612b:4264:e8c6:2f28:702a:f217	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	3.125.86.125 3.125.86.125	16509 (AMAZON-02) (AMAZON-02)
1 1	35.156.157.11 35.156.157.11	16509 (AMAZON-02) (AMAZON-02)
1	52.222.214.69 52.222.214.69	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	3.225.136.82 3.225.136.82	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.17.84.146 52.17.84.146	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
3 3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
116	58

1 216.39.113.144 (United States) 1 redirects

ASN23342 (UNITEDLAYER, US)
PTR: t.pm0.net

t.ms00.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.158.26.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-26-53.compute-1.amazonaws.com

www.ontask.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-99.fra60.r.cloudfront.net

app.cdn.lookbookhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.237.215.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-215-97.compute-1.amazonaws.com

jukebox.pathfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-99.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.143.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-143-145.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.203.184 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e8:101::9002:f05 (San Francisco, United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.111 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.40 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-50.fra50.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.74 (United States)

ASN16509 (AMAZON-02, US)

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.212.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-212-247.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:7d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 159.122.14.34 (United States) 16 redirects

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:e8c6:2f28:702a:f217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.86.125 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-86-125.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.157.11 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-157-11.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-69.fra56.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.136.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-136-82.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.84.146 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.145 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	simpli.fi 16 redirects tag.simpli.fi i.simpli.fi um.simpli.fi	14 KB
15	ontask.io www.ontask.io	197 KB
7	crazyegg.com script.crazyegg.com pagestates-tracking.crazyegg.com assets-tracking.crazyegg.com tracking.crazyegg.com	34 KB
6	hubspot.com api.hubspot.com app.hubspot.com track.hubspot.com	23 KB
6	doubleclick.net 4 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	3 KB
6	pathfactory.com jukebox.pathfactory.com	2 KB
5	hsappstatic.net static.hsappstatic.net	265 KB
4	facebook.com www.facebook.com	527 B
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	googletagmanager.com www.googletagmanager.com	227 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	33 KB
3	google.de www.google.de	629 B
3	google.com 1 redirects www.google.com	589 B
3	facebook.net connect.facebook.net	200 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	64 KB
3	bing.com bat.bing.com	11 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	googleadservices.com 1 redirects www.googleadservices.com	15 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	rlcdn.com idsync.rlcdn.com	108 B
2	pro-market.net 2 redirects fei.pro-market.net	824 B
2	agkn.com 2 redirects aa.agkn.com d.agkn.com	959 B
2	tapad.com 1 redirects pixel.tapad.com	887 B
2	ml314.com ml314.com	92 KB
2	gstatic.com fonts.gstatic.com	64 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com maxcdn.bootstrapcdn.com	21 KB
1	openx.net us-u.openx.net	275 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	lijit.com ce.lijit.com	348 B
1	bluekai.com stags.bluekai.com	745 B
1	bfmio.com sync.bfmio.com	421 B
1	intentiq.com sync.intentiq.com
1	tremorhub.com simplifi.partners.tremorhub.com	183 B
1	hubapi.com api.hubapi.com	941 B
1	t.co t.co	471 B
1	twitter.com analytics.twitter.com	675 B
1	hs-banner.com js.hs-banner.com	16 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hs-analytics.net js.hs-analytics.net	20 KB
1	usemessages.com js.usemessages.com	21 KB
1	amazonaws.com s3.amazonaws.com	497 KB
1	ads-twitter.com static.ads-twitter.com	6 KB
1	licdn.com snap.licdn.com	2 KB
1	lookbookhq.com app.cdn.lookbookhq.com	237 KB
1	fontawesome.com use.fontawesome.com	238 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	hs-scripts.com js.hs-scripts.com	990 B
1	googleoptimize.com www.googleoptimize.com	35 KB
1	ms00.net 1 redirects t.ms00.net	400 B
116	52

	Domain	Requested by
22	um.simpli.fi	16 redirects
15	www.ontask.io	www.ontask.io
6	jukebox.pathfactory.com	app.cdn.lookbookhq.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
4	www.facebook.com	www.ontask.io
4	api.hubspot.com	js.usemessages.com static.hsappstatic.net
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	www.googletagmanager.com	www.ontask.io www.googletagmanager.com js.hsadspixel.net
3	cm.g.doubleclick.net	3 redirects
3	www.google.de	www.ontask.io
3	www.google.com	1 redirects www.ontask.io
3	connect.facebook.net	www.ontask.io connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.ontask.io
3	www.google-analytics.com	www.googletagmanager.com www.ontask.io
3	fonts.googleapis.com	www.ontask.io app.cdn.lookbookhq.com
2	ib.adnxs.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	bcp.crwdcntrl.net	1 redirects
2	loadm.exelator.com	1 redirects
2	idsync.rlcdn.com
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	px.ads.linkedin.com	2 redirects
2	ml314.com	www.ontask.io ml314.com
2	fonts.gstatic.com	fonts.googleapis.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	ce.lijit.com
1	stags.bluekai.com
1	sync.bfmio.com
1	sync.intentiq.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	api.hubapi.com	js.hsadspixel.net
1	track.hubspot.com
1	i.simpli.fi	tag.simpli.fi
1	app.hubspot.com	js.usemessages.com
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	t.co	www.ontask.io
1	analytics.twitter.com	static.ads-twitter.com
1	px4.ads.linkedin.com	www.ontask.io
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	s3.amazonaws.com	www.ontask.io
1	static.ads-twitter.com	www.ontask.io
1	tag.simpli.fi	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	maxcdn.bootstrapcdn.com	app.cdn.lookbookhq.com
1	app.cdn.lookbookhq.com	www.ontask.io
1	use.fontawesome.com	www.ontask.io
1	stackpath.bootstrapcdn.com	www.ontask.io
1	cdnjs.cloudflare.com	www.ontask.io
1	ajax.googleapis.com	www.ontask.io
1	js.hs-scripts.com	www.ontask.io
1	www.googleoptimize.com	www.ontask.io
1	t.ms00.net	1 redirects
116	68

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
twitter.com

Subject Issuer	Validity	Valid
ontask.io R3	`2021-10-31` - `2022-01-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.pathfactory.com Amazon	`2021-08-10` - `2022-09-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-08` - `2021-12-07`	3 months	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.ontask.io/tracking-covid-19-vaccination-records
Frame ID: 3D8019229BA0AD57B6A79EABBD22EBC8
Requests: 103 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: BFD85B1AF789C9A68E58449D65B980B2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1C084F94AA41C616656049ECCFFC470A
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/2784414/threads/utk/fa2340d63d354d498c08f6b496a4b48f?uuid=a97d792216e54fd09a47eb757e7f8653&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=ontask.io&inApp53=false&messagesUtk=fa2340d63d354d498c08f6b496a4b48f&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: E3C754F5794D32C77195A9974F01DFA2
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 68A9C1F2E22932E12A082AA9240BCCDB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Digitally Collect COVID Vaccine Records & Test Results | OnTask

Page URL History Show full URLs

http://t.ms00.net/s/c?3ql.19grj.1.7xhyi.362hr HTTP 302
https://www.ontask.io/tracking-covid-19-vaccination-records Page URL

Page Statistics

116
Requests

84 %
HTTPS

47 %
IPv6

52
Domains

68
Subdomains

58
IPs

5
Countries

2367 kB
Transfer

6467 kB
Size

56
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/OnTaskShares/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ontask.io/

Search URL Search Domain Scan URL

URL: https://twitter.com/OnTaskShares

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t.ms00.net/s/c?3ql.19grj.1.7xhyi.362hr HTTP 302
https://www.ontask.io/tracking-covid-19-vaccination-records Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=55176&time=1638286366671&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D55176%26time%3D1638286366671%26url%3Dhttps%253A%252F%252Fwww.ontask.io%252Ftracking-covid-19-vaccination-records%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=55176&time=1638286366671&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=55176&time=1638286366671&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&liSync=true&e_ipv6=AQLGlibzJ6RYLwAAAX1xehqg-MgkKklAjBluTxdA03K67NYGMs26ulBT1Mm4CKJX7jWsktkgVA

Request Chain 90

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=4D98CDAAF93A491CBF4E568533C4EE52

Request Chain 91

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=4D98CDAAF93A491CBF4E568533C4EE52 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=4D98CDAAF93A491CBF4E568533C4EE52

Request Chain 92

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=4D98CDAAF93A491CBF4E568533C4EE52 HTTP 302
https://d.agkn.com/pixel/10751/?che=1638286368&ip=193.27.14.24&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164951003986000306291 HTTP 302
https://um.simpli.fi/aa_px?sk=164951003986000306291

Request Chain 94

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4D98CDAAF93A491CBF4E568533C4EE52

Request Chain 97

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=4D98CDAAF93A491CBF4E568533C4EE52;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=4D98CDAAF93A491CBF4E568533C4EE52;mimetype=img;sr HTTP 302
https://idsync.rlcdn.com/400646.gif?partner_uid=-3465786612289222976

Request Chain 98

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=4D98CDAAF93A491CBF4E568533C4EE52&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=4D98CDAAF93A491CBF4E568533C4EE52&j=0&xl8blockcheck=1

Request Chain 100

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=4D98CDAAF93A491CBF4E568533C4EE52

Request Chain 101

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=4D98CDAAF93A491CBF4E568533C4EE52

Request Chain 102

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=4D98CDAAF93A491CBF4E568533C4EE52 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=4D98CDAAF93A491CBF4E568533C4EE52

Request Chain 103

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=4D98CDAAF93A491CBF4E568533C4EE52

Request Chain 104

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=4D98CDAAF93A491CBF4E568533C4EE52

Request Chain 105

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1638286368194&cv=7&fst=1638286368194&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=147618033&cv=7&fst=1638286368194&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=IESmYb2xEbamx_AP0aqueA&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=147618033&cv=7&fst=1638286368194&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=IESmYb2xEbamx_AP0aqueA&random=1913941426 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=147618033&cv=7&fst=1638286368194&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=IESmYb2xEbamx_AP0aqueA&random=1913941426&ipr=y&prhg=0

Request Chain 106

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=4D98CDAAF93A491CBF4E568533C4EE52 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=4D98CDAAF93A491CBF4E568533C4EE52&__user_check__=1&sync_id=c5cc2aaa-51f2-11ec-ad78-19bfd3920106

Request Chain 107

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=4D98CDAAF93A491CBF4E568533C4EE52 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D4D98CDAAF93A491CBF4E568533C4EE52

Request Chain 108

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4D98CDAAF93A491CBF4E568533C4EE52&expires=365

Request Chain 109

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=4D98CDAAF93A491CBF4E568533C4EE52

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEGQV18682MsJgvgyXAvvjKo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4D98CDAAF93A491CBF4E568533C4EE52 HTTP 302
https://um.simpli.fi/g_match?id=

116 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request tracking-covid-19-vaccination-records Show response
www.ontask.io/
Redirect Chain

http://t.ms00.net/s/c?3ql.19grj.1.7xhyi.362hr
https://www.ontask.io/tracking-covid-19-vaccination-records

