portal.foresight-accounting.com Open in urlscan Pro
18.214.152.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://portal.foresight-accounting.com/
Effective URL:
https://portal.foresight-accounting.com/login
Submission: On August 18 via api (August 18th 2021, 2:08:07 am UTC) from VN

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 15 domains to perform 44 HTTP transactions. The main IP is 18.214.152.28, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is portal.foresight-accounting.com.
TLS certificate: Issued by R3 on August 18th 2021. Valid for: 3 months.

This is the only time portal.foresight-accounting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	18.214.152.28 18.214.152.28	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.73.5 65.9.73.5	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1 1	54.160.151.67 54.160.151.67	14618 (AMAZON-AES) (AMAZON-AES)
1	52.217.74.124 52.217.74.124	16509 (AMAZON-02) (AMAZON-02)
8	2a04:4e42:3::622 2a04:4e42:3::622	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3036::ac43:d462	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:210... 2600:9000:2104:4800:c:7018:1040:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2600:9000:210... 2600:9000:2104:5a00:1a:3012:2940:21	16509 (AMAZON-02) (AMAZON-02)
1	54.144.210.222 54.144.210.222	14618 (AMAZON-AES) (AMAZON-AES)
44	17

15 18.214.152.28 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-152-28.compute-1.amazonaws.com

portal.foresight-accounting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.5 (United States)

ASN16509 (AMAZON-02, US)

checkout.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.160.151.67 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-151-67.compute-1.amazonaws.com

taxdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.74.124 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

taxdome-production.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42:3::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:d462 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

widget.getgist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:4800:c:7018:1040:21 (United States)

ASN16509 (AMAZON-02, US)

dyr2dbqz8u9mp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2104:5a00:1a:3012:2940:21 (United States)

ASN16509 (AMAZON-02, US)

d258lu9myqkejp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.210.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-210-222.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	foresight-accounting.com 1 redirects portal.foresight-accounting.com	2 MB
9	wistia.com fast.wistia.com distillery.wistia.com	198 KB
5	cloudfront.net dyr2dbqz8u9mp.cloudfront.net d258lu9myqkejp.cloudfront.net	382 KB
4	crazyegg.com script.crazyegg.com	26 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	gstatic.com fonts.gstatic.com	31 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	109 B
1	doubleclick.net stats.g.doubleclick.net	98 B
1	getgist.com 1 redirects widget.getgist.com	657 B
1	googleapis.com fonts.googleapis.com	935 B
1	amazonaws.com taxdome-production.s3.amazonaws.com	5 KB
1	taxdome.com 1 redirects taxdome.com	1 KB
1	googletagmanager.com www.googletagmanager.com	60 KB
1	stripe.com checkout.stripe.com	26 KB
44	15

	Domain	Requested by
15	portal.foresight-accounting.com	1 redirects portal.foresight-accounting.com
8	fast.wistia.com	portal.foresight-accounting.com fast.wistia.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
3	d258lu9myqkejp.cloudfront.net	widget.getgist.com portal.foresight-accounting.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	dyr2dbqz8u9mp.cloudfront.net	portal.foresight-accounting.com widget.getgist.com
1	distillery.wistia.com	fast.wistia.com
1	www.google.de	portal.foresight-accounting.com
1	www.google.com	portal.foresight-accounting.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	widget.getgist.com	1 redirects
1	fonts.googleapis.com	portal.foresight-accounting.com
1	taxdome-production.s3.amazonaws.com	portal.foresight-accounting.com
1	taxdome.com	1 redirects
1	www.googletagmanager.com	portal.foresight-accounting.com
1	checkout.stripe.com	portal.foresight-accounting.com
44	17

This site contains no links.

Subject Issuer	Validity	Valid
www.allabouttaxes.net R3	`2021-08-18` - `2021-11-16`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-09` - `2022-05-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.wistia.com Amazon	`2021-04-01` - `2022-04-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://portal.foresight-accounting.com/login
Frame ID: E1B42D392F10E051A7F2A6EBCC8C9455
Requests: 40 HTTP requests in this frame

Frame: https://dyr2dbqz8u9mp.cloudfront.net/messenger/bundle-twl2o69ckj.min.js
Frame ID: C797AB14ECE247185A20E9F3E73F36FC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://portal.foresight-accounting.com/ HTTP 302
http://portal.foresight-accounting.com/login HTTP 307
https://portal.foresight-accounting.com/login Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

44
Requests

98 %
HTTPS

72 %
IPv6

15
Domains

17
Subdomains

17
IPs

3
Countries

2602 kB
Transfer

10591 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://portal.foresight-accounting.com/ HTTP 302
http://portal.foresight-accounting.com/login HTTP 307
https://portal.foresight-accounting.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://taxdome.com/rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOTV1ZEE9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--eb06e54e47611b076c1f566a74cef90eed6dbaff/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdCam9MY21WemFYcGxTU0lMTVRRMWVEUXdCam9HUlZRPSIsImV4cCI6bnVsbCwicHVyIjoidmFyaWF0aW9uIn19--b38d9b27c29f2bf5bcc588b470031949206129a8/Foresight-Logo.png HTTP 302
https://taxdome-production.s3.amazonaws.com/variants/92btkxw79fy52d3uyfl5pb4jf3bl/b7420df419cf64c7c562f991f11588890d8c3be3db16eda5d7eceac11ddbb493?response-content-disposition=inline%3B%20filename%3D%22Foresight-Logo.png%22%3B%20filename%2A%3DUTF-8%27%27Foresight-Logo.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAXTOO24IAPRABKPKA%2F20210818%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210818T020713Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=22f90b5985b96d0f8d24fb5f33b4fd3c9f7403ae102151abc8b325cccea62ddd

Request Chain 17

https://widget.getgist.com/ HTTP 302
https://dyr2dbqz8u9mp.cloudfront.net/gist-230a9a08c3.min.js

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
portal.foresight-accounting.com/
Redirect Chain

https://portal.foresight-accounting.com/
http://portal.foresight-accounting.com/login
https://portal.foresight-accounting.com/login

47 KB
48 KB

351ms
350ms

Document
text/html

18.214.152.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.foresight-accounting.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.214.152.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-152-28.compute-1.amazonaws.com

Software

nginx/1.17.6 /

Resource Hash

010adebc5ef475bdb52b0e53029d460cca750c55ce995bc6ef492ed33b69fb42

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: portal.foresight-accounting.com
:scheme: https
:path: /login
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: AWSALB=eslO/8FPShZfh3VpPZQLZjubK2/5IX7Glyv65urTOF948b2trCjPyizSdGd6WFC4GehVmdZ5SIXIH9Yj8UWPKA/XyVPgfVDTMRQVu/62ttOfMwVb04oahiwCSXjA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:12 GMT
content-type: text/html; charset=utf-8
set-cookie: AWSALB=y7YB0fE+UjRbpKL0qSu6OIKBJmJ5u1LwaqIaC/5G0v2l6XnrUfvP0XEcw1eNfPhojDtTrm40fBbexza/EKZkumtWhaClQXtyNQlEPYBb+Y+9X8nIZwMNf2GDSjEk; Expires=Wed, 25 Aug 2021 02:07:12 GMT; Path=/ AWSALBCORS=y7YB0fE+UjRbpKL0qSu6OIKBJmJ5u1LwaqIaC/5G0v2l6XnrUfvP0XEcw1eNfPhojDtTrm40fBbexza/EKZkumtWhaClQXtyNQlEPYBb+Y+9X8nIZwMNf2GDSjEk; Expires=Wed, 25 Aug 2021 02:07:12 GMT; Path=/; SameSite=None; Secure _td_app_session=479b11d5c39fa45ea0e6729d52ad19c0; domain=portal.foresight-accounting.com; path=/; secure; HttpOnly
server: nginx/1.17.6
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache, no-store
etag: W/"010adebc5ef475bdb52b0e53029d460c"
x-request-id: 25244757-d9f8-4407-bbbf-79dfe4d943b7
x-runtime: 0.236201
strict-transport-security: max-age=60; includeSubDomains

