secure.patriothealthalliance.com Open in urlscan Pro
2606:4700:10::6814:1337 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_...
Submission: On March 18 via manual (March 18th 2020, 6:54:12 pm UTC) from US

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 20 domains to perform 65 HTTP transactions. The main IP is 2606:4700:10::6814:1337, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.patriothealthalliance.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 18th 2019. Valid for: 2 years.

This is the only time secure.patriothealthalliance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	2606:4700:10:... 2606:4700:10::6814:1337	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:20e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:220... 2600:9000:2204:8600:5:feb4:3640:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:205... 2600:9000:2057:e600:14:6bfc:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1	72.247.225.215 72.247.225.215	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:818::2013	15169 (GOOGLE) (GOOGLE)
2	52.218.229.192 52.218.229.192	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:15ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.30.151.94 52.30.151.94	16509 (AMAZON-02) (AMAZON-02)
2	70.42.32.63 70.42.32.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	35.166.24.200 35.166.24.200	16509 (AMAZON-02) (AMAZON-02)
65	21

34 2606:4700:10::6814:1337 (United States)

ASN13335 (CLOUDFLARENET, US)

secure.patriothealthalliance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:20e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:8600:5:feb4:3640:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.4patriots.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:e600:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.225.215 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-215.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

p1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.229.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:15ef (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.151.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-151-94.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.166.24.200 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-24-200.us-west-2.compute.amazonaws.com

www.trustedsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	patriothealthalliance.com secure.patriothealthalliance.com	663 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com amplifypixel.outbrain.com	4 KB
3	facebook.com www.facebook.com	464 B
3	google-analytics.com www.google-analytics.com	19 KB
2	pingdom.net rum-static.pingdom.net rum-collector-2.pingdom.net	3 KB
2	amazonaws.com s3-us-west-2.amazonaws.com	2 KB
2	yimg.com s.yimg.com	6 KB
2	bing.com bat.bing.com	8 KB
2	facebook.net connect.facebook.net	143 KB
2	useproof.com cdn.useproof.com	487 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	87 KB
1	trustedsite.com www.trustedsite.com	509 B
1	zemanta.com p1.zemanta.com	167 B
1	ywxi.net cdn.ywxi.net	5 KB
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	182 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	162 B
1	4patriots.com cdn.4patriots.com	3 KB
1	googletagmanager.com www.googletagmanager.com	34 KB
65	20

	Domain	Requested by
34	secure.patriothealthalliance.com	secure.patriothealthalliance.com
3	www.facebook.com	secure.patriothealthalliance.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com secure.patriothealthalliance.com
2	s3-us-west-2.amazonaws.com	cdn.ywxi.net
2	s.yimg.com	secure.patriothealthalliance.com s.yimg.com
2	bat.bing.com	secure.patriothealthalliance.com
2	connect.facebook.net	secure.patriothealthalliance.com connect.facebook.net
2	cdn.useproof.com	secure.patriothealthalliance.com cdn.useproof.com
2	maxcdn.bootstrapcdn.com	secure.patriothealthalliance.com
1	www.trustedsite.com	cdn.ywxi.net
1	amplifypixel.outbrain.com
1	tr.outbrain.com
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	rum-static.pingdom.net	secure.patriothealthalliance.com
1	p1.zemanta.com
1	amplify.outbrain.com	secure.patriothealthalliance.com
1	cdn.ywxi.net	www.googletagmanager.com
1	www.google.de	secure.patriothealthalliance.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	cdn.4patriots.com	secure.patriothealthalliance.com
1	www.googletagmanager.com	secure.patriothealthalliance.com
1	ajax.googleapis.com	secure.patriothealthalliance.com
1	fonts.googleapis.com	secure.patriothealthalliance.com
65	24

This site contains no links.

Subject Issuer	Validity	Valid
secure.patriothealthalliance.com DigiCert SHA2 Extended Validation Server CA	`2019-10-18` - `2021-10-18`	2 years	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-23` - `2020-10-09`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.4patriots.com Amazon	`2019-12-24` - `2021-01-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.ywxi.net Amazon	`2019-09-30` - `2020-10-30`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-03-13` - `2020-04-27`	a month	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
p1.zemanta.com GTS CA 1D2	`2020-02-24` - `2020-05-24`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-10`	a year	crt.sh
*.pingdom.net DigiCert SHA2 High Assurance Server CA	`2019-11-08` - `2021-01-19`	a year	crt.sh
*.trustedsite.com Amazon	`2020-03-09` - `2021-04-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
Frame ID: 89FE183A9AB46E510901CB706567530F
Requests: 64 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 46D1BBA121945562D5E8E975506C5F97
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

65
Requests

100 %
HTTPS

78 %
IPv6

20
Domains

24
Subdomains

21
IPs

6
Countries

1493 kB
Transfer

2378 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-54956868-1&cid=1618353236.1584557635&jid=1552730297&gjid=969403530&_gid=1024126772.1584557635&_u=aGBAgEAL~&z=2075460669 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54956868-1&cid=1618353236.1584557635&jid=1552730297&_v=j81&z=2075460669 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54956868-1&cid=1618353236.1584557635&jid=1552730297&_v=j81&z=2075460669&slf_rd=1&random=1683549913