34 KB
10 KB

314ms
98ms

Document
text/html

54.158.26.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.158.26.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-158-26-53.compute-1.amazonaws.com

Software

nginx/1.19.5 /

Resource Hash

ac05796361a7ed38a38d59fbe07dde8fe344cf146cab1878419d649e0775a6d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://resources.ontask.io 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.19.5
date: Tue, 30 Nov 2021 15:32:46 GMT
content-type: text/html
content-length: 10205
last-modified: Tue, 30 Nov 2021 15:14:25 GMT
vary: Accept-Encoding
etag: "61a63fd1-27dd"
content-encoding: gzip
content-security-policy: frame-ancestors https://resources.ontask.io 'self'

Redirect headers

Date: Tue, 30 Nov 2021 15:32:45 GMT
Server: Apache/2.4.33 (FreeBSD) OpenSSL/1.0.2k-freebsd mod_jk/1.2.41
Location: https://www.ontask.io/tracking-covid-19-vaccination-records
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 87 KB
35 KB 51ms
27ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5MJNPCS

Requested by

Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fda0d77f15d641c01bb430c6e3b8fda7451790ea92ca52b7a8f9d8cf6775ecfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34893
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Nov 2021 15:32:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
981 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&family=Raleway:wght@300;400;600;700&display=swap

Requested by

Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b9933aa8c6ee039457aedbdece2c1a00da19bb9ab8fbc7bf80e1d3df04ce0df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 15:32:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 15:32:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 15:32:46 GMT

GET
H2 200 style.min.css
www.ontask.io/wp-includes/css/dist/block-library/ 79 KB
10 KB 100ms
100ms Stylesheet
text/css 54.158.26.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontask.io/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.26.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-26-53.compute-1.amazonaws.com
Software: nginx/1.19.5 /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/tracking-covid-19-vaccination-records
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 20:41:56 GMT
server: nginx/1.19.5
etag: W/"61577294-13abe"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public
expires: Tue, 07 Dec 2021 15:32:46 GMT

GET
H2 200 usdp-ad-landing-pages-public.css
www.ontask.io/wp-content/plugins/usdp-ad-landing-pages/public/css/ 98 B
322 B 101ms
100ms Stylesheet
text/css 54.158.26.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontask.io/wp-content/plugins/usdp-ad-landing-pages/public/css/usdp-ad-landing-pages-public.css?ver=1.0.21
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.26.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-26-53.compute-1.amazonaws.com
Software: nginx/1.19.5 /
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/tracking-covid-19-vaccination-records
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 20:37:36 GMT
server: nginx/1.19.5
etag: W/"60e61090-62"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public
expires: Tue, 07 Dec 2021 15:32:46 GMT

GET
H2 200 vendor-6fe453523b99d1094d7f.min.css
www.ontask.io/assets/css/ 172 KB
24 KB 197ms
197ms Stylesheet
text/css 54.158.26.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontask.io/assets/css/vendor-6fe453523b99d1094d7f.min.css?ver=5.8.2
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.26.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-26-53.compute-1.amazonaws.com
Software: nginx/1.19.5 /
Resource Hash: 8028d05e3f85c8f5cf1d9a5429308ea0d3243978c7b5437eb406c3a37ed49b56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/tracking-covid-19-vaccination-records
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 19:23:02 GMT
server: nginx/1.19.5
etag: W/"6192b396-2b16f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public
expires: Tue, 07 Dec 2021 15:32:46 GMT

GET
H2 200 vendor-static-ec5c21dc38f9194191ec.min.css
www.ontask.io/assets/css/ 1 KB
678 B 198ms
197ms Stylesheet
text/css 54.158.26.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontask.io/assets/css/vendor-static-ec5c21dc38f9194191ec.min.css?ver=5.8.2
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.26.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-26-53.compute-1.amazonaws.com
Software: nginx/1.19.5 /
Resource Hash: 9962304a1e62d8ebb8bc12d5f48a204cd532b57199d8ce3b66fdd4669281fc1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/tracking-covid-19-vaccination-records
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 19:23:02 GMT
server: nginx/1.19.5
etag: W/"6192b396-4b3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public
expires: Tue, 07 Dec 2021 15:32:46 GMT

GET
H2 200 main-88305a73261c99585151.min.css
www.ontask.io/assets/css/ 148 KB
21 KB 201ms
201ms Stylesheet
text/css 54.158.26.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontask.io/assets/css/main-88305a73261c99585151.min.css?ver=5.8.2
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.26.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-26-53.compute-1.amazonaws.com
Software: nginx/1.19.5 /
Resource Hash: b9971a6dfcf0d1abeb8052c3d29c9915a8062eba92fd08f0e604bc459e5a87d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/tracking-covid-19-vaccination-records
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 19:23:02 GMT
server: nginx/1.19.5
etag: W/"6192b396-24e08"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public
expires: Tue, 07 Dec 2021 15:32:46 GMT

GET
H2 200 2784414.js Show response
js.hs-scripts.com/ 2 KB
990 B 198ms
152ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2784414.js
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34c52961a6b3b0cc78466874cc704d9765245e34257a1c4bd0490c80739b1d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: e9fa3c0f-41ad-4c48-9fa1-091b3ca7b695
last-modified: Tue, 30 Nov 2021 11:55:38 GMT
server: cloudflare
x-trace: 2BD3988E2F7C5E8AA6724C28CE48DAED3554B77A1B000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.ontask.io
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6b65215e381f59ad-MXP
expires: Tue, 30 Nov 2021 15:33:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700|Varela+Round

Requested by

Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1860a451998b036c2e8c0b8164e47d20311b55222fc0d843577130c243997a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 15:32:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 15:32:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 15:32:46 GMT

GET
H2 200 ontask-logo.png
www.ontask.io/assets/images/ 17 KB
17 KB 200ms
199ms Image
image/png 54.158.26.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ontask.io/assets/images/ontask-logo.png?cache=none
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.26.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-26-53.compute-1.amazonaws.com
Software: nginx/1.19.5 /
Resource Hash: bc76da0725572ae0780ebc444d20aa2c5a650bfef76773ba91842f2777ff117d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/tracking-covid-19-vaccination-records
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Nov 2021 15:32:46 GMT
last-modified: Mon, 15 Nov 2021 19:23:02 GMT
server: nginx/1.19.5
etag: "6192b396-4383"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 17283
expires: Tue, 07 Dec 2021 15:32:46 GMT

GET
H2 200 lazysizes.min.js Show response
www.ontask.io/wp-content/plugins/ewww-image-optimizer/includes/ 11 KB
5 KB 98ms
98ms Script
application/javascript 54.158.26.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontask.io/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=625
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.26.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-26-53.compute-1.amazonaws.com
Software: nginx/1.19.5 /
Resource Hash: a1790a7910ec2ecb48fd04ea34066eb3848b0b25fd58ba901583ef0ce447dfa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/tracking-covid-19-vaccination-records
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 20:41:11 GMT
server: nginx/1.19.5
etag: W/"61577267-2cf3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
expires: Tue, 07 Dec 2021 15:32:46 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?ver=3.3.1

Requested by

Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:44:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 15:44:52 GMT

GET
H2 200 vendor-static-8dc1169d5014250f0823.min.js Show response
www.ontask.io/assets/js/ 47 KB
16 KB 102ms
99ms Script
application/javascript 54.158.26.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontask.io/assets/js/vendor-static-8dc1169d5014250f0823.min.js?ver=1.0.0
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.26.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-26-53.compute-1.amazonaws.com
Software: nginx/1.19.5 /
Resource Hash: a4bdd02e104fabea190b919e2a8b89f420cae403d16ace305c07d2f45707081d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/tracking-covid-19-vaccination-records
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 19:23:02 GMT
server: nginx/1.19.5
etag: W/"6192b396-bd48"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
expires: Tue, 07 Dec 2021 15:32:46 GMT

GET
H2 200 vendor-c301259edbdf56599b71.min.js Show response
www.ontask.io/assets/js/ 2 KB
1 KB 103ms
100ms Script
application/javascript 54.158.26.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontask.io/assets/js/vendor-c301259edbdf56599b71.min.js?ver=1.0.0
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.26.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-26-53.compute-1.amazonaws.com
Software: nginx/1.19.5 /
Resource Hash: 86367fdc9689103203f102657dd8b22a7266dc17d4e2953619ef1e99dfed8b3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/tracking-covid-19-vaccination-records
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 19:23:02 GMT
server: nginx/1.19.5
etag: W/"6192b396-74d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
expires: Tue, 07 Dec 2021 15:32:46 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 54ms
33ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js?ver=1.14.3

Requested by

Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2889521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6451
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4f71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WE6OtPT4y7wvlGe76S5tLqg4T7rJAmTQkwGsH3V9G1jvbgx5IU%2B%2FOaAcEKBeZMR%2FfORvtgQ3DrFv4IjUy%2FbKCleGHhyy1xo%2BLhj6rxnf%2BNrZpXRiKl2OkvBYYlGToZLxoWEyqbzXnYvgdGAO6uRqp7sD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b65215e0b62693d-FRA
expires: Sun, 20 Nov 2022 15:32:46 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
15 KB 79ms
33ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js?ver=4.1.3

Requested by

Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 718, 718, 718
age: 19133930
cdn-cachedat: 2021-04-23 06:27:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 394c1016f48a5d39232afa900490d46b
cf-ray: 6b65215e38e959bf-MXP
cdn-requestcountrycode: EG
cdn-requestpullsuccess: True

GET
H2 200 main-267413db286c9fafc210.min.js Show response
www.ontask.io/assets/js/ 13 KB
4 KB 103ms
100ms Script
application/javascript 54.158.26.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontask.io/assets/js/main-267413db286c9fafc210.min.js?ver=1.0.0
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.26.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-26-53.compute-1.amazonaws.com
Software: nginx/1.19.5 /
Resource Hash: 7512a7087a85565358e3f566a77f9975987794a68b083fd938f97a4c564bba4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/tracking-covid-19-vaccination-records
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 19:23:02 GMT
server: nginx/1.19.5
etag: W/"6192b396-32fd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
expires: Tue, 07 Dec 2021 15:32:46 GMT

GET
H2 200 jquery.js Show response
www.ontask.io/wp-includes/js/jquery/ 282 KB
83 KB 107ms
105ms Script
application/javascript 54.158.26.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontask.io/wp-includes/js/jquery/jquery.js
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.26.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-26-53.compute-1.amazonaws.com
Software: nginx/1.19.5 /
Resource Hash: 8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/tracking-covid-19-vaccination-records
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 20:41:56 GMT
server: nginx/1.19.5
etag: W/"61577294-46758"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
expires: Tue, 07 Dec 2021 15:32:46 GMT