Redirect headers

Location: https://portal.foresight-accounting.com/login
Non-Authoritative-Reason: HSTS

GET
H2 200 en.js Show response
portal.foresight-accounting.com/javascripts/ 225 KB
70 KB 270ms
268ms Script
application/javascript 18.214.152.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.foresight-accounting.com/javascripts/en.js?ed8d390d2da04f271767e36cfb4508516efe8729db4d08c39d2bbe61d7aab720
Requested by: Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.152.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-152-28.compute-1.amazonaws.com
Software: nginx/1.17.6 /
Resource Hash: 0a132fe50307681cf522dacc1ace023d6588965b2a4dd88fc6b0a90ecae4ace4

Request headers

:path: /javascripts/en.js?ed8d390d2da04f271767e36cfb4508516efe8729db4d08c39d2bbe61d7aab720
pragma: no-cache
cookie: AWSALB=y7YB0fE+UjRbpKL0qSu6OIKBJmJ5u1LwaqIaC/5G0v2l6XnrUfvP0XEcw1eNfPhojDtTrm40fBbexza/EKZkumtWhaClQXtyNQlEPYBb+Y+9X8nIZwMNf2GDSjEk; AWSALBCORS=y7YB0fE+UjRbpKL0qSu6OIKBJmJ5u1LwaqIaC/5G0v2l6XnrUfvP0XEcw1eNfPhojDtTrm40fBbexza/EKZkumtWhaClQXtyNQlEPYBb+Y+9X8nIZwMNf2GDSjEk; _td_app_session=479b11d5c39fa45ea0e6729d52ad19c0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: portal.foresight-accounting.com
referer: https://portal.foresight-accounting.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://portal.foresight-accounting.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:12 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 13:58:39 GMT
server: nginx/1.17.6
etag: W/"611bc08f-38576"
content-type: application/javascript
cache-control: max-age=86400 public
set-cookie: AWSALB=KPZkvuKUGo/+weQ4FuH6kuXsdfoZscGWYuD5PNW27EyHmlCk132gfGOhCNG6iZgK5h6+OZaV1zj214Wy9F2/ke/MdypNXKiLvTWdCsKIziiBCwQk9XcldMFpyqCP; Expires=Wed, 25 Aug 2021 02:07:12 GMT; Path=/ AWSALBCORS=KPZkvuKUGo/+weQ4FuH6kuXsdfoZscGWYuD5PNW27EyHmlCk132gfGOhCNG6iZgK5h6+OZaV1zj214Wy9F2/ke/MdypNXKiLvTWdCsKIziiBCwQk9XcldMFpyqCP; Expires=Wed, 25 Aug 2021 02:07:12 GMT; Path=/; SameSite=None; Secure
expires: Thu, 19 Aug 2021 02:07:12 GMT

GET
H2 200 static-711ed4be.chunk.css
portal.foresight-accounting.com/packs/css/ 182 KB
33 KB 178ms
176ms Stylesheet
text/css 18.214.152.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.foresight-accounting.com/packs/css/static-711ed4be.chunk.css
Requested by: Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.152.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-152-28.compute-1.amazonaws.com
Software: nginx/1.17.6 /
Resource Hash: cd1480b9155af3d41cff88534e5dcbb817a8628f7086d50a155927e07899388c

Request headers

:path: /packs/css/static-711ed4be.chunk.css
pragma: no-cache
cookie: AWSALB=y7YB0fE+UjRbpKL0qSu6OIKBJmJ5u1LwaqIaC/5G0v2l6XnrUfvP0XEcw1eNfPhojDtTrm40fBbexza/EKZkumtWhaClQXtyNQlEPYBb+Y+9X8nIZwMNf2GDSjEk; AWSALBCORS=y7YB0fE+UjRbpKL0qSu6OIKBJmJ5u1LwaqIaC/5G0v2l6XnrUfvP0XEcw1eNfPhojDtTrm40fBbexza/EKZkumtWhaClQXtyNQlEPYBb+Y+9X8nIZwMNf2GDSjEk; _td_app_session=479b11d5c39fa45ea0e6729d52ad19c0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: portal.foresight-accounting.com
referer: https://portal.foresight-accounting.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://portal.foresight-accounting.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:12 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 13:58:24 GMT
server: nginx/1.17.6
etag: "611bc080-8051"
content-type: text/css
cache-control: max-age=315360000 public
set-cookie: AWSALB=3xU+fTLakikEawRyjzwD3TpXg2luRZHEaE8efv4Y3Vnkjtap0PtanQ6uiLzu8npUNhmSl7fkAfUb+driMYQ/RdgqixVJg21b2s3xS9SBevuQMxD/XEwEBmJ1EhLg; Expires=Wed, 25 Aug 2021 02:07:12 GMT; Path=/ AWSALBCORS=3xU+fTLakikEawRyjzwD3TpXg2luRZHEaE8efv4Y3Vnkjtap0PtanQ6uiLzu8npUNhmSl7fkAfUb+driMYQ/RdgqixVJg21b2s3xS9SBevuQMxD/XEwEBmJ1EhLg; Expires=Wed, 25 Aug 2021 02:07:12 GMT; Path=/; SameSite=None; Secure
content-length: 32849
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 checkout.js Show response
checkout.stripe.com/ 95 KB
26 KB 102ms
15ms Script
application/javascript 65.9.73.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.stripe.com/checkout.js

Requested by

Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6a4c20b57da47fecdbf70f7e38591404ace165c08f463e5fae2e7fff8386bcc6

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; connect-src 'self' https://api.stripe.com wss://verificator.stripe.com wss://verificator-main.stripe.com https://*.stripecdn.com https://errors.stripe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://*.stripecdn.com https://stripecdn.com https://api.stripe.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.stripecdn.com; frame-src 'self' stripecheckout: bitcoin: https://*.stripecdn.com https://js.stripe.com; img-src * data: blob:; font-src 'none'; media-src 'none'; object-src 'self' https://*.stripecdn.com;

Strict-Transport-Security

max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 21:35:15 GMT
server: AmazonS3
age: 277
etag: W/"191b17cba296cc5892e967a7861a6161"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
cache-control: no-cache
date: Wed, 18 Aug 2021 02:02:35 GMT
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com wss://verificator.stripe.com wss://verificator-main.stripe.com https://*.stripecdn.com https://errors.stripe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://*.stripecdn.com https://stripecdn.com https://api.stripe.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.stripecdn.com; frame-src 'self' stripecheckout: bitcoin: https://*.stripecdn.com https://js.stripe.com; img-src * data: blob:; font-src 'none'; media-src 'none'; object-src 'self' https://*.stripecdn.com;
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: Ra6x6S-NUS1Q_Jpl1uVFlOIUc7MV2zLK4PE6QomUngTxkUA-Jdu8jg==

GET
H2 200 application-a27ef257bb8d81e46162c2f5019779793a660068390f84c7d89a864714dcd971.js Show response
portal.foresight-accounting.com/assets/ 182 KB
15 KB 179ms
177ms Script
application/javascript 18.214.152.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.foresight-accounting.com/assets/application-a27ef257bb8d81e46162c2f5019779793a660068390f84c7d89a864714dcd971.js
Requested by: Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.152.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-152-28.compute-1.amazonaws.com
Software: nginx/1.17.6 /
Resource Hash: 98fd04f2dbb38e901f1aab7562c23f84a47dfc0ddf647a96bd4d9ef8c4c48c8c