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.php Show response
secure.patriothealthalliance.com/letter/pitcher/ 59 KB
19 KB 750ms
449ms Document
text/html 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9a3a2521c456b2fa839e8baf1adb8083673a219f7f9f12ae34d3caf57130e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: secure.patriothealthalliance.com
:scheme: https
:path: /letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Wed, 18 Mar 2020 18:53:54 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d077c53aafee3650d32802a24c07e6b351584557634; expires=Fri, 17-Apr-20 18:53:54 GMT; path=/; domain=.patriothealthalliance.com; HttpOnly; SameSite=Lax PHPSESSID=55e320f0e6ea0ed6b085690fb027e5de; expires=Wed, 18-Mar-2020 20:53:54 GMT; Max-Age=7200; path=/; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 576128bf68e41f55-FRA
content-encoding: gzip

GET
H2 200 styles-lander.css
secure.patriothealthalliance.com/assets/css/prod/ 182 KB
40 KB 125ms
124ms Stylesheet
text/css 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.patriothealthalliance.com/assets/css/prod/styles-lander.css

Requested by

Host: secure.patriothealthalliance.com
URL: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

250800b2fc6caa0412c06109c595d3b6d147b34c04a63e9ed86e228bb9126331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e6ac0fe-2d608"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
cache-control: max-age=691200
cf-ray: 576128c27a0c1f55-FRA

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/ 20 KB
5 KB 9ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
Requested by: Host: secure.patriothealthalliance.com
URL: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 18 Mar 2020 18:53:54 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
access-control-allow-origin: *
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 4696

GET
H2 200 css
fonts.googleapis.com/ 5 KB
671 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,300,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8bd4084d4a42d6a74dc4c61d011536def9c7946c9c1c97d63f9a62170ddbdce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 18 Mar 2020 18:53:54 GMT
server: ESF
date: Wed, 18 Mar 2020 18:53:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Mar 2020 18:53:54 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.2/ 82 KB
29 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d7d1c727e1cd32745764098a76e5d3d5fb7acd3b6527c5aacd85b7c6f8ce341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 25 Feb 2020 00:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1968411
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 29456
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Feb 2021 00:07:03 GMT

GET
H2 200 scripts-lander.js Show response
secure.patriothealthalliance.com/assets/js/prod/ 36 KB
12 KB 20ms
19ms Script
application/javascript 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.patriothealthalliance.com/assets/js/prod/scripts-lander.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

776dc52d0d443b8d4d1f78c3e1c3fd0ec7fb21f6ef348e017fd4da9e7043249a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 18:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1550749
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Feb 2020 19:20:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e4d8a98-8f51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 576128c27a0f1f55-FRA

GET
H2 200 jquery.validate.min.js Show response
secure.patriothealthalliance.com/js/ 25 KB
8 KB 28ms
27ms Script
application/javascript 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.patriothealthalliance.com/js/jquery.validate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bcce205f04604ce7c10ea64d84730110c5872df2ac2c3699f15f337bd8c5a02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 18:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1171697
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Mar 2020 16:03:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e5fd15c-6311"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 576128c27a101f55-FRA

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 72ms
19ms Script
application/javascript 2606:4700:20::681a:20e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=srCxQfd4KTgmSNJ7hDxcOwKd0ww2
Requested by: Host: secure.patriothealthalliance.com
URL: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:20e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0135e2e9e8402d3042377fb8fcba6fe26521209e26c2ae50a85e24d974fb1f8e

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
cf-cache-status: HIT
age: 1747870
status: 200
content-type: application/javascript
content-length: 497715
x-amz-id-2: bS+v5eKXHXOmCual2HeAK4LhRA8Yv1qyOLBXSy0cntrZf6KhFmbi5NFEQ0WGtNGfkCphZLoaibg=
last-modified: Thu, 15 Aug 2019 15:41:48 GMT
server: cloudflare
etag: "fa2c0c9552b99319ed55ce70955855f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 92EB98372714E456
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: 7RsCJUNysRMcqkyRLwe1KtYXPZzstQg_
accept-ranges: bytes
cf-ray: 576128c2dca7d6c5-FRA

GET
H2 200 progressbar.gif
secure.patriothealthalliance.com/assets/images/misc/ 11 KB
11 KB 19ms
18ms Image
image/gif 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/assets/images/misc/progressbar.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2db5ecc60118c5b1fe608a3d1dfd57c1fa6f987c24bf30122a8360802022338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1069139
status: 200
vary: Accept-Encoding
content-length: 10819
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Mar 2020 16:03:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e5fd15c-2a43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/gif
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c27a121f55-FRA

GET
H2 200 as-seen-on-01.png
secure.patriothealthalliance.com/assets/images/misc/ 4 KB
5 KB 17ms
17ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/assets/images/misc/as-seen-on-01.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

064af8c2adb467f2e032ac75ef3a709b82d50e65ba913338375e653c1b3cc9d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 282404
status: 200
vary: Accept-Encoding
content-length: 4524
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-11ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c29a741f55-FRA