GET
H2 200 usdp-ad-landing-pages-public.js Show response
www.ontask.io/wp-content/plugins/usdp-ad-landing-pages/public/js/ 838 B
706 B 200ms
197ms Script
application/javascript 54.158.26.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontask.io/wp-content/plugins/usdp-ad-landing-pages/public/js/usdp-ad-landing-pages-public.js?ver=1.0.21
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.26.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-26-53.compute-1.amazonaws.com
Software: nginx/1.19.5 /
Resource Hash: 57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/tracking-covid-19-vaccination-records
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 20:37:36 GMT
server: nginx/1.19.5
etag: W/"60e61090-346"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
expires: Tue, 07 Dec 2021 15:32:46 GMT

GET
H2 200 main.min.js Show response
www.ontask.io/wp-content/plugins/wp-insights-r00//assets/js/ 2 KB
1 KB 200ms
198ms Script
application/javascript 54.158.26.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontask.io/wp-content/plugins/wp-insights-r00//assets/js/main.min.js
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.26.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-26-53.compute-1.amazonaws.com
Software: nginx/1.19.5 /
Resource Hash: be2203d3f32591c7f48a28026ae0b78d85f364adf0e1164678872a1c51195e3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/tracking-covid-19-vaccination-records
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 17:16:31 GMT
server: nginx/1.19.5
etag: W/"5f3423ef-98c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
expires: Tue, 07 Dec 2021 15:32:46 GMT

GET
H2 200 wp-embed.min.js Show response
www.ontask.io/wp-includes/js/ 1 KB
992 B 200ms
198ms Script
application/javascript 54.158.26.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ontask.io/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.26.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-26-53.compute-1.amazonaws.com
Software: nginx/1.19.5 /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/tracking-covid-19-vaccination-records
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 03:40:54 GMT
server: nginx/1.19.5
etag: W/"601b6cc6-592"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
expires: Tue, 07 Dec 2021 15:32:46 GMT

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.0.6/js/ 657 KB
238 KB 108ms
62ms Script
application/javascript 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.6/js/all.js
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b31afdfd23628d9fb1118e31841278653c4ef36a6d0970c002d43e49b5d1856

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12684297
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: FKY9X5QE9NR9ETXT
x-amz-id-2: pv4ObY0WlTL8N6RBrpNMyLQcwhBDJYacFd2jT5MH8SvIZ+Lxu1SAfmttA/3P2FyXBLmD9WVDUI8=
last-modified: Wed, 30 Jun 2021 15:27:50 GMT
server: cloudflare
etag: W/"44f077b456f3decb0d1b00769927c002"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyhbRYneNc%2FXiMwRWX3jz9Fmrk%2FHweT3Cb8s7pNJEkoaqEarK%2BqDckcc00RZvxM%2FGdDACPujTo2Y46yBvZeairX80fObDp%2BFnY18p6%2Bbg3cGS9N4QneFYUmk80B2hNP8n8nti1MPKMj7GH0DGJCdj0tM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31556926
cf-ray: 6b65215e3b76374d-MXP

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 209 KB
67 KB 52ms
29ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NQQB22D

Requested by

Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9384fa73a2107bc7a484559bef06c04c60c5a53c0dc68a10c8e6fcb42952ddd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67935
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Nov 2021 15:32:46 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 jukebox.js Show response
app.cdn.lookbookhq.com/production/jukebox/current/ 867 KB
237 KB 33ms
7ms Script
text/javascript 13.32.99.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.cdn.lookbookhq.com/production/jukebox/current/jukebox.js
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-99.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 979fe6923baba80d43f717d3d34f2aa18c6050a6086cb867b1a78ebbe7e9bb50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 02:12:34 GMT
server: AmazonS3
age: 4801
etag: W/"e9b68a3d73648c54bf66fbf52ce0b36b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
cache-control: max-age=43200
date: Tue, 30 Nov 2021 14:12:46 GMT
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 9R-XbY2RRgGuH98WEgIDZIitssB7CWz7TNhfiQIbWYvHANgm-P9ROw==

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 33ms
10ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&family=Raleway:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ontask.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 351644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:52:02 GMT

GET
H2 200 w8gdH283Tvk__Lua32TysjIfp8uP.woff2
fonts.gstatic.com/s/varelaround/v13/ 20 KB
20 KB 43ms
20ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/varelaround/v13/w8gdH283Tvk__Lua32TysjIfp8uP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Varela+Round

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e695031ac9f24e1107db954e1b54bc86481f5aa9dc0ca457228a270b35bddfea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ontask.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 18:17:53 GMT
x-content-type-options: nosniff
age: 76493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20416
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 29 Nov 2022 18:17:53 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/ 28 KB
7 KB 45ms
42ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Requested by

Host: app.cdn.lookbookhq.com
URL: https://app.cdn.lookbookhq.com/production/jukebox/current/jukebox.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 19135722
cdn-cachedat: 2021-04-23 05:39:19
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d313279e6c939c46faa6fb9557b614ae
cf-ray: 6b65215ebb1659bf-MXP
cdn-requestcountrycode: EG
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 4 KB
692 B 19ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: app.cdn.lookbookhq.com
URL: https://app.cdn.lookbookhq.com/production/jukebox/current/jukebox.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 13:52:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 15:32:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 15:32:46 GMT

GET
H2 204 website_experience Show response
jukebox.pathfactory.com/api/public/v1/ 0
408 B 379ms
182ms XHR
text/plain 34.237.215.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/website_experience?clientId=LB-0779BEA9-10584&visitorUuid=2ae3ee4d-9a97-4119-917a-695bf4b8c370&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records

Requested by

Host: app.cdn.lookbookhq.com
URL: https://app.cdn.lookbookhq.com/production/jukebox/current/jukebox.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.237.215.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-215-97.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.ontask.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.078857
date: Tue, 30 Nov 2021 15:32:47 GMT
referrer-policy: no-referrer-when-downgrade
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://www.ontask.io
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
x-content-type-options: nosniff
x-request-id: bc7244c2-ff5a-4a0e-8fac-d5c23dffb968

GET
H2 204 website_forms Show response
jukebox.pathfactory.com/api/public/v1/ 0
407 B 312ms
116ms XHR
text/plain 34.237.215.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/website_forms?clientId=LB-0779BEA9-10584&visitorUuid=2ae3ee4d-9a97-4119-917a-695bf4b8c370&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records

Requested by

Host: app.cdn.lookbookhq.com
URL: https://app.cdn.lookbookhq.com/production/jukebox/current/jukebox.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.237.215.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-215-97.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.ontask.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.012394
date: Tue, 30 Nov 2021 15:32:47 GMT
referrer-policy: no-referrer-when-downgrade
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://www.ontask.io
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
vary: Origin
x-content-type-options: nosniff
x-request-id: 8dc0bcef-1a9b-4c91-a080-21febc798ec7

GET
H2 200 init Show response
jukebox.pathfactory.com/api/public/v1/ 422 B
898 B 308ms
113ms XHR
application/json 34.237.215.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://jukebox.pathfactory.com/api/public/v1/init?clientId=LB-0779BEA9-10584&image=&title=&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records

Requested by

Host: app.cdn.lookbookhq.com
URL: https://app.cdn.lookbookhq.com/production/jukebox/current/jukebox.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.237.215.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-215-97.compute-1.amazonaws.com

Software

Resource Hash

fd618cc7c727f3ced835e9f5acf7302c6767dc270232414ff46eadee94a5827e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.ontask.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Nov 2021 15:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-max-age: 7200
vary: Accept, Origin, Accept-Encoding
x-request-id: 0e3bb20d-0de9-43bb-9e47-eac5cd2a4f47
x-runtime: 0.009419
referrer-policy: no-referrer-when-downgrade
etag: W/"fd618cc7c727f3ced835e9f5acf7302c"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ontask.io
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true

OPTIONS
H2 200 website_experience
jukebox.pathfactory.com/api/public/v1/ Frame 0
0 319ms
104ms Preflight 34.237.215.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/website_experience?clientId=LB-0779BEA9-10584&visitorUuid=2ae3ee4d-9a97-4119-917a-695bf4b8c370&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.215.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-215-97.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.ontask.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
access-control-allow-origin: https://www.ontask.io
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-credentials: true
access-control-allow-headers: content-type

OPTIONS
H2 200 website_forms
jukebox.pathfactory.com/api/public/v1/ Frame 0
0 320ms
106ms Preflight 34.237.215.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/website_forms?clientId=LB-0779BEA9-10584&visitorUuid=2ae3ee4d-9a97-4119-917a-695bf4b8c370&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.215.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-215-97.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.ontask.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
access-control-allow-origin: https://www.ontask.io
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-credentials: true
access-control-allow-headers: content-type

OPTIONS
H2 200 init
jukebox.pathfactory.com/api/public/v1/ Frame 0
0 321ms
106ms Preflight 34.237.215.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jukebox.pathfactory.com/api/public/v1/init?clientId=LB-0779BEA9-10584&image=&title=&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.215.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-215-97.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.ontask.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
access-control-allow-origin: https://www.ontask.io
access-control-allow-methods: GET, PUT, POST, PATCH, OPTIONS
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-credentials: true
access-control-allow-headers: content-type

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 42ms
25ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V1MRSM7THV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQQB22D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

743d1078206bf2a2eb38a32e795018e739313cdb4d40a74b67522d86921acf98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61786
x-xss-protection: 0
expires: Tue, 30 Nov 2021 15:32:46 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 56ms
15ms Script
application/x-javascript 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQQB22D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 15:32:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=28613
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQQB22D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 7063
date: Tue, 30 Nov 2021 13:35:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Nov 2021 15:35:03 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 58ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQQB22D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:45 GMT
content-encoding: gzip
last-modified: Sat, 13 Nov 2021 03:55:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C926BD037D474C699B78F3D9637D96FA Ref B: FRAEDGE1518 Ref C: 2021-11-30T15:32:46Z
etag: "80dc6f5342d8d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10442

GET
H2 200 hotjar-2447991.js Show response
static.hotjar.com/c/ 6 KB
3 KB 56ms
38ms Script
application/javascript 52.222.236.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2447991.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQQB22D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-99.fra56.r.cloudfront.net

Software

Resource Hash

3b8a1bdbf9b65109d23feb32ae51a7847511d00f42119c5ec13c53041364dedf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P4
etag: W/4277d47cc36c8dc78782f61721edb88d
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: jQrLkcGdBy9lsihGGVK2Qw53YJ0kXPEZ7m8p5j2nSaWqtF_Hg8bqaA==
via: 1.1 30e954298424aa69c035e25834574743.cloudfront.net (CloudFront)

GET
H2 200 0422.js Show response
script.crazyegg.com/pages/scripts/0104/ 5 KB
2 KB 39ms
19ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0104/0422.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQQB22D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc38bab194c96c3cfc7412f4d08d97d04df8ab9505c310c7cc0f6abdf703eff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5926
cf-polished: origSize=4899
cf-ray: 6b65215f3a94691b-FRA
ce-version: 11.1.361
last-modified: Tue, 30 Nov 2021 13:54:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 26ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: 7l6M572+ZUklhyvFRPGRYtI7YWNKM9KRd2+7bYc1k9IsXMhEC0R3jVC1YyDYp3wsVwIPfAwYSMnPTBhS87+Kxw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 30 Nov 2021 15:32:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 73130190-5a66-0138-f6e6-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ 3 KB
4 KB 74ms
25ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/73130190-5a66-0138-f6e6-06a9ed4ca31b