Request headers

:path: /assets/application-a27ef257bb8d81e46162c2f5019779793a660068390f84c7d89a864714dcd971.js
pragma: no-cache
cookie: AWSALB=y7YB0fE+UjRbpKL0qSu6OIKBJmJ5u1LwaqIaC/5G0v2l6XnrUfvP0XEcw1eNfPhojDtTrm40fBbexza/EKZkumtWhaClQXtyNQlEPYBb+Y+9X8nIZwMNf2GDSjEk; AWSALBCORS=y7YB0fE+UjRbpKL0qSu6OIKBJmJ5u1LwaqIaC/5G0v2l6XnrUfvP0XEcw1eNfPhojDtTrm40fBbexza/EKZkumtWhaClQXtyNQlEPYBb+Y+9X8nIZwMNf2GDSjEk; _td_app_session=479b11d5c39fa45ea0e6729d52ad19c0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: portal.foresight-accounting.com
referer: https://portal.foresight-accounting.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://portal.foresight-accounting.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:12 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 13:53:06 GMT
server: nginx/1.17.6
etag: "611bbf42-3838"
content-type: application/javascript
cache-control: max-age=315360000 public
set-cookie: AWSALB=4BENDmJdVbBNjafTFG8y09nD3U7DvJfseiUtLaar1b4KCj7kgWGIRnUUDqcLj3Zhd1EEj4b42wNnvrnWqZNuKqEjVdeXnPlpMJznqPcslcAV8Sy//2SzBHCjRtlm; Expires=Wed, 25 Aug 2021 02:07:12 GMT; Path=/ AWSALBCORS=4BENDmJdVbBNjafTFG8y09nD3U7DvJfseiUtLaar1b4KCj7kgWGIRnUUDqcLj3Zhd1EEj4b42wNnvrnWqZNuKqEjVdeXnPlpMJznqPcslcAV8Sy//2SzBHCjRtlm; Expires=Wed, 25 Aug 2021 02:07:12 GMT; Path=/; SameSite=None; Secure
content-length: 14392
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime-97463e8e65ecb31b8dd4.js Show response
portal.foresight-accounting.com/packs/js/ 2 KB
1 KB 178ms
176ms Script
application/javascript 18.214.152.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.foresight-accounting.com/packs/js/runtime-97463e8e65ecb31b8dd4.js
Requested by: Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.152.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-152-28.compute-1.amazonaws.com
Software: nginx/1.17.6 /
Resource Hash: a1fab315299338cc08c2329a4236f112e2390fd42858ba66f60d87f59dda9e74

Request headers

:path: /packs/js/runtime-97463e8e65ecb31b8dd4.js
pragma: no-cache
cookie: AWSALB=y7YB0fE+UjRbpKL0qSu6OIKBJmJ5u1LwaqIaC/5G0v2l6XnrUfvP0XEcw1eNfPhojDtTrm40fBbexza/EKZkumtWhaClQXtyNQlEPYBb+Y+9X8nIZwMNf2GDSjEk; AWSALBCORS=y7YB0fE+UjRbpKL0qSu6OIKBJmJ5u1LwaqIaC/5G0v2l6XnrUfvP0XEcw1eNfPhojDtTrm40fBbexza/EKZkumtWhaClQXtyNQlEPYBb+Y+9X8nIZwMNf2GDSjEk; _td_app_session=479b11d5c39fa45ea0e6729d52ad19c0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: portal.foresight-accounting.com
referer: https://portal.foresight-accounting.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://portal.foresight-accounting.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:12 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 13:58:24 GMT
server: nginx/1.17.6
etag: "611bc080-30c"
content-type: application/javascript
cache-control: max-age=315360000 public
set-cookie: AWSALB=i/EwrTg4JwYB/XqhHCzw1H56oI/wz0hEYC8gCMVTHwtv5ILpVIIdPnxqR2wzxbD24ol47CLjX9F6AHHabHRej6AQMEkcgpdckPM2XpxyFX3n5s711Q9vxdvoVFoT; Expires=Wed, 25 Aug 2021 02:07:12 GMT; Path=/ AWSALBCORS=i/EwrTg4JwYB/XqhHCzw1H56oI/wz0hEYC8gCMVTHwtv5ILpVIIdPnxqR2wzxbD24ol47CLjX9F6AHHabHRej6AQMEkcgpdckPM2XpxyFX3n5s711Q9vxdvoVFoT; Expires=Wed, 25 Aug 2021 02:07:12 GMT; Path=/; SameSite=None; Secure
content-length: 780
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1-530d6d22cbc40b8ca39a.chunk.js Show response
portal.foresight-accounting.com/packs/js/ 428 KB
138 KB 268ms
267ms Script
application/javascript 18.214.152.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.foresight-accounting.com/packs/js/1-530d6d22cbc40b8ca39a.chunk.js
Requested by: Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.152.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-152-28.compute-1.amazonaws.com
Software: nginx/1.17.6 /
Resource Hash: 33ce8890b2a0e8a4451b03dc76029c6432f172518c3bbc8834eaf2cd23610d37

Request headers

:path: /packs/js/1-530d6d22cbc40b8ca39a.chunk.js
pragma: no-cache
cookie: AWSALB=y7YB0fE+UjRbpKL0qSu6OIKBJmJ5u1LwaqIaC/5G0v2l6XnrUfvP0XEcw1eNfPhojDtTrm40fBbexza/EKZkumtWhaClQXtyNQlEPYBb+Y+9X8nIZwMNf2GDSjEk; AWSALBCORS=y7YB0fE+UjRbpKL0qSu6OIKBJmJ5u1LwaqIaC/5G0v2l6XnrUfvP0XEcw1eNfPhojDtTrm40fBbexza/EKZkumtWhaClQXtyNQlEPYBb+Y+9X8nIZwMNf2GDSjEk; _td_app_session=479b11d5c39fa45ea0e6729d52ad19c0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: portal.foresight-accounting.com
referer: https://portal.foresight-accounting.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://portal.foresight-accounting.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:12 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 13:58:24 GMT
server: nginx/1.17.6
etag: "611bc080-2255b"
content-type: application/javascript
cache-control: max-age=315360000 public
set-cookie: AWSALB=630MzDL+QP27JM63mmBMMeBoA4hcuqnx+HvXhz+R4hI+AJn1LTnstyIaqknytg2EJSK1qAh7z7Qeqo5D99n+/ekOPy1fIAACZJmDf9ZmVx3TNDuqmltXdpYcx989; Expires=Wed, 25 Aug 2021 02:07:12 GMT; Path=/ AWSALBCORS=630MzDL+QP27JM63mmBMMeBoA4hcuqnx+HvXhz+R4hI+AJn1LTnstyIaqknytg2EJSK1qAh7z7Qeqo5D99n+/ekOPy1fIAACZJmDf9ZmVx3TNDuqmltXdpYcx989; Expires=Wed, 25 Aug 2021 02:07:12 GMT; Path=/; SameSite=None; Secure
content-length: 140635
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6-af03b8917fc1770baece.chunk.js Show response
portal.foresight-accounting.com/packs/js/ 4 MB
970 KB 269ms
267ms Script
application/javascript 18.214.152.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.foresight-accounting.com/packs/js/6-af03b8917fc1770baece.chunk.js
Requested by: Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.152.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-152-28.compute-1.amazonaws.com
Software: nginx/1.17.6 /
Resource Hash: 7791cc8ae129410f07726e3746ff61fc0057d706fc56842e93d5c306f84cf0da