GET
H2 200 logo-small.png
secure.patriothealthalliance.com/assets/images/ 2 KB
2 KB 28ms
28ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/assets/images/logo-small.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a03df1d06d23d28e99109be84c715a1f9cd7e54977f56a784877e5f68d20228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 480537
status: 200
vary: Accept-Encoding
content-length: 2366
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-93e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c2cacd1f55-FRA

GET
H2 200 app-letter-stop-fluoride-265x223.png
secure.patriothealthalliance.com/media/images/pur/ 38 KB
38 KB 119ms
118ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/pur/app-letter-stop-fluoride-265x223.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02c8fc3df02b4194e6d04e20582235ddd0e2b598fcc1c14f69e5b3771adb1552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 39111
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-98c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c2eb471f55-FRA

GET
H2 200 letter-wcvb-chinese-fluoride-440x214.png
secure.patriothealthalliance.com/media/images/pur/ 14 KB
14 KB 144ms
144ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/pur/letter-wcvb-chinese-fluoride-440x214.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f41f4849c9e82f477b4979a34f8058858bd4db1abf4e9c4b58ea7a46b32bd3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 14267
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-37bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c31bd71f55-FRA

GET
H2 200 letter-fox-news-drugs-in-water-385x349.png
secure.patriothealthalliance.com/media/images/app/ 72 KB
72 KB 142ms
139ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/app/letter-fox-news-drugs-in-water-385x349.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17eff5b2a65ac52a2e737b9012751eae8f7e6f0ebe24a42b455bd72e58d03f70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 73985
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-12101"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36cc41f55-FRA

GET
H2 200 letter-news-fox-toxic-chemicals-275x374.jpg
secure.patriothealthalliance.com/media/images/pur/ 29 KB
30 KB 140ms
136ms Image
image/jpeg 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/pur/letter-news-fox-toxic-chemicals-275x374.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87d41b9efcfc3543f794f8059912b9f8ed7bcd7bdca53f038183ee43dddccd11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 30065
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-7571"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36cc61f55-FRA

GET
H2 200 letter-whole-house-filter-setup-355x259.jpg
secure.patriothealthalliance.com/media/images/pur/ 21 KB
21 KB 150ms
146ms Image
image/jpeg 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/pur/letter-whole-house-filter-setup-355x259.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

261f151a9ee1ea9751662335c043a6f19998e6690ee61d2ad37c7b0b8efe182e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 21197
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-52cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36cc91f55-FRA

GET
H2 200 1-unit-350x413.png
secure.patriothealthalliance.com/media/images/pur/ 48 KB
48 KB 132ms
128ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/pur/1-unit-350x413.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89089c478abea5bc3c8f1580381640fc4819b0c4f1b5ccc6e72d5dbdfdd3faf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 48671
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-be1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36ccc1f55-FRA

GET
H2 200 dr-cage-180x266.png
secure.patriothealthalliance.com/media/images/misc/ 31 KB
31 KB 142ms
139ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/misc/dr-cage-180x266.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18f78f3ed826b7dc8fb1fb851b8e73d158f24afd9dea8ffb66fb2ebb84af404d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 31569
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-7b51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36cce1f55-FRA

GET
H2 200 testimonial-pur-barbara-m-70x70.png
secure.patriothealthalliance.com/media/images/testimonials/ 6 KB
7 KB 152ms
149ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/testimonials/testimonial-pur-barbara-m-70x70.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52e3b989b36276e9b71a964e4424bdcb7a18b34880f6719ca1c78b18ed2ace4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 6623
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-19df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36cd41f55-FRA

GET
H2 200 testimonial-pur-linda-a-70x70.png
secure.patriothealthalliance.com/media/images/testimonials/ 7 KB
7 KB 150ms
147ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/testimonials/testimonial-pur-linda-a-70x70.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a21bf8a048cb325de0e695d093eefcd461fa9abf7aa6fa1d82c069e567b89f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 6993
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-1b51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36cd51f55-FRA

GET
H2 200 bonus-report-whats-in-your-water-free-burst-400x475.png
secure.patriothealthalliance.com/media/images/bonus/ 62 KB
62 KB 154ms
151ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/bonus/bonus-report-whats-in-your-water-free-burst-400x475.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba900c91c4e9a98f6eb7de99394ac83ce70b25786774a5c715bf4b66419d7c99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 63771
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-f91b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36cd61f55-FRA

GET
H2 200 free-shipping-blue-burst.jpg
secure.patriothealthalliance.com/media/images/misc/ 11 KB
11 KB 156ms
153ms Image
image/jpeg 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/misc/free-shipping-blue-burst.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5cc491a14cc614d9a89ab47ea04cd4e26189135697fa650e57103617fc16c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 11301
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-2c25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36cda1f55-FRA

GET
H2 200 pgr-sample-7-pack-300x120.png
secure.patriothealthalliance.com/media/images/greens/greens-sample/ 16 KB
16 KB 169ms
166ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/greens/greens-sample/pgr-sample-7-pack-300x120.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