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQQB22D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

bf4a3856e2ef60cbb21c4c5f85e5a9a5d6177e4e9eda7a47dab2e2714b77de03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 30 Nov 2021 15:32:46 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3101
x-request-id: FrxcxTvBdzN3xywszuah
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 215 KB
92 KB 151ms
59ms Script
application/javascript 54.229.143.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?3010
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.143.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-143-145.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 602b396aac1e53591157f2ecff0006af994da1548c2f1d0415fc811cd9cf8e5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 15:32:46 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=86400
transfer-encoding: chunked
Connection: keep-alive

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 39ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000116-IAD, cache-hhn11543-HHN

GET
H/1.1 200
OK OnTask-Vaccine-Record-Animation.gif
s3.amazonaws.com/usdphosting.accusoft-ontask/wp-content/uploads/ 496 KB
497 KB 465ms
153ms Image
image/gif 52.217.203.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/usdphosting.accusoft-ontask/wp-content/uploads/OnTask-Vaccine-Record-Animation.gif
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.203.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a62d453f20fe48150da4b9e78833187e5c8b583378a7dbeb9bf0658aa15cb785

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 15:32:47 GMT
Last-Modified: Thu, 23 Sep 2021 17:42:03 GMT
Server: AmazonS3
x-amz-request-id: R1S5V369AYGZPBQQ
ETag: "e656cdb03236c1734cf0f1754ea77c18"
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 508113
x-amz-id-2: uY+TACqzY3CognyzcGaCbGaUxTViIquVQa58YNmcvxdwOgiY+b4KS7qC3mgPXk4nK9Gjh3XLZJU=

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
21 KB 41ms
21ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2784414.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83ec1379fc2ea640e8cad64de25ae90b6c50b4e14789b7aca3bcc67dc0782b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 521
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9408/bundles/project.js&cfRay=6b6514a3a9681762-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Wed, 17 Nov 2021 02:12:24 UTC
server: cloudflare
etag: W/"8d5020ce797aff1a28512197cd6ec130"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Mb1It7WA5KsCG1m3htENXhxcSouY23DU
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6b65215f89745c50-FRA
x-amz-cf-id: nCD1Tv0lDG5TgM6jYJVL1jGA-rO1VMYfzj12VW9fep6ymrcU4bK_qQ==
x-hs-target-asset: conversations-embed/static-1.9408/bundles/project.js

GET
H2 200 2784414.js Show response
js.hs-analytics.net/analytics/1638286200000/ 62 KB
20 KB 229ms
185ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1638286200000/2784414.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2784414.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b36f38af75f947b629c39326958ee10a7ef7162fa1d2dd101c0377cb1f2a007b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: R1SF7YRM268CPB5D
x-amz-server-side-encryption: AES256
cf-ray: 6b65215fbb7bf917-MXP
x-amz-id-2: fiJDhRQJwe2kk0froFXnBRSDvQ3jlegJ5QQ5po7W04z88pZwmjLSSc8Q8rfEYhGviWunFT+udZc=
last-modified: Fri, 05 Nov 2021 13:12:09 GMT
server: cloudflare
etag: W/"bf76529f13d49a1473853a2ecad234d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Tue, 30 Nov 2021 15:37:46 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 53ms
24ms Script
application/javascript 2606:4700::6811:73b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2784414.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 830fcab93c12b9ad2a820fed85e456077ed189a100a59b3080fd807d844eeef2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
via: 1.1 066fc17b108820c747336d8f45e8ea55.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 346
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.257/bundles/pixels-release.js&cfRay=6b6518e929326921-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 29 Nov 2021 05:24:28 UTC
server: cloudflare
etag: W/"a5963a9ccf6657b39b543985ec7b9634"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: QEftXf9SpA6LuHCJA7K_EhxXH0zSJ6Zm
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6b65215f9c514ee5-FRA
x-amz-cf-id: 7h5elfc5aXuCnAatzhP71Jiag6_5DVeVnOEQVuBCxA4CbkT0qcYVbQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.257/bundles/pixels-release.js

GET
H2 200 2784414.js Show response
js.hs-banner.com/ 64 KB
16 KB 515ms
472ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2784414.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2784414.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c94f4fde5b3801bcbb526a7b2431c193cfaf1997a0b6b9d0ada5f231bf756862

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: S0RC4VA1C281GKNB
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: UfE1MuiWExTfMrv5eqq5lKKDYvEumd792Bw5Mh+vnetbh6jXuu0TdVSMY3i3UGF3GOdN8hKY6jo=
timing-allow-origin: *
last-modified: Fri, 05 Nov 2021 13:12:10 GMT
server: cloudflare
etag: W/"9f6ad16872f7a5ef73711c3e5f914627"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: X0jsqjD7l.bLViwuj_TqdGuNnt77hrAV
access-control-allow-origin: https://www.ontask.io
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6b65215fb8300f72-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Tue, 30 Nov 2021 15:37:47 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-160144-48&cid=779886947.1638286367&jid=92799169&gjid=297477289&_gid=723079944.1638286367&_u=YGBAiEABBAAAAE~&z=334728719

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ontask.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Nov 2021 15:32:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.ontask.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
7ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1079058570&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&ul=en-us&de=UTF-8&dt=Digitally%20Collect%20COVID%20Vaccine%20Records%20%26%20Test%20Results%20%7C%20OnTask&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=92799169&gjid=297477289&cid=779886947.1638286367&tid=UA-160144-48&_gid=723079944.1638286367&gtm=2wgba1NQQB22D&z=843221606

Requested by

Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 21:50:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63726
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0422.json Show response
script.crazyegg.com/pages/data-scripts/0104/ 101 KB
7 KB 68ms
31ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0104/0422.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0104/0422.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 716e6a11ff7f1c8175bd9740ab1d3f0578dff574344f667c90558feb63cda2d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5915
ce-version: 11.1.361
content-length: 6623
timing-allow-origin: *
last-modified: Tue, 30 Nov 2021 13:54:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6b65215fc8e259cb-MXP

GET
H3 200 1584208421898157 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 372ms
363ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1584208421898157?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

25968246119517cbffb88f00ac9ad1aa4131504126b40c4171f328cf3c53083e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: DdpGLVWu1eHkZmMaOsRnSXfCHSyrxjfVZYstCg6p/Nol11/ISCr0S6byvERLSHP2VX5SRWqVgutYzqY6J0LXpw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 30 Nov 2021 15:32:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-V1MRSM7THV&gtm=2oeba1&_p=1079058570&sr=1600x1200&ul=en-us&cid=779886947.1638286367&_s=1&dl=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&dt=Digitally%20Collect%20COVID%20Vaccine%20Records%20%26%20Test%20Results%20%7C%20OnTask&sid=1638286366&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V1MRSM7THV&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ontask.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:32:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ontask.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=55176&time=1638286366671&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D55176%26time%3D1638286366671%26url%3Dhttps%253A%252F%252Fwww.ontask.io%252Ftracki...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=55176&time=1638286366671&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=55176&time=1638286366671&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&liSync=true&e_ipv6=AQLGlibzJ6RYLwAAAX1xehqg-MgkK...

0
156 B

338ms
143ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=55176&time=1638286366671&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&liSync=true&e_ipv6=AQLGlibzJ6RYLwAAAX1xehqg-MgkKklAjBluTxdA03K67NYGMs26ulBT1Mm4CKJX7jWsktkgVA
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:47 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: T0aje8VcvBYgJY+JCCsAAA==

Redirect headers

date: Tue, 30 Nov 2021 15:32:47 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=55176&time=1638286366671&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&liSync=true&e_ipv6=AQLGlibzJ6RYLwAAAX1xehqg-MgkKklAjBluTxdA03K67NYGMs26ulBT1Mm4CKJX7jWsktkgVA
x-li-proto: http/2
x-li-pop: prod-ltx1
content-length: 0
x-li-uuid: Zg/OZ8VcvBaAocldHSsAAA==

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
675 B 195ms
178ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5gul&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=cd084aa7-f472-475c-bdbe-d9c6bf0164b9&tw_document_href=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 170
pragma: no-cache
last-modified: Tue, 30 Nov 2021 15:32:46 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6587b2674dc34468a1c13899897871f5c3e28a255d586608feda618fb1e820ce
x-transaction: 3b3f498e99cc1e22
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
471 B 197ms
179ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5gul&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=cd084aa7-f472-475c-bdbe-d9c6bf0164b9&tw_document_href=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records

Requested by

Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 172
pragma: no-cache
last-modified: Tue, 30 Nov 2021 15:32:46 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e5d62235a4af371e761bbdcc6ac2e047b1e3698532a68d6e56f543a93d169d0d
x-transaction: 4dece9e7bd05fd22
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 modules.376dac12c7cbd03331c3.js Show response
script.hotjar.com/ 226 KB
60 KB 24ms
8ms Script
application/javascript 18.66.112.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.376dac12c7cbd03331c3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2447991.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 615940
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60634
access-control-allow-origin: *
last-modified: Tue, 23 Nov 2021 12:26:27 GMT
etag: "a104d8caba37d824b6eacd90ef7757da"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ckA2zx1YdaWeAWyw84UCdcSn8rl1zcbNn26ZIPkkUaNejRZo2KdrSg==

GET
H2 204 25031006.js Show response
bat.bing.com/p/action/ 0
134 B 232ms
232ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/25031006.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 30 Nov 2021 15:32:46 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2BADA1689EB945159C881ACC8370E961 Ref B: FRAEDGE1518 Ref C: 2021-11-30T15:32:46Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
151 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25031006&tm=gtm002&Ver=2&mid=13a887d6-1c3a-4abc-bb94-ecd33097c4c4&sid=c4c65e7051f211eca26af96844d2ae2c&vid=c4c6987051f211ecade603fc682f2c74&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Digitally%20Collect%20COVID%20Vaccine%20Records%20%26%20Test%20Results%20%7C%20OnTask&p=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&r=&lt=2541&evt=pageLoad&msclkid=N&sv=1&rn=220831
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:32:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CDE1C8E2F48D4B7FA1496DA3F9BD6782 Ref B: FRAEDGE1518 Ref C: 2021-11-30T15:32:46Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
3 KB 774ms
615ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=2784414&conversations-embed=static-1.9408&mobile=false&messagesUtk=fa2340d63d354d498c08f6b496a4b48f&traceId=fa2340d63d354d498c08f6b496a4b48f

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1c3278b7f0b66032b7c7caa36a1fdf5173fc29e890e946d46c8ab010f835158

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.ontask.io/
Accept-Language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.ontask.io/tracking-covid-19-vaccination-records