Request headers

:path: /packs/js/6-af03b8917fc1770baece.chunk.js
pragma: no-cache
cookie: AWSALB=y7YB0fE+UjRbpKL0qSu6OIKBJmJ5u1LwaqIaC/5G0v2l6XnrUfvP0XEcw1eNfPhojDtTrm40fBbexza/EKZkumtWhaClQXtyNQlEPYBb+Y+9X8nIZwMNf2GDSjEk; AWSALBCORS=y7YB0fE+UjRbpKL0qSu6OIKBJmJ5u1LwaqIaC/5G0v2l6XnrUfvP0XEcw1eNfPhojDtTrm40fBbexza/EKZkumtWhaClQXtyNQlEPYBb+Y+9X8nIZwMNf2GDSjEk; _td_app_session=479b11d5c39fa45ea0e6729d52ad19c0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: portal.foresight-accounting.com
referer: https://portal.foresight-accounting.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://portal.foresight-accounting.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:12 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 13:58:24 GMT
server: nginx/1.17.6
etag: "611bc080-f20f2"
content-type: application/javascript
cache-control: max-age=315360000 public
set-cookie: AWSALB=OL87jWuje2XIOxF+ajyNcPnnGh7CzZu4Gbu5+oAbh2GH09zyJCqv72CEF6yNUYR768tetIkWeAgnoaKvbnAfVNkrz7KIX5By7SO3ZtjkNKqlsMdO8E4gipgJx7xI; Expires=Wed, 25 Aug 2021 02:07:12 GMT; Path=/ AWSALBCORS=OL87jWuje2XIOxF+ajyNcPnnGh7CzZu4Gbu5+oAbh2GH09zyJCqv72CEF6yNUYR768tetIkWeAgnoaKvbnAfVNkrz7KIX5By7SO3ZtjkNKqlsMdO8E4gipgJx7xI; Expires=Wed, 25 Aug 2021 02:07:12 GMT; Path=/; SameSite=None; Secure
content-length: 991474
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-0a42cd9544112855d40c.chunk.js Show response
portal.foresight-accounting.com/packs/js/ 3 MB
557 KB 269ms
267ms Script
application/javascript 18.214.152.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.foresight-accounting.com/packs/js/application-0a42cd9544112855d40c.chunk.js
Requested by: Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.152.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-152-28.compute-1.amazonaws.com
Software: nginx/1.17.6 /
Resource Hash: d890509fcad3cedeae3daf89941dd6f27b78fe4abefe6b91912775486111f9e7

Request headers

:path: /packs/js/application-0a42cd9544112855d40c.chunk.js
pragma: no-cache
cookie: AWSALB=y7YB0fE+UjRbpKL0qSu6OIKBJmJ5u1LwaqIaC/5G0v2l6XnrUfvP0XEcw1eNfPhojDtTrm40fBbexza/EKZkumtWhaClQXtyNQlEPYBb+Y+9X8nIZwMNf2GDSjEk; AWSALBCORS=y7YB0fE+UjRbpKL0qSu6OIKBJmJ5u1LwaqIaC/5G0v2l6XnrUfvP0XEcw1eNfPhojDtTrm40fBbexza/EKZkumtWhaClQXtyNQlEPYBb+Y+9X8nIZwMNf2GDSjEk; _td_app_session=479b11d5c39fa45ea0e6729d52ad19c0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: portal.foresight-accounting.com
referer: https://portal.foresight-accounting.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://portal.foresight-accounting.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:12 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 13:58:24 GMT
server: nginx/1.17.6
etag: "611bc080-8b018"
content-type: application/javascript
cache-control: max-age=315360000 public
set-cookie: AWSALB=FemYqVrvaJp54eg/W1WPb6SisY9TJvkUGOUheNF66B5tyHjR+CSt4+lJMJyqinNSVc/+gMGRAou1C1KPs7/n9/Ga8+aNvnHvLWQQgTWyvXPhtT9T4wR1k6DCvWKf; Expires=Wed, 25 Aug 2021 02:07:12 GMT; Path=/ AWSALBCORS=FemYqVrvaJp54eg/W1WPb6SisY9TJvkUGOUheNF66B5tyHjR+CSt4+lJMJyqinNSVc/+gMGRAou1C1KPs7/n9/Ga8+aNvnHvLWQQgTWyvXPhtT9T4wR1k6DCvWKf; Expires=Wed, 25 Aug 2021 02:07:12 GMT; Path=/; SameSite=None; Secure
content-length: 569368
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ 181 KB
60 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TM6437G

Requested by

Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61358
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Aug 2021 02:07:13 GMT

GET
H/1.1

200
OK

b7420df419cf64c7c562f991f11588890d8c3be3db16eda5d7eceac11ddbb493
taxdome-production.s3.amazonaws.com/variants/92btkxw79fy52d3uyfl5pb4jf3bl/
Redirect Chain

https://taxdome.com/rails/active_storage/representations/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOTV1ZEE9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--eb06e54e47611b076c1f566a74cef90eed6dbaff/eyJfcmFpb...
https://taxdome-production.s3.amazonaws.com/variants/92btkxw79fy52d3uyfl5pb4jf3bl/b7420df419cf64c7c562f991f11588890d8c3be3db16eda5d7eceac11ddbb493?response-content-disposition=inline%3B%20filename%...

4 KB
5 KB

484ms
150ms

Image
image/png

52.217.74.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taxdome-production.s3.amazonaws.com/variants/92btkxw79fy52d3uyfl5pb4jf3bl/b7420df419cf64c7c562f991f11588890d8c3be3db16eda5d7eceac11ddbb493?response-content-disposition=inline%3B%20filename%3D%22Foresight-Logo.png%22%3B%20filename%2A%3DUTF-8%27%27Foresight-Logo.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAXTOO24IAPRABKPKA%2F20210818%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210818T020713Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=22f90b5985b96d0f8d24fb5f33b4fd3c9f7403ae102151abc8b325cccea62ddd
Requested by: Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.74.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Wed, 18 Aug 2021 02:07:14 GMT
Last-Modified: Wed, 11 Aug 2021 20:13:30 GMT
Server: AmazonS3
x-amz-request-id: WAC6SKAP82W89RBG
ETag: "e15498788a2de4c4806a25b81abc26cc"
x-amz-version-id: .TafFtoKpuGTT0gb4nonXyIlWjpgoaFA
x-amz-replication-status: COMPLETED
Content-Disposition: inline; filename="Foresight-Logo.png"; filename*=UTF-8''Foresight-Logo.png
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 4340
x-amz-id-2: 5E947l7IvC4oRkLwaDCkjWo3bxBzCPdrhQq9G4U8Vd+t4QTVbCTL+CZo23oCMbJdMzt8sx1m0C4=

Redirect headers

x-runtime: 0.028464
date: Wed, 18 Aug 2021 02:07:13 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.17.6
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://taxdome-production.s3.amazonaws.com/variants/92btkxw79fy52d3uyfl5pb4jf3bl/b7420df419cf64c7c562f991f11588890d8c3be3db16eda5d7eceac11ddbb493?response-content-disposition=inline%3B%20filename%3D%22Foresight-Logo.png%22%3B%20filename%2A%3DUTF-8%27%27Foresight-Logo.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAXTOO24IAPRABKPKA%2F20210818%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210818T020713Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=22f90b5985b96d0f8d24fb5f33b4fd3c9f7403ae102151abc8b325cccea62ddd
x-permitted-cross-domain-policies: none
cache-control: max-age=300, private
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: f76215e5-2286-4dc3-a0f1-18932af62009