043698d6d9152ef4c21bc85723a98ab47f1814ba988bb302c2d7e65a4e3793e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 16376
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-3ff8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36cdc1f55-FRA

GET
H2 200 product-greens-bottle-01.jpg
secure.patriothealthalliance.com/media/images/greens/ 7 KB
7 KB 156ms
153ms Image
image/jpeg 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/greens/product-greens-bottle-01.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fa16418b2c8b682873e568e2e5eebdce1fb8b8fcd8ef7f80b6d0fe90a3a69d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 7547
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-1d7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36cde1f55-FRA

GET
H2 200 testimonial-pur-diane-70x70.jpg
secure.patriothealthalliance.com/media/images/testimonials/ 3 KB
3 KB 153ms
150ms Image
image/jpeg 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/testimonials/testimonial-pur-diane-70x70.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e387d6fd0e847346f00f6e0ae1a65f94aae73a3cba56189dbf30367a9733acb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 2612
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-a34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36cdf1f55-FRA

GET
H2 200 testimonial-pur-molly-70x70.jpg
secure.patriothealthalliance.com/media/images/testimonials/ 3 KB
3 KB 147ms
144ms Image
image/jpeg 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/testimonials/testimonial-pur-molly-70x70.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

337eca98f9bc429d063339ca01dc94d616d6f1da14bedf5962a5af21679bff8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 2883
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-b43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36ce21f55-FRA

GET
H2 200 guarantee-top.jpg
secure.patriothealthalliance.com/media/images/misc/ 13 KB
13 KB 19ms
16ms Image
image/jpeg 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/misc/guarantee-top.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63f1f2783447daf9ef5a8dcddf8b64dfe0a0bb6ea25862cd953d25b884d45997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2347442
status: 200
vary: Accept-Encoding
content-length: 13032
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Feb 2020 19:20:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e4d8a98-32e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36ce31f55-FRA

GET
H2 200 signature-jeff-01.jpg
secure.patriothealthalliance.com/media/images/misc/ 2 KB
2 KB 152ms
149ms Image
image/jpeg 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/misc/signature-jeff-01.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed66bd6c5c5da8ef65f57f722d70511df95bbc7738e07278ea287793b6455ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 2308
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-904"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36ce61f55-FRA

GET
H2 200 guarantee-bottom.jpg
secure.patriothealthalliance.com/media/images/misc/ 13 KB
13 KB 23ms
21ms Image
image/jpeg 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/misc/guarantee-bottom.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dc16ba03767625dbd5721da5c41e67d77d6e176254329fc731ad39a5951d5c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 505640
status: 200
vary: Accept-Encoding
content-length: 12920
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Mar 2020 16:03:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e5fd15c-3278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36ce71f55-FRA

GET
H2 200 testimonial-pur-i-e-70x70.jpg
secure.patriothealthalliance.com/media/images/testimonials/ 3 KB
4 KB 152ms
150ms Image
image/jpeg 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/testimonials/testimonial-pur-i-e-70x70.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed2f59812c618025847fccbb9f06c1602727eea63fdb97be7287b07780aea2a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 3562
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-dea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36ce91f55-FRA

GET
H2 200 active-duty-flag-ribbon-295x527.png
secure.patriothealthalliance.com/media/images/misc/ 22 KB
22 KB 32ms
30ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/misc/active-duty-flag-ribbon-295x527.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ec97f9e6883bb5194256e17650882af3be5a0f23f195cd3a98c59e8eff9ecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 282405
status: 200
vary: Accept-Encoding
content-length: 22681
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-5899"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36cea1f55-FRA

GET
H2 200 1-unit-array-price-burst-value-burst-720x536.png
secure.patriothealthalliance.com/media/images/pur/ 84 KB
84 KB 178ms
175ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/pur/1-unit-array-price-burst-value-burst-720x536.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21031f59c051ee90926b05485dce973e9a8d7d7e8726b2c531759abdd0fc31b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 85977
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-14fd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36ceb1f55-FRA

GET
H2 200 img-pur-checkout-345x369.jpg
secure.patriothealthalliance.com/media/images/pur/ 35 KB
36 KB 147ms
145ms Image
image/jpeg 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/pur/img-pur-checkout-345x369.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

377e85dbb038eb9f47be7eb20f6a9c5c37798fd1c9d1e30d164c5639a1992be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 36325
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-8de5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36ced1f55-FRA

GET
H2 200 testimonial-pur-terry-70x70.png
secure.patriothealthalliance.com/media/images/testimonials/ 6 KB
6 KB 150ms
148ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/testimonials/testimonial-pur-terry-70x70.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daace9c98f3322bfc0e549637b30e18f33329eec977f5728d6b4e91c9ee524f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 6045
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-179d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36cee1f55-FRA

GET
H2 200 testimonial-pur-lyn-r-70x70.png
secure.patriothealthalliance.com/media/images/testimonials/ 7 KB
7 KB 156ms
154ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/testimonials/testimonial-pur-lyn-r-70x70.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2bae9091feb53094a855dba69027a450c209da8a8dfa0fd4f2a91b6a02cfd53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 7154
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-1bf2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36cef1f55-FRA