Response headers

date: Tue, 30 Nov 2021 15:32:47 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 000fa393-612d-40dc-b117-b1f612f7868a
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1434
server: cloudflare
x-trace: 2B83562FAC0C65D85CE60055E8610C181F16559FE6000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUg9yGyE%2B9GMA1AnnPleVlv%2BgupjuCO4g7ow8IGzmcMUFirweAp1VsLIBsY1YTmW2Bn7c5sUwE7ZLkkVBUiwreU4baTdN6C0CvtRYv%2BLRdRvO12dmn%2B1txVAM%2B8OOjvs8psE3U4B91gcuccNUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ontask.io
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 6b6521628a320e12-MXP
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 247ms
208ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://www.ontask.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 6b6521603f8b3745-MXP
access-control-allow-origin: https://www.ontask.io
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: 5f334fa1-e79c-47d6-bc4f-7ba81d719959
x-trace: 2B152EA9334791BCF8CCB1D1595A92E00256ABD37E000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3POcyGPvQX43k0V6Q7v4bDXJQpV66NvWwUs3Xcxv5JO%2BSlVYQK9fCntB4TAKd2Jb9WDK9zAwbYiL%2BZS%2Fq%2B%2F4JKoBAJEPUgFMkO2jeHZ2c6PI2mHt19PG9nPom8sUBrgIP0%2BLqvPtCbc1FfizWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 1404ms
1378ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-160144-48&cid=779886947.1638286367&jid=92799169&_u=YGBAiEABBAAAAE~&z=1715117512

Requested by

Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:32:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 292ms
266ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-160144-48&cid=779886947.1638286367&jid=92799169&_u=YGBAiEABBAAAAE~&z=1715117512

Requested by

Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:32:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11.1.361.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 69 KB
22 KB 18ms
18ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.361.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0104/0422.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b01a61def7571cb496c04a29c430236325c6bcd29332a66b88b5511763c20e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Nov 2021 18:50:30 GMT
server: cloudflare
age: 5928
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 6b65215ffc4b691b-FRA
content-length: 22856

GET
H2 200 box-ad575b5823df97fc9725e14a57070642.html Show response
vars.hotjar.com/ Frame BFD8 2 KB
1 KB 26ms
7ms Document
text/html 18.66.139.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2447991.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/

Response headers

content-type: text/html
content-length: 1050
date: Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified: Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: wwnDonEJoE3DcK_BH_g-xSYgJtylqqgalDHQi6k6vrS7GhIZCc-coQ==
age: 1225000

GET
H2 200 0422.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0104/ 6 KB
1 KB 29ms
29ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0104/0422.json?t=455079
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.361.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7139339d79a0007eab3923d9be94b1573d2f16d56d863d6c8b16f177bc5c06a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 68
ce-version: 11.1.361
content-length: 1238
timing-allow-origin: *
last-modified: Tue, 30 Nov 2021 15:31:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6b6521602a3c59cb-MXP

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
418 B 30ms
8ms XHR
binary/octet-stream 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.361.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 4265471
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: mWEi6AvqZZ5M8JbR2uuz_4utc-ldmGdCkdeKsB4jjxrr0crtj1GVZg==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
419 B 27ms
9ms XHR
binary/octet-stream 18.66.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.361.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 4265471
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 19
x-amz-cf-id: qzPy-pbVe-0Aj5gJvmzR5s7MzzKPswODkM9lsWjP9LihecqNxbP8mA==

GET
BLOB 200
OK a99b9577-a908-4c65-9d68-d71b1376db5f
https://www.ontask.io/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ontask.io/a99b9577-a908-4c65-9d68-d71b1376db5f
Requested by: Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68c3532442a503d298666c3642cf13b54a841f302565ea0c8939771a9375497a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 62 B
572 B 30ms
30ms Script
application/javascript 54.229.143.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=81430&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&pv=1638286366897_sxqoa41b3&bl=en-us&cb=4590968&return=&ht=&d=&dc=&si=1638286366897_sxqoa41b3&cid=57e5ff34-8d51-4728-9ac9-b66cbcdda8a1&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?3010
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.143.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-143-145.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 15:32:46 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
H2 200 clock Show response
tracking.crazyegg.com/ 26 B
133 B 231ms
39ms XHR
text/plain 34.249.212.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1638286366927
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.361.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.212.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-212-247.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 51d9b3957cd09ea13f6d6b492f37e16cc8ec0337cab6d91b7b802472aac53cb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 30 Nov 2021 15:32:47 GMT
cache-control: no-store
server: awselb/2.0
content-length: 26
content-type: text/plain

GET
H3 200 601139690305811 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 113ms
113ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/601139690305811?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ad53fc9555fa7458ac5416b2d80fb377175faa0642aeb4a4c0a40c9b77d09900

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: hN/cndgdpwSgktEaqou1mYN9WfFluAbpw4l1vNAAIqEMYgWJRouhgwoVV/KsrROcUUPbHCg8gosX0vqe+Y2dyQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 30 Nov 2021 15:32:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 25ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1584208421898157&ev=PageView&dl=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&rl=&if=false&ts=1638286367121&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638286367120.1551153698&it=1638286366647&coo=false&rqm=GET

Requested by

Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 30 Nov 2021 15:32:47 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 19ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=601139690305811&ev=PageView&dl=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&rl=&if=false&ts=1638286367250&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1638286367120.1551153698&it=1638286366647&coo=false&rqm=GET

Requested by

Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 30 Nov 2021 15:32:47 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 1C08 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.ontask.io
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.ontask.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 30 Nov 2021 15:32:47 GMT

GET
H2 200 fa2340d63d354d498c08f6b496a4b48f Show response
app.hubspot.com/conversations-visitor/2784414/threads/utk/ Frame E3C7 45 KB
17 KB 220ms
182ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/2784414/threads/utk/fa2340d63d354d498c08f6b496a4b48f?uuid=a97d792216e54fd09a47eb757e7f8653&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=ontask.io&inApp53=false&messagesUtk=fa2340d63d354d498c08f6b496a4b48f&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7bb5707ec686adb527ec9da645a262275d52bee1147c4c4145e9bcb42c0bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/

Response headers

date: Tue, 30 Nov 2021 15:32:47 GMT
content-type: text/html; charset=utf-8
cf-ray: 6b652166ac1a375e-MXP
age: 3407
cache-control: max-age=600
etag: W/"acb9ae9bda57b777c32a6d45a3ab7562"
last-modified: Wed, 17 Nov 2021 02:12:24 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 e418fd5667de46c635f0321ea814c2e1.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hs-analytics.net *.hsappstatic.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com js.hubspotfeedback.com *.usemessages.com js.hubspot.com js.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net *.google-analytics.com static.hotjar.com script.hotjar.com www.googletagmanager.com *.fullstory.com fullstory.com *.convertexperiments.com cdn.pdst.fm d.impactradius-event.com cdn.getambassador.com mbsy.co pixel.cdnwidget.com snap.licdn.com connect.facebook.net js.stripe.com checkout.stripe.com survey.survicate.com surveys-static.survicate.com sdk.canva.com www.dropbox.com www.google.com www.gstatic.com apis.google.com maps.googleapis.com www.googleadservices.com tpc.googlesyndication.com googleads.g.doubleclick.net static.ads-twitter.com analytics.twitter.com play.vidyard.com app.vidyard.com fast.wistia.com fast.wistia.net s.yimg.jp www.redditstatic.com data: 'unsafe-inline' 'unsafe-eval'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.11861/html/index.html&cfRay=6b652166ac1a375e&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F2784414%2Fthreads%2Futk%2Ffa2340d63d354d498c08f6b496a4b48f%3Fuuid%3Da97d792216e54fd09a47eb757e7f8653%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dontask.io%26inApp53%3Dfalse%26messagesUtk%3Dfa2340d63d354d498c08f6b496a4b48f%26url%3Dhttps%253A%252F%252Fwww.ontask.io%252Ftracking-covid-19-vaccination-records%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fwww.ontask.io%2F&cfenv=prod&csp=ro
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
x-amz-cf-id: 2cX6QxzuIaZzdynd0Wpe35Wc5uOiF3dSxXfIUfXAER1gdNWz6Qabvg==
x-amz-cf-pop: IAD89-P1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: xkzXmpNk8cdRcT9Qo7eTJpPCHYrCJMQM
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-worker-debug-mode: false
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 68A9 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.ontask.io
URL: https://www.ontask.io/tracking-covid-19-vaccination-records

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.ontask.io
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.ontask.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 30 Nov 2021 15:32:47 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.156/ Frame E3C7 44 KB
16 KB 41ms
22ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.156/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/2784414/threads/utk/fa2340d63d354d498c08f6b496a4b48f?uuid=a97d792216e54fd09a47eb757e7f8653&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=ontask.io&inApp53=false&messagesUtk=fa2340d63d354d498c08f6b496a4b48f&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a4651c562bac53f6d33b1d8093551a818571a6b595304ba4813bc7b5d503783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 764956
x-amz-server-side-encryption: AES256
cf-ray: 6b652167fddd4ab5-FRA
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 12 Aug 2021 03:52:03 GMT
server: cloudflare
etag: W/"92f1fce5bc1b104818f7bb3259fa0317"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7juK%2F0GqyzGrU%2FJvv0UmboO6y%2FMrggGGdQPSYbUtbXVl%2Fv5rmA67o2qRjq1%2F%2FlBQLDzUIIIWzdKhr8GAgMX7ySM5pU5%2BkuNLcO5%2BUs1%2FpkkBV9%2B0OesnXBgxeKOV0IkmryoSF1NRN4yT%2BiSQ4cmqU12J0s%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: jswq3j2Kf9rTWaLEvxg.3d09mCkFqVly
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: JaVqUhwGQ3zee52qDkYoK1quNTJP4658Jg-eMEq9CNMbC2Ox2Ci72w==
expires: Wed, 30 Nov 2022 15:32:48 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/ Frame E3C7 20 KB
5 KB 87ms
37ms Stylesheet
text/css 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
via: 1.1 8279bca1d4905f7589e8a8f7d09741dc.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1207975
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: PENDING
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 19:50:41 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yrk9JLi%2FYxMcbVY75m4osmQAJeIyXFGV%2B84FmWSPW0ToHAQF3LB71%2BG0f9iig7Y6676g%2FiFmjFYvaNNiowlofp0JJgnXqkCMl6remPGZb1eaG9wq4dDZkol1%2F5GncL84fuQTNAlBJEZyB1CFpp1Ex%2FfIV9E%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LgyvJN0nZOCplqIYlCYJJ1cibXdW_3K_
cache-control: public, max-age=31536000
x-amz-cf-pop: MXP64-C3
cf-ray: 6b6521682cd03745-MXP
x-amz-cf-id: 2hRUcy8qtf5KpsAetIJv-Ma0jJu-CLh-Hh_7IKTj-5PO4fAL1Hn9PQ==
expires: Wed, 30 Nov 2022 15:32:48 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.182/ Frame E3C7 292 KB
92 KB 43ms
24ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.182/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3085916259c4ca5f755ab7ba059660e86c2955b0afc2917a41c7c63cd438eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
via: 1.1 d2322e4264977966de69a888b2e0eba9.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1207459
x-amz-server-side-encryption: AES256
cf-ray: 6b652167fde14ab5-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 13:53:17 GMT
server: cloudflare
etag: W/"0afaba444335db3b8513bf83d521d7ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5%2BDSjpFFHI0aAfNnHDhBXBaB0HbScwxlsFteAYc%2FLI5aP5qj%2FcawGPFfBG%2BaUYtfzTk1pgxtttshSlmtGmECXuU38d7AC0Ys1%2F3PJpePZrveYBHSCFaEYUXpJ0DgNdvEBAvy1wU7856GisSgA7u6u0GowA%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 7xYxyuYcj.ZgnEi8rBB5MbNifIpwLqcW
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS54-C1
content-type: application/javascript
x-amz-cf-id: Kk81tbOJEm5vizDF5e_3q59kd4dq6gTHcNumUUsDqQ350-2cnibq3A==
expires: Wed, 30 Nov 2022 15:32:48 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11861/bundles/ Frame E3C7 536 KB
150 KB 50ms
31ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11861/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a6cc45e9f34ebf764524c81e0e3bd251a2e7f11b258bb078afcde63dd7f504f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1128017
x-amz-server-side-encryption: AES256
cf-ray: 6b652167fde34ab5-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 14:06:24 GMT
server: cloudflare
etag: W/"3df24a716baa583e884d155670d99b72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjNA%2BiV%2FPxXMv5C%2BDUoMYb%2Bv%2FWNJ87B%2FOcN7FVeSPUdtPOnph1ZVTJFlyleMlJF5sjV5Fh525z%2BBpO6sjvw1DGLV2KztnsVQKizb7ZPStY6h5c%2Fl%2FM4VhOyswWWaTc2KoIKwt42VwYgKFHrivH7FuJT4f4E%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: sGJd3UZxMmahhImbsCrHtotiGI.iPne4
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: nJCBHruWAIjSBYpjopjp1lea83ncIsOsUvOFuQIlmYDKZ_SXLF2OmQ==
expires: Wed, 30 Nov 2022 15:32:48 GMT