GET
H2 200 logo-c5dc8764a983d39296d792d3da690cb0.svg
portal.foresight-accounting.com/packs/images/ 4 KB
2 KB 102ms
99ms Image
image/svg+xml 18.214.152.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.foresight-accounting.com/packs/images/logo-c5dc8764a983d39296d792d3da690cb0.svg
Requested by: Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.152.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-152-28.compute-1.amazonaws.com
Software: nginx/1.17.6 /
Resource Hash

Request headers

:path: /packs/images/logo-c5dc8764a983d39296d792d3da690cb0.svg
pragma: no-cache
cookie: _td_app_session=479b11d5c39fa45ea0e6729d52ad19c0; AWSALB=FemYqVrvaJp54eg/W1WPb6SisY9TJvkUGOUheNF66B5tyHjR+CSt4+lJMJyqinNSVc/+gMGRAou1C1KPs7/n9/Ga8+aNvnHvLWQQgTWyvXPhtT9T4wR1k6DCvWKf; AWSALBCORS=FemYqVrvaJp54eg/W1WPb6SisY9TJvkUGOUheNF66B5tyHjR+CSt4+lJMJyqinNSVc/+gMGRAou1C1KPs7/n9/Ga8+aNvnHvLWQQgTWyvXPhtT9T4wR1k6DCvWKf; timezone_offset=-120
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: portal.foresight-accounting.com
referer: https://portal.foresight-accounting.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://portal.foresight-accounting.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 13:58:24 GMT
server: nginx/1.17.6
etag: "611bc080-5a7"
content-type: image/svg+xml
cache-control: max-age=315360000 public
set-cookie: AWSALB=LL/K+KjJd7jnP160IoEXPte+Mz47Akz8GtCitKkq8wLgVvTgtww8HPAmrXvUqz5vguV88i0hDbqVeJvzsV2W+03vHsxER+H2Bsv8ifqFIcyrrzXKussBleANMdCB; Expires=Wed, 25 Aug 2021 02:07:13 GMT; Path=/ AWSALBCORS=LL/K+KjJd7jnP160IoEXPte+Mz47Akz8GtCitKkq8wLgVvTgtww8HPAmrXvUqz5vguV88i0hDbqVeJvzsV2W+03vHsxER+H2Bsv8ifqFIcyrrzXKussBleANMdCB; Expires=Wed, 25 Aug 2021 02:07:13 GMT; Path=/; SameSite=None; Secure
content-length: 1447
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 times-b6942f4308a9f8db37753c995b38186d.svg
portal.foresight-accounting.com/packs/images/static/icons/ 322 B
778 B 103ms
100ms Image
image/svg+xml 18.214.152.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.foresight-accounting.com/packs/images/static/icons/times-b6942f4308a9f8db37753c995b38186d.svg
Requested by: Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.152.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-152-28.compute-1.amazonaws.com
Software: nginx/1.17.6 /
Resource Hash

Request headers

:path: /packs/images/static/icons/times-b6942f4308a9f8db37753c995b38186d.svg
pragma: no-cache
cookie: _td_app_session=479b11d5c39fa45ea0e6729d52ad19c0; AWSALB=FemYqVrvaJp54eg/W1WPb6SisY9TJvkUGOUheNF66B5tyHjR+CSt4+lJMJyqinNSVc/+gMGRAou1C1KPs7/n9/Ga8+aNvnHvLWQQgTWyvXPhtT9T4wR1k6DCvWKf; AWSALBCORS=FemYqVrvaJp54eg/W1WPb6SisY9TJvkUGOUheNF66B5tyHjR+CSt4+lJMJyqinNSVc/+gMGRAou1C1KPs7/n9/Ga8+aNvnHvLWQQgTWyvXPhtT9T4wR1k6DCvWKf; timezone_offset=-120
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: portal.foresight-accounting.com
referer: https://portal.foresight-accounting.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://portal.foresight-accounting.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 13:58:24 GMT
server: nginx/1.17.6
etag: "611bc080-e1"
content-type: image/svg+xml
cache-control: max-age=315360000 public
set-cookie: AWSALB=zAPRHj1XwByeR9cUouPkdIGR6Violqzng02a3C1IaulKnCTmKbGOWch06hq9DmHq5/hwfxkb8yRwrYdIL7CyGkaXoXnvqX5+YBLxUShBirsFEYgeAEVZONvuHyD7; Expires=Wed, 25 Aug 2021 02:07:13 GMT; Path=/ AWSALBCORS=zAPRHj1XwByeR9cUouPkdIGR6Violqzng02a3C1IaulKnCTmKbGOWch06hq9DmHq5/hwfxkb8yRwrYdIL7CyGkaXoXnvqX5+YBLxUShBirsFEYgeAEVZONvuHyD7; Expires=Wed, 25 Aug 2021 02:07:13 GMT; Path=/; SameSite=None; Secure
content-length: 225
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cq4jf5qn3t.jsonp
fast.wistia.com/embed/medias/ 4 KB
2 KB 34ms
18ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/cq4jf5qn3t.jsonp

Requested by

Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 62457
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length: 1539
x-request-id: f1ca68cecb706f44dbeabb1e29c37bbb
x-served-by: cache-dca17736-DCA, cache-fra19177-FRA
x-runtime: 0.055616
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1629252433.342234,VS0,VE1
etag: W/"cdd1bce104a1c9e32487478ddd0c26dc"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 89
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 E-v1.js
fast.wistia.com/assets/external/ 599 KB
113 KB 23ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 466
x-cache: HIT, HIT
content-length: 115413
x-served-by: cache-dca17764-DCA, cache-fra19177-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Thu, 12 Aug 2021 17:55:51 GMT
x-timer: S1629252433.342219,VS0,VE0
etag: "611560a7-1c2d5"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 11

GET
H2 200 swatch
fast.wistia.com/embed/medias/cq4jf5qn3t/ 4 KB
4 KB 33ms
17ms Image
image/jpeg 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/cq4jf5qn3t/swatch

Requested by

Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
access-control-request-method: *
age: 70269
x-cache: HIT, HIT
content-disposition: inline
content-length: 4076
x-served-by: cache-dca17725-DCA, cache-fra19177-FRA
access-control-allow-origin: *, *
x-browser-version: 89
last-modified: Thu, 01 Aug 2019 22:47:26 UTC
x-timer: S1629252433.342208,VS0,VE1
strict-transport-security: max-age=0
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: public, no-cache, max-age=30858520
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 times-blue-7767b99c26ecb7b81df08a7f9ec51fc8.svg
portal.foresight-accounting.com/packs/images/static/icons/ 366 B
769 B 102ms
101ms Image
image/svg+xml 18.214.152.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.foresight-accounting.com/packs/images/static/icons/times-blue-7767b99c26ecb7b81df08a7f9ec51fc8.svg
Requested by: Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.152.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-152-28.compute-1.amazonaws.com
Software: nginx/1.17.6 /
Resource Hash