GET
H2 200 testimonial-pur-laurie-h-70x70.png
secure.patriothealthalliance.com/media/images/testimonials/ 7 KB
7 KB 147ms
145ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/media/images/testimonials/testimonial-pur-laurie-h-70x70.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2698a435c60b64d70d8f1ce844e463571a8b057c0333f02f2fb44ae992e385f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 6804
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Mar 2020 23:08:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e6ac0fe-1a94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c36cf11f55-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
34 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TKJF7M

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1a377f5acd798b2d542f63c4e0614281f568eb6ca245bcd6a47e6f6d7b5cb8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 34331
x-xss-protection: 0
last-modified: Wed, 18 Mar 2020 18:30:17 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Mar 2020 18:53:55 GMT

GET
H2 200 index.html
cdn.useproof.com/proxy/ Frame 46D1 0
0 678ms
678ms Document
text/html 2606:4700:20::681a:20e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=srCxQfd4KTgmSNJ7hDxcOwKd0ww2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:20e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.useproof.com
:scheme: https
:path: /proxy/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com

Response headers

status: 200
date: Wed, 18 Mar 2020 18:53:55 GMT
content-type: text/html
content-length: 325
set-cookie: __cfduid=db2c2e71cdaf5fcbdbb3a3dd334cc2e461584557635; expires=Fri, 17-Apr-20 18:53:55 GMT; path=/; domain=.useproof.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2: mDnVW3egdMOKiOLu/OtDakfFWhTRBvGlYymqDhoDwFPEhzAWGOYId6ko/fmM3gMkJpyYIxxETyA=
x-amz-request-id: E9CCA7E47E4F3F8D
last-modified: Thu, 15 Aug 2019 15:41:48 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
cache-control: max-age=315360000, no-transform, public
x-amz-version-id: V3wOD8RjbA.D9D1fAXIzDOps5d_6lt3O
accept-ranges: bytes
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 576128c3b858d6c5-FRA

GET
H2 200 trans.png
secure.patriothealthalliance.com/assets/images/misc/ 96 B
179 B 15ms
13ms Image
image/png 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/assets/images/misc/trans.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4923b01188ce1fa83f795b56e88429dde546d1000447932d624eef7bfd513bcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/assets/css/prod/styles-lander.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1094430
status: 200
vary: Accept-Encoding
content-length: 96
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Mar 2020 16:03:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e5fd15c-60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 576128c3adc81f55-FRA

GET
H2 200 btn-pattern-choose-kit-01-01.svg
secure.patriothealthalliance.com/assets/images/buttons/ 18 KB
4 KB 19ms
18ms Image
image/svg+xml 2606:4700:10::6814:1337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.patriothealthalliance.com/assets/images/buttons/btn-pattern-choose-kit-01-01.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1337 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b562976d044e840922426e237f64f3e73f5694383d6d8dbf8d8c52b48fe6c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/assets/css/prod/styles-lander.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1067255
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Mar 2020 16:03:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e5fd15c-4994"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
cache-control: max-age=691200
cf-ray: 576128c3adcf1f55-FRA

GET
H2 200 guarantee-mid.jpg
cdn.4patriots.com/img/graphics/ 2 KB
3 KB 92ms
15ms Image
image/jpeg 2600:9000:2204:8600:5:feb4:3640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.4patriots.com/img/graphics/guarantee-mid.jpg
Requested by: Host: secure.patriothealthalliance.com
URL: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2204:8600:5:feb4:3640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39beba83220e9c2f46c2e1b0ae6776ebd5cdf3570fe4cf68e031f92261219999

Request headers

Referer: https://secure.patriothealthalliance.com/assets/css/prod/styles-lander.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 13:25:29 GMT
content-encoding
last-modified: Mon, 10 Jun 2019 16:21:37 GMT
server: AmazonS3
age: 19706
etag: "a409f25262319e8aa4f0feec9ec96e61"
x-cache: Hit from cloudfront
x-amz-version-id: nua5RwKQhNWxFh6aU2K7hyeibE7f6k1n
status: 200
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2468
via: 1.1 e7150584c93f85e64aa53364c55a16c7.cloudfront.net (CloudFront)
x-amz-cf-id: JxT3tKyRQCuOwzGXuQ6eGuE-XYFBTkxeZ2pFvN6WD3eXdRNyFzR5gg==

GET
H2 200 fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.1.0/fonts/ 82 KB
82 KB 17ms
16ms Font
font/woff 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by: Host: secure.patriothealthalliance.com
URL: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
Origin: https://secure.patriothealthalliance.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:43 GMT
access-control-allow-origin: *
etag: "1544639743"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 83764

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKJF7M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1223
date: Wed, 18 Mar 2020 18:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Wed, 18 Mar 2020 20:33:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: sFTba/0UUoGJWW4xwDm+wumJvY/LrhNCS4xKQdowH8z0++V+S9JLkeeybIEpTn3v3o0Qrt3aiSIBX4xte/ZcIQ==
x-fb-trip-id: 1850256238
date: Wed, 18 Mar 2020 18:53:55 GMT, Wed, 18 Mar 2020 18:53:55 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 18:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3104
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Wed, 18 Mar 2020 19:02:11 GMT