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/ Frame E3C7 776 B
1 KB 41ms
27ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11843/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.11861/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c500c5d24d202d63c5d98deb47911b262f60a819a813b70743170b5c3140fbfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
via: 1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1207974
x-amz-server-side-encryption: AES256
cf-ray: 6b652168dd792c26-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 19:50:40 GMT
server: cloudflare
etag: W/"7a4613eceda8b6851728fb8a43f7c942"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3dOys6jp9YoWAz1mUhxDUDA779pi37KZXnounJqg6g4AhY%2FjvdjoOflXs74UsnzrstOBR4xxw25g%2FI5CeECvDCUyhLWMYdRtHn%2Fl6LhWImrsx1HgQDzaeIh8M1SrLzGgakXQG1fhAiFMn4q0vZL5H5n2Qw%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: xHspCJB3es1m.pY6VgNnAeUho_H3l3Kq
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: CDrZKGmjf7NWHZuhJNxiRwPCz9Vr54hmGZcMjaMGlisaKXu_yAzMPA==
expires: Wed, 30 Nov 2022 15:32:48 GMT

GET
H2 200 p Show response
i.simpli.fi/ 746 B
1 KB 28ms
20ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=264354&cb=sifi_att_42656._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/73130190-5a66-0138-f6e6-06a9ed4ca31b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

b15b39492556816c007511a9b4f6bdd8a9f92c3fcc91fd6a023b433de62d3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
536 B 152ms
152ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=808429732&v=1.1&a=2784414&pu=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&t=Digitally+Collect+COVID+Vaccine+Records+%26+Test+Results+%7C+OnTask&cts=1638286368188&vi=a598663a58e080ddf51201ca6ce209f2&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: bda3be1c-8b13-4e40-aa61-c9d6fd56fdbc
cf-ray: 6b6521693add375e-MXP
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBUK1RD20Zu%2BiOuzQjtfmuCEK%2BR0lVw%2BmkFlmxeBeqcqR7kUreLawgJd%2Bc2l5WmfLlMFln873yST2OdbZc2216ualEmVluBb7crdavLOizKM1z7Mro2de520G%2BXmwpM%2BbpDgaWhbVVyLt5Z4eAU8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 67 B
941 B 210ms
172ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=2784414

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c55a400e1b0d7fbd7883e37fef38ba4ce9504e4863f4c33595df2e6f4a4434e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 40e82d66-5045-4983-9d31-5c1a52069add
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-trace: 2B3A30F7D83511FCCA40973DB0B6C9AA42BFF7BE58000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yga0O0XX5x%2FNN92TtCiVGYU5fmI6fznvz0ekUqLduS4HVyMx5IVX%2FDp86q3zhs0xWTHNnqjMkty30%2FECLAHl0NzHaYZ9YaTMn1tNzhhU5ypdcumb%2FRrCHob%2F3f86iy6Go3U0rMcD6fS29fSt"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ontask.io
access-control-allow-credentials: false
cf-ray: 6b65216978900e06-MXP
access-control-allow-headers: *

POST
H3 204 rhumb
api.hubspot.com/cartographer/v1/ Frame E3C7 0
1 KB 268ms
238ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.11861

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.11861/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e5ec7327-7b24-465c-bd2b-35167cec6b2c
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNM47lHrZIKP5Q8O276AhW06KCKxv8MabA5l2QTbrgfO24RiZFlgwUFaaigCkLi5l5RHmIjbBkNq9cCgEn5z04mlXDh1DYxbujxLd19KHZNt%2B1fKi3EqgD88NxIVOfVEnc%2F3VP%2B7ABWZI56USA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 6b652169b9050f7a-MXP
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

GET
H3 200 welcomeMessages Show response
api.hubspot.com/livechat-public/v1/bots/public/bot/390864/ Frame E3C7 569 B
1 KB 259ms
239ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/bots/public/bot/390864/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.11861&conversations-visitor-ui=static-1.11861&traceId=fa2340d63d354d498c08f6b496a4b48f&sessionId=AMOaWbJMM78TIPD28pXbJ-iORA5jvBdutR2bE532a0RkGeiR2QpZN4Sm855BGwg2SRaMSd932tRNVE8YX79jLSeJZWiJKok0P1ykV99iQzfauiW4SZlaAnosJVo-6o2nQ8NbnaUcCotB02tBVv9Ht-lAPoxMIkziSFMwfuddyJduLDCGu_DbYuc

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.156/bundle.production.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e3872f57c4a7faadc3bedd6f15fe5627d9c364ff3da8d67ac33219ca55f0c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 654569fb-1711-4eb8-8c77-3ea9f7beee99
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
x-trace: 2B5E4064810930E8CA806A0EFB4ACAA7D0FED78C4B000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7a3Zx9a0M50u9i1zVwIaJMKA7zPV8MXQ2yt7sFSVSVDZXCc15M%2BTV7kwVbbd41bc4AirPmp6jO%2FsZkEcdf%2FfxKj%2F29mn0yoYMxjvFiYxgwbyO%2BxrUtS95dFS3hOrFVTK01Hr2UP9Te4sgJ%2FGlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 6b652169b9110f7a-MXP
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=4D98CDAAF93A491CBF4E568533C4EE52

43 B
183 B

294ms
97ms

Image
image/gif

2600:1f18:612b:4264:e8c6:2f28:702a:f217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=4D98CDAAF93A491CBF4E568533C4EE52
Protocol: H2
Server: 2600:1f18:612b:4264:e8c6:2f28:702a:f217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=4D98CDAAF93A491CBF4E568533C4EE52
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Nov 2021 15:32:48 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=4D98CDAAF93A491CBF4E568533C4EE52
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=4D98CDAAF93A491CBF4E568533C4EE52

95 B
425 B

15ms
15ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=4D98CDAAF93A491CBF4E568533C4EE52

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=4D98CDAAF93A491CBF4E568533C4EE52
date: Tue, 30 Nov 2021 15:32:48 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=4D98CDAAF93A491CBF4E568533C4EE52
https://d.agkn.com/pixel/10751/?che=1638286368&ip=193.27.14.24&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164951003986000306291
https://um.simpli.fi/aa_px?sk=164951003986000306291

43 B
367 B

30ms
30ms

Image
image/gif

159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164951003986000306291

Protocol

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 15:32:47 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164951003986000306291
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 nexage
um.simpli.fi/ 43 B
415 B 75ms
21ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 29 Nov 2021 15:32:48 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4D98CDAAF93A491CBF4E568533C4EE52

0
0

66ms
6ms

Image
text/html

52.222.214.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4D98CDAAF93A491CBF4E568533C4EE52
Protocol: H2
Server: 52.222.214.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-69.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4D98CDAAF93A491CBF4E568533C4EE52
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Nov 2021 15:32:48 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
415 B 75ms
22ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 29 Nov 2021 15:32:48 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
415 B 20ms
18ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 29 Nov 2021 15:32:48 GMT

GET
H2

451

400646.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=4D98CDAAF93A491CBF4E568533C4EE52;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=4D98CDAAF93A491CBF4E568533C4EE52;mimetype=img;sr
https://idsync.rlcdn.com/400646.gif?partner_uid=-3465786612289222976

0
42 B

15ms
15ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400646.gif?partner_uid=-3465786612289222976
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:32:47 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://idsync.rlcdn.com/400646.gif?partner_uid=-3465786612289222976
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=4D98CDAAF93A491CBF4E568533C4EE52&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=4D98CDAAF93A491CBF4E568533C4EE52&j=0&xl8blockcheck=1

0
751 B

8ms
8ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=4D98CDAAF93A491CBF4E568533C4EE52&j=0&xl8blockcheck=1
Protocol: H2
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Tue, 30 Nov 2021 15:32:48 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=4D98CDAAF93A491CBF4E568533C4EE52&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
415 B 21ms
19ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 29 Nov 2021 15:32:48 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=4D98CDAAF93A491CBF4E568533C4EE52

0
421 B

394ms
98ms

Image
text/plain

3.225.136.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=4D98CDAAF93A491CBF4E568533C4EE52
Protocol: HTTP/1.1
Server: 3.225.136.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-136-82.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 30 Nov 2021 15:32:48 GMT

Redirect headers

date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=4D98CDAAF93A491CBF4E568533C4EE52
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Nov 2021 15:32:48 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=4D98CDAAF93A491CBF4E568533C4EE52

62 B
745 B

231ms
171ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=4D98CDAAF93A491CBF4E568533C4EE52
Protocol: HTTP/1.1
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 15:32:48 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: d424
Content-Type: image/gif

Redirect headers

date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=4D98CDAAF93A491CBF4E568533C4EE52
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Nov 2021 15:32:48 GMT

GET
H2

200

tpid=4D98CDAAF93A491CBF4E568533C4EE52
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=4D98CDAAF93A491CBF4E568533C4EE52
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=4D98CDAAF93A491CBF4E568533C4EE52

49 B
735 B

43ms
43ms

Image
image/gif

52.17.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=4D98CDAAF93A491CBF4E568533C4EE52
Protocol: H2
Server: 52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:32:48 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.15.55
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:32:48 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=4D98CDAAF93A491CBF4E568533C4EE52
cache-control: no-cache
x-server: 10.45.4.89
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=4D98CDAAF93A491CBF4E568533C4EE52

0
348 B

44ms
14ms

Image
text/plain

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=4D98CDAAF93A491CBF4E568533C4EE52
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 15:32:48 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=4D98CDAAF93A491CBF4E568533C4EE52
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Nov 2021 15:32:48 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=4D98CDAAF93A491CBF4E568533C4EE52

0
66 B

38ms
15ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=4D98CDAAF93A491CBF4E568533C4EE52
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=4D98CDAAF93A491CBF4E568533C4EE52
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Nov 2021 15:32:48 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1638286368194&cv=7&fst=1638286368194&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=147618033&cv=7&fst=1638286368194&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
https://www.google.com/pagead/1p-conversion/1026675585/?random=147618033&cv=7&fst=1638286368194&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
https://www.google.de/pagead/1p-conversion/1026675585/?random=147618033&cv=7&fst=1638286368194&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...