Request headers

:path: /packs/images/static/icons/times-blue-7767b99c26ecb7b81df08a7f9ec51fc8.svg
pragma: no-cache
cookie: _td_app_session=479b11d5c39fa45ea0e6729d52ad19c0; AWSALB=FemYqVrvaJp54eg/W1WPb6SisY9TJvkUGOUheNF66B5tyHjR+CSt4+lJMJyqinNSVc/+gMGRAou1C1KPs7/n9/Ga8+aNvnHvLWQQgTWyvXPhtT9T4wR1k6DCvWKf; AWSALBCORS=FemYqVrvaJp54eg/W1WPb6SisY9TJvkUGOUheNF66B5tyHjR+CSt4+lJMJyqinNSVc/+gMGRAou1C1KPs7/n9/Ga8+aNvnHvLWQQgTWyvXPhtT9T4wR1k6DCvWKf; timezone_offset=-120
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: portal.foresight-accounting.com
referer: https://portal.foresight-accounting.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://portal.foresight-accounting.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 13:58:24 GMT
server: nginx/1.17.6
etag: "611bc080-d9"
content-type: image/svg+xml
cache-control: max-age=315360000 public
set-cookie: AWSALB=qAYrFWQuylOBoLXi/qtsfgV/euxpyanEUvn7Q1tCVMyN//SA6wLwTaT8tcZPBMyT9lwpkkhweYhDmd8GLfvwcUgrhtRfeSn+9R1e9Zi+PZfPZ1IQSi766tdXgzlD; Expires=Wed, 25 Aug 2021 02:07:13 GMT; Path=/ AWSALBCORS=qAYrFWQuylOBoLXi/qtsfgV/euxpyanEUvn7Q1tCVMyN//SA6wLwTaT8tcZPBMyT9lwpkkhweYhDmd8GLfvwcUgrhtRfeSn+9R1e9Zi+PZfPZ1IQSi766tdXgzlD; Expires=Wed, 25 Aug 2021 02:07:13 GMT; Path=/; SameSite=None; Secure
content-length: 217
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
935 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,400,400i,700,900

Requested by

Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/packs/css/static-711ed4be.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc8647b4ba2a7e5f6c4c3af04e2adb1157c5bb97052b55782c2270560a55c6b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 02:07:13 GMT
server: ESF
date: Wed, 18 Aug 2021 02:07:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Aug 2021 02:07:13 GMT

GET
H2

200

gist-230a9a08c3.min.js
dyr2dbqz8u9mp.cloudfront.net/
Redirect Chain

https://widget.getgist.com/
https://dyr2dbqz8u9mp.cloudfront.net/gist-230a9a08c3.min.js

170 KB
37 KB

48ms
12ms

Script
application/javascript

2600:9000:2104:4800:c:7018:1040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyr2dbqz8u9mp.cloudfront.net/gist-230a9a08c3.min.js
Requested by: Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4800:c:7018:1040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:28:42 GMT
content-encoding: gzip
last-modified: Sat, 14 Aug 2021 04:27:21 GMT
server: AmazonS3
age: 337112
etag: W/"230a9a08c31f3f2176eea6e2a998483c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: lzdktadUg02I2A4REHwkSEGJPzjuWlLiaFU-xL5zFg2nU4qHj0PuTw==

Redirect headers

date: Wed, 18 Aug 2021 02:07:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaGLyRnvS%2FMC62kll3QW7%2FmtSv15f4%2FLyf07Z0FiwbQWp85wk251teHHqrncpQJO85RoPAwqSqysA90ja1mTykfXCllBnFVTEjr0AMG%2B1RoEI2SVQbnawoMxcG1UKefOvzrQcaaKbGnftoot3ee0jy8%3D"}],"group":"cf-nel","max_age":604800}
location: https://dyr2dbqz8u9mp.cloudfront.net/gist-230a9a08c3.min.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6807965c79cc4e2b-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 us-e4e0747ca0aaca44dfad61ae55a2521a.svg
portal.foresight-accounting.com/packs/icons/countries/ 9 KB
3 KB 101ms
100ms Image
image/svg+xml 18.214.152.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.foresight-accounting.com/packs/icons/countries/us-e4e0747ca0aaca44dfad61ae55a2521a.svg
Requested by: Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/packs/css/static-711ed4be.chunk.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.152.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-152-28.compute-1.amazonaws.com
Software: nginx/1.17.6 /
Resource Hash

Request headers

:path: /packs/icons/countries/us-e4e0747ca0aaca44dfad61ae55a2521a.svg
pragma: no-cache
cookie: _td_app_session=479b11d5c39fa45ea0e6729d52ad19c0; AWSALB=FemYqVrvaJp54eg/W1WPb6SisY9TJvkUGOUheNF66B5tyHjR+CSt4+lJMJyqinNSVc/+gMGRAou1C1KPs7/n9/Ga8+aNvnHvLWQQgTWyvXPhtT9T4wR1k6DCvWKf; AWSALBCORS=FemYqVrvaJp54eg/W1WPb6SisY9TJvkUGOUheNF66B5tyHjR+CSt4+lJMJyqinNSVc/+gMGRAou1C1KPs7/n9/Ga8+aNvnHvLWQQgTWyvXPhtT9T4wR1k6DCvWKf; timezone_offset=-120
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: portal.foresight-accounting.com
referer: https://portal.foresight-accounting.com/packs/css/static-711ed4be.chunk.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://portal.foresight-accounting.com/packs/css/static-711ed4be.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 13:58:24 GMT
server: nginx/1.17.6
etag: "611bc080-9e8"
content-type: image/svg+xml
cache-control: max-age=315360000 public
set-cookie: AWSALB=yrq1+QXsorMY4hZuQNWle8ST3N8kAMgVa4ttPNxDwTS13jnsyL0FpNIsh2ViZje/c1CHver6IaswwAUjNBzoFzdrcuZCTnUBoYFrYxrxh3n4RMU4zXtlz3fcLGds; Expires=Wed, 25 Aug 2021 02:07:13 GMT; Path=/ AWSALBCORS=yrq1+QXsorMY4hZuQNWle8ST3N8kAMgVa4ttPNxDwTS13jnsyL0FpNIsh2ViZje/c1CHver6IaswwAUjNBzoFzdrcuZCTnUBoYFrYxrxh3n4RMU4zXtlz3fcLGds; Expires=Wed, 25 Aug 2021 02:07:13 GMT; Path=/; SameSite=None; Secure
content-length: 2536
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 small-chevron-down-340ef77c1837d3540e6fd89e4aafa631.svg
portal.foresight-accounting.com/packs/images/static/icons/ 495 B
835 B 101ms
100ms Image
image/svg+xml 18.214.152.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.foresight-accounting.com/packs/images/static/icons/small-chevron-down-340ef77c1837d3540e6fd89e4aafa631.svg
Requested by: Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/packs/css/static-711ed4be.chunk.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.152.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-152-28.compute-1.amazonaws.com
Software: nginx/1.17.6 /
Resource Hash

Request headers

:path: /packs/images/static/icons/small-chevron-down-340ef77c1837d3540e6fd89e4aafa631.svg
pragma: no-cache
cookie: _td_app_session=479b11d5c39fa45ea0e6729d52ad19c0; AWSALB=FemYqVrvaJp54eg/W1WPb6SisY9TJvkUGOUheNF66B5tyHjR+CSt4+lJMJyqinNSVc/+gMGRAou1C1KPs7/n9/Ga8+aNvnHvLWQQgTWyvXPhtT9T4wR1k6DCvWKf; AWSALBCORS=FemYqVrvaJp54eg/W1WPb6SisY9TJvkUGOUheNF66B5tyHjR+CSt4+lJMJyqinNSVc/+gMGRAou1C1KPs7/n9/Ga8+aNvnHvLWQQgTWyvXPhtT9T4wR1k6DCvWKf; timezone_offset=-120
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: portal.foresight-accounting.com
referer: https://portal.foresight-accounting.com/packs/css/static-711ed4be.chunk.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://portal.foresight-accounting.com/packs/css/static-711ed4be.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 13:58:24 GMT
server: nginx/1.17.6
etag: "611bc080-11a"
content-type: image/svg+xml
cache-control: max-age=315360000 public
set-cookie: AWSALB=mjBw9OnuZduwsUrfHvFDWh2vhlTd1imhg0bMQlNe3KJF9YLduHXvOMYCBnTjZkqcdWzJnqp3tymNSr4VfvUKaW0Vv1RRuLDekYdyQCQAS5b4dZPbZEA2B6wcooX/; Expires=Wed, 25 Aug 2021 02:07:13 GMT; Path=/ AWSALBCORS=mjBw9OnuZduwsUrfHvFDWh2vhlTd1imhg0bMQlNe3KJF9YLduHXvOMYCBnTjZkqcdWzJnqp3tymNSr4VfvUKaW0Vv1RRuLDekYdyQCQAS5b4dZPbZEA2B6wcooX/; Expires=Wed, 25 Aug 2021 02:07:13 GMT; Path=/; SameSite=None; Secure
content-length: 282
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,400,400i,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portal.foresight-accounting.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 08:57:43 GMT
x-content-type-options: nosniff
age: 61770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:17 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 08:57:43 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TM6437G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 3212
date: Wed, 18 Aug 2021 01:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Wed, 18 Aug 2021 03:13:41 GMT