GET
H2 200 1295781763855844 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 86ms
86ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1295781763855844?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1afddd24b094389f33c33aa258c6596fc6bfff19db6db5e22647f35edacb1195

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: p/f6nRrH8Lv3VpxhQJWmItNgitZrQkbfYcdQOdQ89nj7iI6dzkZF4Wg60SthqYXy55nk9cXddJgeQ4CbN+U4iQ==
x-fb-trip-id: 1850256238
date: Wed, 18 Mar 2020 18:53:55 GMT, Wed, 18 Mar 2020 18:53:55 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=567974905&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.patriothealthalliance.com%2Fletter%2Fpitcher%2Findex.php%3Ftrv%3D3a1hsstq7o4o__10221__1037%26AFID%3DLTV%26aff_sub%3D200315-in%26aff_sub4%3D%26aff_sub5%3D%26email%3Dbills%2540belvac.com&ul=en-us&de=UTF-8&dt=Patriot%20Health%20Alliance&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAgEAL~&jid=1552730297&gjid=969403530&cid=1618353236.1584557635&tid=UA-54956868-1&_gid=1024126772.1584557635&gtm=2wg3b2TKJF7M&cd2=EMPTY&cd3=EMPTY&cd4=EMPTY&z=103052603

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 10 Mar 2020 22:56:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 676619
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-54956868-1&cid=1618353236.1584557635&jid=1552730297&gjid=969403530&_gid=1024126772.1584557635&_u=aGBAgEAL~&z=2075460669
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54956868-1&cid=1618353236.1584557635&jid=1552730297&_v=j81&z=2075460669
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54956868-1&cid=1618353236.1584557635&jid=1552730297&_v=j81&z=2075460669&slf_rd=1&random=1683549913

42 B
109 B

20ms
20ms

Image
image/gif

2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54956868-1&cid=1618353236.1584557635&jid=1552730297&_v=j81&z=2075460669&slf_rd=1&random=1683549913

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Mar 2020 18:53:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54956868-1&cid=1618353236.1584557635&jid=1552730297&_v=j81&z=2075460669&slf_rd=1&random=1683549913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
252 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1295781763855844&ev=PageView&dl=https%3A%2F%2Fsecure.patriothealthalliance.com%2Fletter%2Fpitcher%2Findex.php%3Ftrv%3D3a1hsstq7o4o__10221__1037%26AFID%3DLTV%26aff_sub%3D200315-in%26aff_sub4%3D%26aff_sub5%3D%26email%3Dbills%2540belvac.com&rl=&if=false&ts=1584557635423&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1584557635421.581528074&it=1584557635297&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT, Wed, 18 Mar 2020 18:53:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 18 Mar 2020 18:53:55 GMT

GET
H2 200 1.js Show response
cdn.ywxi.net/js/ 16 KB
5 KB 23ms
6ms Script
text/javascript 2600:9000:2057:e600:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/1.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKJF7M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2057:e600:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

103e7f50eb450d1d006e61a508493226f5f27812811b0d5a7fc9c29258314b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 18:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
age: 2017
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-type: text/javascript; charset=UTF-8
status: 200
x-amz-cf-pop: FRA6-C1
access-control-allow-origin: *
content-length: 4266
x-xss-protection: 1; mode=block
x-amz-cf-id: xPUlBWgYBWJBcOwqlXBNe4hILxFapcxYs52UIcmpkIoPip2I27V24w==
expires: Wed, 18 Mar 2020 19:20:18 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 24 KB
8 KB 29ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: secure.patriothealthalliance.com
URL: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 60dee30fbb522239142324aeb60131e28d3d8e4890cf5eabe7213df0506f98c2

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 18:53:54 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 04:51:11 GMT
x-msedge-ref: Ref A: 76215EAB1B4744559622222D20B89EF3 Ref B: FRAEDGE0111 Ref C: 2020-03-18T18:53:55Z
access-control-allow-origin: *
etag: "8094a4f3f8d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7450

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 13 KB
6 KB 55ms
17ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

da5d59b3200e322f2dc723505bd974e642d013f8261ed7be36bbab88b2044324

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 18:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3056
x-amz-server-side-encryption: AES256
status: 200
content-length: 5097
strict-transport-security: max-age=15552000
x-amz-request-id: 13AD18AE026EF898
x-amz-id-2: RFMhNo7tl9yMVxkYGU36qez2HtkuHwbMeokxf/pm9bO+LskDRff39+2mbWihnqK5pJacuuqDX1s=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 02 Apr 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 26 Feb 2020 09:47:57 GMT
server: ATS
etag: "d699f9d2abb1c3bd39981db583d3cf0f-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
x-amz-version-id: mKvbwHik1MhSUT4X3Aour3fBLLG6vD9V
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 6 KB
3 KB 666ms
225ms Script
application/x-javascript 72.247.225.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: secure.patriothealthalliance.com
URL: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.215 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-215.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8bd397636ecd49c36d687ad591807ea5ee621b1e11888657827902a5003fc4bb