42 B
64 B

41ms
23ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=147618033&cv=7&fst=1638286368194&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=IESmYb2xEbamx_AP0aqueA&random=1913941426&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=147618033&cv=7&fst=1638286368194&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=IESmYb2xEbamx_AP0aqueA&random=1913941426&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=4D98CDAAF93A491CBF4E568533C4EE52
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=4D98CDAAF93A491CBF4E568533C4EE52&__user_check__=1&sync_id=c5cc2aaa-51f2-11ec-ad78-19bfd3920106

43 B
548 B

17ms
17ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=4D98CDAAF93A491CBF4E568533C4EE52&__user_check__=1&sync_id=c5cc2aaa-51f2-11ec-ad78-19bfd3920106
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 15:32:48 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 89
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 30 Nov 2021 15:32:48 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=4D98CDAAF93A491CBF4E568533C4EE52&__user_check__=1&sync_id=c5cc2aaa-51f2-11ec-ad78-19bfd3920106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 52
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=4D98CDAAF93A491CBF4E568533C4EE52
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D4D98CDAAF93A491CBF4E568533C4EE52

43 B
1 KB

14ms
14ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D4D98CDAAF93A491CBF4E568533C4EE52

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 15:32:48 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9bf07690-2a07-427e-9a6c-1b8c2af2dded
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 15:32:48 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 265259f9-4d43-470f-9431-a1178555fad7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D4D98CDAAF93A491CBF4E568533C4EE52
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4D98CDAAF93A491CBF4E568533C4EE52&expires=365

0
239 B

32ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4D98CDAAF93A491CBF4E568533C4EE52&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4D98CDAAF93A491CBF4E568533C4EE52&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Nov 2021 15:32:48 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=4D98CDAAF93A491CBF4E568533C4EE52

43 B
275 B

32ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=4D98CDAAF93A491CBF4E568533C4EE52
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:32:48 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=4D98CDAAF93A491CBF4E568533C4EE52
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 29 Nov 2021 15:32:48 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEGQV18682MsJgvgyXAvvjKo&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4D98CDAAF93A491CBF4E568533C4EE52
https://um.simpli.fi/g_match?id=

0
326 B

19ms
18ms

Image
text/plain

159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 29 Nov 2021 15:32:48 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:32:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
50 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-859487825

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8401ffd492fea89b706c26f39542510c83a198bf72a41de5060bf39682c35957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50873
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Nov 2021 15:32:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
50 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-859487825&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQQB22D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

973cdc89e800762dbfc97601a98eee4cac1015b68695effd4ed73def608dcf18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50833
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Nov 2021 15:32:48 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 41ms
24ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-859487825&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14378
x-xss-protection: 0
server: cafe
etag: 684346926396516684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Nov 2021 15:32:48 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859487825/ 2 KB
1 KB 40ms
24ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859487825/?random=1638286368486&cv=9&fst=1638286368486&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&tiba=Digitally%20Collect%20COVID%20Vaccine%20Records%20%26%20Test%20Results%20%7C%20OnTask&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e68cdbfcabe4dc275f7d919a7552180265485ccdba2d94892ea5faf5e8ec6af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1088
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/859487825/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859487825/?random=1638286368486&cv=9&fst=1638284400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&tiba=Digitally%20Collect%20COVID%20Vaccine%20Records%20%26%20Test%20Results%20%7C%20OnTask&async=1&fmt=3&is_vtc=1&random=1546788725&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/859487825/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859487825/?random=1638286368486&cv=9&fst=1638284400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ontask.io%2Ftracking-covid-19-vaccination-records&tiba=Digitally%20Collect%20COVID%20Vaccine%20Records%20%26%20Test%20Results%20%7C%20OnTask&async=1&fmt=3&is_vtc=1&random=1546788725&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ontask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 15:32:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
t.ms00.net/s	1969-12-31 23:59:59	Name: wtIDS Value: 3ql.19grj.1.7xhyi.362hr
t.ms00.net/s	1970-01-20 00:31:10	Name: wtIDV Value: 3ql.19grj.1.7xhyi.362hr
.ontask.io/	1970-01-20 01:14:22	Name: _gcl_au Value: 1.1.269607047.1638286367
.bing.com/	1970-01-20 08:26:22	Name: MUID Value: 287DB96D5C32654439C8A9925D596400
.ontask.io/	1970-01-19 23:06:12	Name: _gid Value: GA1.2.723079944.1638286367
.ontask.io/	1970-01-19 23:04:46	Name: _dc_gtm_UA-160144-48 Value: 1
.simpli.fi/	1970-01-20 07:51:48	Name: suid Value: 4D98CDAAF93A491CBF4E568533C4EE52
.ontask.io/	1970-01-20 16:35:58	Name: _ga_V1MRSM7THV Value: GS1.1.1638286366.1.0.1638286366.0
.ontask.io/	1970-01-20 16:35:58	Name: _ga Value: GA1.1.779886947.1638286367
.ontask.io/	1970-01-19 23:06:12	Name: _uetsid Value: c4c65e7051f211eca26af96844d2ae2c
.ontask.io/	1970-01-20 08:26:22	Name: _uetvid Value: c4c6987051f211ecade603fc682f2c74
.twitter.com/	1970-01-20 16:35:58	Name: personalization_id Value: "v1_VKgiQcyLwaTvemEoNfgIwA=="
.ontask.io/	1970-01-20 07:50:22	Name: _hjSessionUser_2447991 Value: eyJpZCI6ImM1ZWViNjM3LTczYWMtNWU5MS04NTc5LTFlZWVhNmI1ZDM4NCIsImNyZWF0ZWQiOjE2MzgyODYzNjY3MjgsImV4aXN0aW5nIjpmYWxzZX0=
.ontask.io/	1970-01-19 23:04:48	Name: _hjFirstSeen Value: 1
.ontask.io/	1970-01-19 23:04:48	Name: _hjSession_2447991 Value: eyJpZCI6IjVlYjkyZTAyLWQ5ZTAtNDVhNi1hNWMwLWY4ZTk2NDVhMzc4OCIsImNyZWF0ZWQiOjE2MzgyODYzNjY5MTF9
www.ontask.io/	1970-01-19 23:04:46	Name: _hjIncludedInSessionSample Value: 0
.ontask.io/	1970-01-19 23:04:48	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1970-01-19 23:47:58	Name: UserMatchHistory Value: AQIDOAU-AFmz8wAAAX1xehkaeX0av4jz-wS_1-JGPKjOMEaqQRlZgbd_4jnNx-kf-YqbYFusOJ1kIw
.linkedin.com/	1970-01-19 23:47:58	Name: AnalyticsSyncHistory Value: AQI8Y6sf_VhC4QAAAX1xehkazWnGaeSJIzfHgPhiRzzNV_o_hfX2nQB8jgQl5BD1KYGwSffXYNtDdjO13TZBNA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:36:40	Name: bcookie Value: "v=2&0bf7e6a1-4478-42e8-88a6-7bd2922182b9"
.linkedin.com/	1970-01-19 23:06:12	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2587:u=1:x=1:i=1638286367:t=1638372767:v=2:sig=AQF-YlD6j1kYFt2fahHI1YQ_GsqBvHkU"
.ontask.io/	1970-01-20 01:14:22	Name: _fbp Value: fb.1.1638286367120.1551153698
.facebook.com/	1970-01-20 01:14:22	Name: fr Value: 0puyCP9pOqs2xeNo2..BhpkQf...1.0.BhpkQf.
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:36:40	Name: bscookie Value: "v=1&2021113015324793ac87ff-b363-4e15-818d-3f29fb3829e3AQF951bJh6EgvtYkGz52KvUMwGzHJ54m"
.linkedin.com/	1970-01-20 16:20:37	Name: li_gc Value: MTswOzE2MzgyODYzNjc7MjswMjHkfcysDWgeIf4AsefuzLNuX8BAZyNHxLlASl5f9A4+cQ==
.hubspot.com/	1970-01-19 23:04:48	Name: __cf_bm Value: q4FsypYRcMK2z_Jh6.Ium9lTvbVIToNlhkivOy54dks-1638286367-0-ARz5Xq0qrWN/lbikze8OSpEm+GpWoB2+AI0KyYDBFFjrYev6DgfuvdpUUdq/b/Vc63c0Vgzh5W9aICy30SqbIGg=
.ontask.io/	1970-01-20 08:26:22	Name: __hstc Value: 120700375.a598663a58e080ddf51201ca6ce209f2.1638286368186.1638286368186.1638286368186.1
.ontask.io/	1970-01-20 08:26:22	Name: hubspotutk Value: a598663a58e080ddf51201ca6ce209f2
.ontask.io/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.ontask.io/	1970-01-19 23:04:48	Name: __hssc Value: 120700375.1.1638286368186
.simpli.fi/	1970-01-19 23:14:51	Name: uid_syncd_secure Value: true
.ontask.io/	1970-01-20 08:26:22	Name: messagesUtk Value: fa2340d63d354d498c08f6b496a4b48f
.doubleclick.net/	1970-01-20 08:26:22	Name: IDE Value: AHWqTUkEq8ahPekCT6RKyXaz2gWStyZ0dmqZOA4UZtUYgs1w6IikHfUnESdxbwmSPkg
.agkn.com/	1970-01-20 07:50:22	Name: ab Value: 0001%3A03tSdtDzeiLWVqAI6hr46ibQURU%2FgBaP
.tapad.com/	1970-01-20 00:31:10	Name: TapAd_TS Value: 1638286368363
.tapad.com/	1970-01-20 00:31:10	Name: TapAd_DID Value: dc13a9ef-2386-4367-a978-65abee106f27
.exelator.com/	1970-01-20 01:57:34	Name: EE Value: "c247228dee0d70ddfbc9010101960397"
.tapad.com/	1970-01-20 00:31:10	Name: TapAd_3WAY_SYNCS Value:
.exelator.com/	1970-01-20 01:57:34	Name: ud Value: "eJxrXxzq6XKLQSHZyMTcyMgiJTXVIMXcICUlLSnZ0sAQBC3NDIwtzReXpRYtWFpanJqSdGhJRU5JTtPqsvhQx3g3R19Pn8hlzhlF%252BbmpK8BCYa5BiyzNluQXZaYvcnFdXJSSxrCopPhU8L4dewFiKSo0"
.adnxs.com/	1970-01-20 01:14:22	Name: uuid2 Value: 6456390293903774113
.adnxs.com/	1970-01-20 01:14:22	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2E>0dTYLz!]tbPl1N!7On*M$=BWUhidfaZiJ%7jk`:]hi.UShe:@EbdYV8okz5Jpj7@y8f6:oN%(2K:$doS]%6lNTLpYw2
.spotxchange.com/	1970-01-20 07:50:26	Name: audience Value: c5cc2a34-51f2-11ec-ad78-19bfd3920106
.agkn.com/	1970-01-20 07:50:22	Name: u Value: C\|0AAAAAAAAKTkAoAAAAAAA
.pro-market.net/	1970-01-20 03:23:58	Name: anProfile Value: "-qbxithnqfwow+1+1f=1+1g=1+1j=41+rs=s+rt=20010AC800200302000000000000202E+s2=(r3e5uo)+vm=24-4D98CDAAF93A491CBF4E568533C4EE52"
.pro-market.net/	1970-01-19 23:47:58	Name: anHistory Value: "-qbxithnqfwow+2+!#7%/%g!ap4"
.crwdcntrl.net/	1970-01-20 05:33:32	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:33:32	Name: _cc_id Value: 925f78b8406dd106fd440902f325080b
.crwdcntrl.net/	1970-01-20 05:33:34	Name: _cc_cc Value: "ACZ4XmNQsDQyTTO3SLIwMTBLSTE0MEtLMTExsDQwSjM2MjWwMEhiAILEZS4KIBoKADgkCYs%3D"
.crwdcntrl.net/	1970-01-20 05:33:34	Name: _cc_aud Value: "ABR4XmNgYGBIXOaiAKSgAAASXgFs"
.bluekai.com/	1970-01-20 03:23:58	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 03:23:58	Name: bkpa Value: KJpEnXTLu5DlLgx6BgEwEnWNzqs6zcjh5cupBcR6LEH657/pzEDNLp9NB7RtzUDNBx/9nR/n6Q==
.bluekai.com/	1970-01-20 03:23:58	Name: bku Value: blx99YOWoZaDwxz0
.bfmio.com/	1970-01-20 07:50:22	Name: __141_cid Value: 4D98CDAAF93A491CBF4E568533C4EE52
.bfmio.com/	1970-01-20 07:50:22	Name: __io_cid Value: 9651405095911236f917185432d53f98c7fe58fe