GET
H2 200 1593.js
script.crazyegg.com/pages/scripts/0107/ 5 KB
2 KB 37ms
16ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0107/1593.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TM6437G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 24784
cf-polished: origSize=4899
cf-ray: 6807965ca8d94e7f-FRA
ce-version: 11.1.323
last-modified: Tue, 17 Aug 2021 19:14:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

POST
H3-29 200 collect
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=486969704&t=pageview&_s=1&dl=https%3A%2F%2Fportal.foresight-accounting.com%2Flogin&ul=en-us&de=UTF-8&dt=Foresight%20Accounting%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1008733386&gjid=654639372&cid=1778289886.1629252433&tid=UA-18458382-3&_gid=1085203129.1629252433&_r=1&gtm=2wg8g0TM6437G&cd3=utmcsr%3D(direct)%7Cutmcmd%3D(none)%7Cutmccn%3D(not%20set)&z=309000165

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 02:07:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.foresight-accounting.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
98 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-18458382-3&cid=1778289886.1629252433&jid=1008733386&gjid=654639372&_gid=1085203129.1629252433&_u=YEBAAEAAAAAAAC~&z=1320047274

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 18 Aug 2021 02:07:13 GMT
content-type: text/plain
access-control-allow-origin: https://portal.foresight-accounting.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1593.json
script.crazyegg.com/pages/data-scripts/0107/ 12 KB
2 KB 29ms
14ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0107/1593.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0107/1593.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 24779
ce-version: 11.1.323
content-length: 1983
timing-allow-origin: *
last-modified: Tue, 17 Aug 2021 19:14:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6807965cff1ed6bd-FRA

GET
H2 200 wistia-mux.js
fast.wistia.com/assets/external/ 92 KB
24 KB 9ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 466
x-cache: HIT, HIT
content-length: 24741
x-served-by: cache-dca17779-DCA, cache-fra19177-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Thu, 12 Aug 2021 17:55:51 GMT
x-timer: S1629252433.430440,VS0,VE0
etag: "611560a7-60a5"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4, 6

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
109 B 18ms
18ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-18458382-3&cid=1778289886.1629252433&jid=1008733386&_u=YEBAAEAAAAAAAC~&z=953658275

Requested by

Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 02:07:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-18458382-3&cid=1778289886.1629252433&jid=1008733386&_u=YEBAAEAAAAAAAC~&z=953658275

Requested by

Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 02:07:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 share-v2.js
fast.wistia.com/assets/external/ 49 KB
11 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/share-v2.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 466
x-cache: HIT, HIT
content-length: 11544
x-served-by: cache-dca17747-DCA, cache-fra19177-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Thu, 12 Aug 2021 17:55:51 GMT
x-timer: S1629252433.440068,VS0,VE1
etag: "611560a7-2d18"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 favicon.ico
portal.foresight-accounting.com/ 15 KB
15 KB 104ms
103ms Image
image/x-icon 18.214.152.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.foresight-accounting.com/favicon.ico

Requested by

Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.214.152.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-152-28.compute-1.amazonaws.com

Software

nginx/1.17.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

sec-fetch-mode: cors
origin: https://portal.foresight-accounting.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: image
cookie: _td_app_session=479b11d5c39fa45ea0e6729d52ad19c0; timezone_offset=-120; initialTrafficSource=utmcsr=(direct)|utmcmd=(none)|utmccn=(not set); __utmzzses=1; _ga=GA1.2.1778289886.1629252433; _gid=GA1.2.1085203129.1629252433; _gat_UA-18458382-3=1; AWSALB=mjBw9OnuZduwsUrfHvFDWh2vhlTd1imhg0bMQlNe3KJF9YLduHXvOMYCBnTjZkqcdWzJnqp3tymNSr4VfvUKaW0Vv1RRuLDekYdyQCQAS5b4dZPbZEA2B6wcooX/; AWSALBCORS=mjBw9OnuZduwsUrfHvFDWh2vhlTd1imhg0bMQlNe3KJF9YLduHXvOMYCBnTjZkqcdWzJnqp3tymNSr4VfvUKaW0Vv1RRuLDekYdyQCQAS5b4dZPbZEA2B6wcooX/
:path: /favicon.ico
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
:authority: portal.foresight-accounting.com
referer: https://portal.foresight-accounting.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://portal.foresight-accounting.com
Referer: https://portal.foresight-accounting.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
last-modified: Tue, 17 Aug 2021 13:47:15 GMT
server: nginx/1.17.8
etag: "611bbde3-3aee"
strict-transport-security: max-age=60; includeSubDomains
content-type: image/x-icon
set-cookie: AWSALB=SKCyAYtO/Avv3+ulVBwpqC3ZQpFpJThc9w8C9eNcEF/QvqM+we0wJjyd0hzMztkZQLZ+0l6SfPxXjDu8Z9J3e4uZqunVqvAwndGSbNH3At9KfzwmOJDQTBbO5esp; Expires=Wed, 25 Aug 2021 02:07:13 GMT; Path=/ AWSALBCORS=SKCyAYtO/Avv3+ulVBwpqC3ZQpFpJThc9w8C9eNcEF/QvqM+we0wJjyd0hzMztkZQLZ+0l6SfPxXjDu8Z9J3e4uZqunVqvAwndGSbNH3At9KfzwmOJDQTBbO5esp; Expires=Wed, 25 Aug 2021 02:07:13 GMT; Path=/; SameSite=None
accept-ranges: bytes
content-length: 15086

GET
H3-29 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,400,400i,700,900

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portal.foresight-accounting.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:40:42 GMT
x-content-type-options: nosniff
age: 102391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 21:40:42 GMT

GET
H2 200 project_o3ylscva.txt
d258lu9myqkejp.cloudfront.net/widget/settings/ 16 KB
6 KB 387ms
352ms XHR
text/plain 2600:9000:2104:5a00:1a:3012:2940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d258lu9myqkejp.cloudfront.net/widget/settings/project_o3ylscva.txt
Requested by: Host: widget.getgist.com
URL: https://widget.getgist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:5a00:1a:3012:2940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:14 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 14:01:09 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: W/"b11c400871a7e093db606aa21a0ff954"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: no-cache
x-cache: Miss from cloudfront
x-amz-cf-id: 1mwOezZAH8jWuBA60SJD3rtHHMhcCFUhotQ37LLFxBOe8DKz6oXYQA==
via: 1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)

GET
H2 200 11.1.323.js
script.crazyegg.com/pages/versioned/common-scripts/ 64 KB
21 KB 14ms
14ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.323.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0107/1593.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 02:07:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Jul 2021 13:13:31 GMT
server: cloudflare
age: 1854327
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 6807965d29614e7f-FRA
content-length: 21471