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 18 Mar 2020 18:53:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 07:28:40 GMT
Server: AkamaiNetStorage
ETag: "522e4451790939ca385c10f4b474de63:1578382119.826889"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2617
Expires: Wed, 18 Mar 2020 19:13:56 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
106 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1295781763855844&ev=ViewContent&dl=https%3A%2F%2Fsecure.patriothealthalliance.com%2Fletter%2Fpitcher%2Findex.php%3Ftrv%3D3a1hsstq7o4o__10221__1037%26AFID%3DLTV%26aff_sub%3D200315-in%26aff_sub4%3D%26aff_sub5%3D%26email%3Dbills%2540belvac.com&rl=&if=false&ts=1584557635870&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1584557635421.581528074&it=1584557635297&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT, Wed, 18 Mar 2020 18:53:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 18 Mar 2020 18:53:55 GMT

GET
H2 200 /
p1.zemanta.com/p/771/884/ 26 B
167 B 174ms
145ms Image
image/gif 2a00:1450:4001:818::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.zemanta.com/p/771/884/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
x-cloud-trace-context: 58468afdede60a55ea0f07daf2998b77
server: Google Frontend
x-robots-tag: none
date: Wed, 18 Mar 2020 18:53:55 GMT
content-length: 26
content-type: image/gif

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/secure.patriothealthalliance.com/ 186 B
988 B 1303ms
324ms XHR
application/json 52.218.229.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/secure.patriothealthalliance.com/client.json?source=jsmain
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.229.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 189866a1763b6ce6cd280888c12dedff2030cdfe608edcb9262d0d64b5e17d92

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
Origin: https://secure.patriothealthalliance.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 18 Mar 2020 18:53:58 GMT
Content-Encoding: gzip
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 8788BBD4B9DB62E2
x-amz-replication-status: COMPLETED
Content-Length: 160
x-amz-id-2: vw1IGwLMC19/oCAZr+4MQY0BKaeMnVnh8to/huMjlLMxMOJUxeZDGivL+UeqQrKrZvTuuwDyliE=
Last-Modified: Tue, 17 Mar 2020 13:13:48 GMT
Server: AmazonS3
ETag: "abd716dc680ee817216c0df608b36723"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
x-amz-version-id: E6HbWSP_O.snfs7EtEziDTMshOq18AKE
Access-Control-Allow-Origin: https://secure.patriothealthalliance.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/json

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/secure.patriothealthalliance.com/ 186 B
988 B 1327ms
326ms XHR
application/json 52.218.229.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/secure.patriothealthalliance.com/client.json?source=jsinline
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.229.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 189866a1763b6ce6cd280888c12dedff2030cdfe608edcb9262d0d64b5e17d92

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
Origin: https://secure.patriothealthalliance.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 18 Mar 2020 18:53:58 GMT
Content-Encoding: gzip
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 294210F74D9E100E
x-amz-replication-status: COMPLETED
Content-Length: 160
x-amz-id-2: T7/5S416ZIsIStsYazqaKkGGiQ9UO+ih4wgOyroCiPA472baWEXwinkOlxwji/VEyffdziM6CLQ=
Last-Modified: Tue, 17 Mar 2020 13:13:48 GMT
Server: AmazonS3
ETag: "abd716dc680ee817216c0df608b36723"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
x-amz-version-id: E6HbWSP_O.snfs7EtEziDTMshOq18AKE
Access-Control-Allow-Origin: https://secure.patriothealthalliance.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/json

GET
H2 200 prum.min.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 30ms
16ms Script
application/javascript 2606:4700:10::6814:15ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/prum.min.js
Requested by: Host: secure.patriothealthalliance.com
URL: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:15ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d659b59a4cf40320e19b273395524a19b1a354beceb07e791746aec927465c2

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 26 Jun 2019 09:19:43 GMT
server: cloudflare
age: 4148
etag: W/"5d1338af-186f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=43200
cf-ray: 576128c86d9263ad-FRA
access-control-allow-origin: *