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=4D98CDAAF93A491CBF4E568533C4EE52 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4D98CDAAF93A491CBF4E568533C4EE52 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/400646.gif?partner_uid=-3465786612289222976 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://resources.ontask.io 'self'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ajax.googleapis.com
analytics.twitter.com
api.hubapi.com
api.hubspot.com
app.cdn.lookbookhq.com
app.hubspot.com
assets-tracking.crazyegg.com
bat.bing.com
bcp.crwdcntrl.net
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
jukebox.pathfactory.com
loadm.exelator.com
maxcdn.bootstrapcdn.com
ml314.com
pagestates-tracking.crazyegg.com
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
px4.ads.linkedin.com
s3.amazonaws.com
script.crazyegg.com
script.hotjar.com
simplifi.partners.tremorhub.com
snap.licdn.com
stackpath.bootstrapcdn.com
stags.bluekai.com
static.ads-twitter.com
static.hotjar.com
static.hsappstatic.net
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
t.co
t.ms00.net
tag.simpli.fi
track.hubspot.com
tracking.crazyegg.com
um.simpli.fi
us-u.openx.net
use.fontawesome.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
www.ontask.io
104.111.215.191
104.244.42.3
104.244.42.5
108.174.10.14
13.32.99.99
142.250.184.226
142.250.185.194
143.204.98.50
159.122.14.34
169.50.137.179
18.198.69.109
18.66.112.111
18.66.122.74
18.66.139.40
185.33.220.145
185.94.180.125
199.232.136.157
216.39.113.144
216.52.2.30
2600:1901:0:8eee::
2600:1f18:612b:4264:e8c6:2f28:702a:f217
2606:4700:3031::ac43:d645
2606:4700::6810:125e
2606:4700::6811:47b0
2606:4700::6811:73b0
2606:4700::6811:7d2
2606:4700::6811:cbcc
2606:4700::6811:d3cc
2606:4700::6811:efcc
2606:4700::6812:15bf
2606:4700::6812:bcf
2606:4700::6813:9308
2606:4700::6813:9a53
2620:119:50e8:101::9002:f05
2620:1ec:22::14
2620:1ec:c11::200
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::200a
2a00:1450:4001:813::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9d
2a02:26f0:6c00::210:ba0b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.125.86.125
3.225.136.82
34.237.215.97
34.249.212.247
34.98.64.218
35.156.157.11
35.227.248.159
35.244.174.68
52.17.84.146
52.217.203.184
52.222.214.69
52.222.236.99
54.158.26.53
54.229.143.145
69.173.144.165
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a4651c562bac53f6d33b1d8093551a818571a6b595304ba4813bc7b5d503783
1b31afdfd23628d9fb1118e31841278653c4ef36a6d0970c002d43e49b5d1856
1b9933aa8c6ee039457aedbdece2c1a00da19bb9ab8fbc7bf80e1d3df04ce0df
25968246119517cbffb88f00ac9ad1aa4131504126b40c4171f328cf3c53083e
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3b8a1bdbf9b65109d23feb32ae51a7847511d00f42119c5ec13c53041364dedf
3e68cdbfcabe4dc275f7d919a7552180265485ccdba2d94892ea5faf5e8ec6af
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4b01a61def7571cb496c04a29c430236325c6bcd29332a66b88b5511763c20e0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51d9b3957cd09ea13f6d6b492f37e16cc8ec0337cab6d91b7b802472aac53cb8
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
602b396aac1e53591157f2ecff0006af994da1548c2f1d0415fc811cd9cf8e5a
68c3532442a503d298666c3642cf13b54a841f302565ea0c8939771a9375497a
716e6a11ff7f1c8175bd9740ab1d3f0578dff574344f667c90558feb63cda2d2
743d1078206bf2a2eb38a32e795018e739313cdb4d40a74b67522d86921acf98
7512a7087a85565358e3f566a77f9975987794a68b083fd938f97a4c564bba4d
762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
7e3872f57c4a7faadc3bedd6f15fe5627d9c364ff3da8d67ac33219ca55f0c03
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
8028d05e3f85c8f5cf1d9a5429308ea0d3243978c7b5437eb406c3a37ed49b56
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
830fcab93c12b9ad2a820fed85e456077ed189a100a59b3080fd807d844eeef2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8401ffd492fea89b706c26f39542510c83a198bf72a41de5060bf39682c35957
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86367fdc9689103203f102657dd8b22a7266dc17d4e2953619ef1e99dfed8b3f
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b
9384fa73a2107bc7a484559bef06c04c60c5a53c0dc68a10c8e6fcb42952ddd6
973cdc89e800762dbfc97601a98eee4cac1015b68695effd4ed73def608dcf18
979fe6923baba80d43f717d3d34f2aa18c6050a6086cb867b1a78ebbe7e9bb50
9962304a1e62d8ebb8bc12d5f48a204cd532b57199d8ce3b66fdd4669281fc1c
9a6cc45e9f34ebf764524c81e0e3bd251a2e7f11b258bb078afcde63dd7f504f
9c55a400e1b0d7fbd7883e37fef38ba4ce9504e4863f4c33595df2e6f4a4434e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1790a7910ec2ecb48fd04ea34066eb3848b0b25fd58ba901583ef0ce447dfa8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4bdd02e104fabea190b919e2a8b89f420cae403d16ace305c07d2f45707081d
a62d453f20fe48150da4b9e78833187e5c8b583378a7dbeb9bf0658aa15cb785
a7139339d79a0007eab3923d9be94b1573d2f16d56d863d6c8b16f177bc5c06a
a83ec1379fc2ea640e8cad64de25ae90b6c50b4e14789b7aca3bcc67dc0782b7
ac05796361a7ed38a38d59fbe07dde8fe344cf146cab1878419d649e0775a6d2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad53fc9555fa7458ac5416b2d80fb377175faa0642aeb4a4c0a40c9b77d09900
b15b39492556816c007511a9b4f6bdd8a9f92c3fcc91fd6a023b433de62d3444
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b34c52961a6b3b0cc78466874cc704d9765245e34257a1c4bd0490c80739b1d3
b36f38af75f947b629c39326958ee10a7ef7162fa1d2dd101c0377cb1f2a007b
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
b9971a6dfcf0d1abeb8052c3d29c9915a8062eba92fd08f0e604bc459e5a87d7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc76da0725572ae0780ebc444d20aa2c5a650bfef76773ba91842f2777ff117d
be2203d3f32591c7f48a28026ae0b78d85f364adf0e1164678872a1c51195e3b
bf4a3856e2ef60cbb21c4c5f85e5a9a5d6177e4e9eda7a47dab2e2714b77de03
c1860a451998b036c2e8c0b8164e47d20311b55222fc0d843577130c243997a4
c500c5d24d202d63c5d98deb47911b262f60a819a813b70743170b5c3140fbfd
c94f4fde5b3801bcbb526a7b2431c193cfaf1997a0b6b9d0ada5f231bf756862
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1c3278b7f0b66032b7c7caa36a1fdf5173fc29e890e946d46c8ab010f835158
d3085916259c4ca5f755ab7ba059660e86c2955b0afc2917a41c7c63cd438eb4
d7bb5707ec686adb527ec9da645a262275d52bee1147c4c4145e9bcb42c0bcd9
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e695031ac9f24e1107db954e1b54bc86481f5aa9dc0ca457228a270b35bddfea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
fc38bab194c96c3cfc7412f4d08d97d04df8ab9505c310c7cc0f6abdf703eff1
fd618cc7c727f3ced835e9f5acf7302c6767dc270232414ff46eadee94a5827e
fda0d77f15d641c01bb430c6e3b8fda7451790ea92ca52b7a8f9d8cf6775ecfc
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.ontask.io Open in urlscan Pro 54.158.26.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

116 Requests

84 %HTTPS

47 %IPv6

52 Domains

68 Subdomains

58 IPs

5 Countries

2367 kBTransfer

6467 kBSize

56 Cookies

3 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ontask.io Open in urlscan Pro
54.158.26.53 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

84 %
HTTPS

47 %
IPv6

52
Domains

68
Subdomains

58
IPs

5
Countries

2367 kB
Transfer

6467 kB
Size

56
Cookies

116 HTTP transactions
2 data transactions