GET
H2 200 turnstile.js
fast.wistia.com/assets/external/ 95 KB
19 KB 100ms
100ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/turnstile.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 465
x-cache: HIT, HIT
content-length: 19308
x-served-by: cache-dca17772-DCA, cache-fra19177-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Thu, 12 Aug 2021 17:55:51 GMT
x-timer: S1629252433.477232,VS0,VE94
etag: "611560a7-4b6c"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 1593.json
script.crazyegg.com/pages/sampling-data-scripts/0107/ 282 B
265 B 17ms
17ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0107/1593.json?t=452570
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.323.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 24773
ce-version: 11.1.323
content-length: 171
timing-allow-origin: *
last-modified: Tue, 17 Aug 2021 19:14:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6807965d4f67d6bd-FRA

GET
H2 200 bundle-twl2o69ckj.min.js
dyr2dbqz8u9mp.cloudfront.net/messenger/ Frame C797 1 MB
319 KB 19ms
18ms Script
application/javascript 2600:9000:2104:4800:c:7018:1040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyr2dbqz8u9mp.cloudfront.net/messenger/bundle-twl2o69ckj.min.js
Requested by: Host: widget.getgist.com
URL: https://widget.getgist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4800:c:7018:1040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 04:34:57 GMT
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 04:14:59 GMT
server: AmazonS3
age: 423137
etag: W/"c546b42ce187f39bf70e916c402fadfb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: yBHBmNRj59_uE2KHCtbXpYzyP2yNYzDflz0KS4rC9_7ffOuRXIKwCQ==

GET
H2 200 wistiaLogo.js
fast.wistia.com/assets/external/ 47 KB
11 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistiaLogo.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 465
x-cache: HIT, HIT
content-length: 11134
x-served-by: cache-dca17782-DCA, cache-fra19177-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Thu, 12 Aug 2021 17:55:51 GMT
x-timer: S1629252434.600187,VS0,VE0
etag: "611560a7-2b7e"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4, 2

GET
BLOB 200
OK c1deca61-4582-4f7f-8cc9-3982eb15d7b4
https://portal.foresight-accounting.com/ Frame C797 12 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://portal.foresight-accounting.com/c1deca61-4582-4f7f-8cc9-3982eb15d7b4
Requested by: Host: dyr2dbqz8u9mp.cloudfront.net
URL: https://dyr2dbqz8u9mp.cloudfront.net/messenger/bundle-twl2o69ckj.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 12436
Content-Type: text/css

GET
H2 206 newMessage.mp3
d258lu9myqkejp.cloudfront.net/audios/ Frame C797 13 KB
14 KB 41ms
13ms Media
audio/mp3 2600:9000:2104:5a00:1a:3012:2940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d258lu9myqkejp.cloudfront.net/audios/newMessage.mp3
Requested by: Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:5a00:1a:3012:2940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 17 Nov 2020 02:21:32 GMT
via: 1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
last-modified: Tue, 03 Mar 2020 08:32:28 GMT
server: AmazonS3
age: 23672742
etag: "867ba87f34232acec3114becad115ce3"
x-cache: Hit from cloudfront
content-type: audio/mp3
Content-Range: bytes 0-13616/13617
cache-control: public,max-age=31556952
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
Content-Length: 13617
x-amz-cf-id: RUgiGkrXrbJZ2NzUfXmXmfp0nbWb6yAatuo680SokB09rDd_UWsmZQ==

GET
H2 206 newConversation.mp3
d258lu9myqkejp.cloudfront.net/audios/ Frame C797 5 KB
5 KB 42ms
14ms Media
audio/mp3 2600:9000:2104:5a00:1a:3012:2940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d258lu9myqkejp.cloudfront.net/audios/newConversation.mp3
Requested by: Host: portal.foresight-accounting.com
URL: https://portal.foresight-accounting.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:5a00:1a:3012:2940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 17 Nov 2020 02:21:32 GMT
via: 1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
last-modified: Tue, 03 Mar 2020 08:32:41 GMT
server: AmazonS3
age: 23672742
etag: "cdaee4ceec32d333f7d7066e16506e70"
x-cache: Hit from cloudfront
content-type: audio/mp3
Content-Range: bytes 0-5030/5031
cache-control: public,max-age=31556952
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
Content-Length: 5031
x-amz-cf-id: R7EnpLaDnfzHDOdNXbNfb1reIFw4q_-6vJMPWB_CjZh2EF_8qinTaQ==

GET
H2 200 playPauseLoadingControl.js
fast.wistia.com/assets/external/ 59 KB
13 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:07:14 GMT
content-encoding: br
vary: Accept-Encoding
age: 466
x-cache: HIT, HIT
content-length: 12688
x-served-by: cache-dca17751-DCA, cache-fra19177-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Thu, 12 Aug 2021 17:55:51 GMT
x-timer: S1629252434.059442,VS0,VE0
etag: "611560a7-3190"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 9

POST
H2 204 x
distillery.wistia.com/ 0
96 B 300ms
101ms XHR
text/plain 54.144.210.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.210.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-210-222.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://portal.foresight-accounting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 18 Aug 2021 02:07:14 GMT
cache-control: max-age=0, private, must-revalidate

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

checkout.stripe.com
d258lu9myqkejp.cloudfront.net
distillery.wistia.com
dyr2dbqz8u9mp.cloudfront.net
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
portal.foresight-accounting.com
script.crazyegg.com
stats.g.doubleclick.net
taxdome-production.s3.amazonaws.com
taxdome.com
widget.getgist.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
18.214.152.28
2600:9000:2104:4800:c:7018:1040:21
2600:9000:2104:5a00:1a:3012:2940:21
2606:4700:3036::ac43:d462
2606:4700::6813:9308
2a00:1450:4001:802::200e
2a00:1450:4001:809::200a
2a00:1450:4001:810::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9b
2a04:4e42:3::622
52.217.74.124
54.144.210.222
54.160.151.67
65.9.73.5
010adebc5ef475bdb52b0e53029d460cca750c55ce995bc6ef492ed33b69fb42
0a132fe50307681cf522dacc1ace023d6588965b2a4dd88fc6b0a90ecae4ace4
33ce8890b2a0e8a4451b03dc76029c6432f172518c3bbc8834eaf2cd23610d37
6a4c20b57da47fecdbf70f7e38591404ace165c08f463e5fae2e7fff8386bcc6
7791cc8ae129410f07726e3746ff61fc0057d706fc56842e93d5c306f84cf0da
98fd04f2dbb38e901f1aab7562c23f84a47dfc0ddf647a96bd4d9ef8c4c48c8c
a1fab315299338cc08c2329a4236f112e2390fd42858ba66f60d87f59dda9e74
cd1480b9155af3d41cff88534e5dcbb817a8628f7086d50a155927e07899388c
d890509fcad3cedeae3daf89941dd6f27b78fe4abefe6b91912775486111f9e7
fc8647b4ba2a7e5f6c4c3af04e2adb1157c5bb97052b55782c2270560a55c6b1

portal.foresight-accounting.com Open in urlscan Pro 18.214.152.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

72 %IPv6

15 Domains

17 Subdomains

17 IPs

3 Countries

2602 kBTransfer

10591 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

portal.foresight-accounting.com Open in urlscan Pro
18.214.152.28 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

72 %
IPv6

15
Domains

17
Subdomains

17
IPs

3
Countries

2602 kB
Transfer

10591 kB
Size

0
Cookies

44 HTTP transactions
0 data transactions