GET
H2 204 0
bat.bing.com/action/ 0
93 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5587796&Ver=2&mid=120e4305-bc9a-1438-7c11-6536d741d6bb&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Patriot%20Health%20Alliance&p=https%3A%2F%2Fsecure.patriothealthalliance.com%2Fletter%2Fpitcher%2Findex.php%3Ftrv%3D3a1hsstq7o4o__10221__1037%26AFID%3DLTV%26aff_sub%3D200315-in%26aff_sub4%3D%26aff_sub5%3D%26email%3Dbills%2540belvac.com&r=&lt=1700&evt=pageLoad&msclkid=N&rn=257845
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Wed, 18 Mar 2020 18:53:54 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 76489BAED46A4D8A98F4B8A20E9A48C8 Ref B: FRAEDGE0111 Ref C: 2020-03-18T18:53:55Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
106 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1295781763855844&ev=Microdata&dl=https%3A%2F%2Fsecure.patriothealthalliance.com%2Fletter%2Fpitcher%2Findex.php%3Ftrv%3D3a1hsstq7o4o__10221__1037%26AFID%3DLTV%26aff_sub%3D200315-in%26aff_sub4%3D%26aff_sub5%3D%26email%3Dbills%2540belvac.com&rl=&if=false&ts=1584557635926&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Patriot%20Health%20Alliance%22%2C%22meta%3Adescription%22%3A%22Patriot%20Health%20Alliance.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure.patriothealthalliance.com%2Fletter%2Fpitcher%2Findex.php%22%2C%22og%3Atitle%22%3A%22Just%20Fill%2C%20Filter%20%26%20Enjoy%22%2C%22og%3Adescription%22%3A%22No%20other%20pitcher%20compares.%20Here%E2%80%99s%20why...%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.4patriots.com%2Fimg%2Fpurify%2Fpitcher%2Flifestyle-filter-oranges-fb-opengraph.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=2&o=30&fbp=fb.1.1584557635421.581528074&it=1584557635297&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT, Wed, 18 Mar 2020 18:53:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 18 Mar 2020 18:53:55 GMT

GET
H2 200 10003871.json Show response
s.yimg.com/wi/config/ 2 B
494 B 154ms
120ms XHR
application/json 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10003871.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
Origin: https://secure.patriothealthalliance.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Mar 2020 18:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: DB6EE184084A1156
x-amz-id-2: 2zRMmqBmzrRt7FKNLTtBnYipBEUaZ+/mdIQGxSgs0Jr8v8qYzeGzvvuGWSWwy7n+3VVCOpI07rY=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 472ms
122ms XHR
text/plain 52.30.151.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=574db914abe53dd4449c1b72&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=22&cE=301&dLE=22&dLS=0&fS=0&hS=27&rE=-1&rS=-1&reS=301&resS=750&resE=769&uEE=-1&uES=-1&dL=783&dI=1022&dCLES=1022&dCLEE=1028&dC=1699&lES=1699&lEE=1700&s=nt&title=Patriot%20Health%20Alliance&path=https%3A%2F%2Fsecure.patriothealthalliance.com%2Fletter%2Fpitcher%2Findex.php&ref=&sId=ukprkfpk&sST=1584557635&sIS=1&rV=0&v=1.4.0
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/prum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.151.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-151-94.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
Origin: https://secure.patriothealthalliance.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 18 Mar 2020 18:53:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK pixel
tr.outbrain.com/ 43 B
333 B 765ms
196ms Image
image/gif 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.outbrain.com/pixel?marketerId=0060db04a2d2e5d95641fe69809315f1e6&obApiVersion=1.0&obtpVersion=1.1.8&name=PAGE_VIEW&dl=https%3A%2F%2Fsecure.patriothealthalliance.com%2Fletter%2Fpitcher%2Findex.php%3Ftrv%3D3a1hsstq7o4o__10221__1037%26AFID%3DLTV%26aff_sub%3D200315-in%26aff_sub4%3D%26aff_sub5%3D%26email%3Dbills%2540belvac.com&optOut=false&bust=018439992768262536

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 18 Mar 2020 18:53:57 GMT
content-encoding: gzip
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: image/gif;
Cache-Control: no-cache
Connection: close
X-TraceId: e4c6e74fe69c317df40393997e554ba0
Content-Length: 60

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
314 B 729ms
186ms Image
image/gif 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amplifypixel.outbrain.com/pixel?mid=0060db04a2d2e5d95641fe69809315f1e6&dl=https%3A%2F%2Fsecure.patriothealthalliance.com%2Fletter%2Fpitcher%2Findex.php%3Ftrv%3D3a1hsstq7o4o__10221__1037%26AFID%3DLTV%26aff_sub%3D200315-in%26aff_sub4%3D%26aff_sub5%3D%26email%3Dbills%2540belvac.com&bust=04110430024376168

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 18 Mar 2020 18:53:57 GMT
Cache-Control: no-cache
X-TraceId: 2569ca6963da777e5c883eb31a313b86
content-encoding: gzip
Content-Length: 60
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: image/gif;

GET
H2 200 ajax Show response
www.trustedsite.com/rpc/ 6 B
509 B 1067ms
344ms Script
text/javascript 35.166.24.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=secure.patriothealthalliance.com&rand=1584557637198

Requested by

Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.24.200 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-24-200.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.patriothealthalliance.com/letter/pitcher/index.php?trv=3a1hsstq7o4o__10221__1037&AFID=LTV&aff_sub=200315-in&aff_sub4=&aff_sub5=&email=bills%40belvac.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 18:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
content-type: text/javascript; charset=UTF-8
status: 200
content-length: 26
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.patriothealthalliance.com/	1970-01-19 10:18:53	Name: _fbp Value: fb.1.1584557635421.581528074
.patriothealthalliance.com/	1970-01-19 08:09:17	Name: _dc_gtm_UA-54956868-1 Value: 1
.patriothealthalliance.com/	1970-01-19 08:10:44	Name: _gid Value: GA1.2.1024126772.1584557635
.patriothealthalliance.com/	1970-01-20 01:40:29	Name: _ga Value: GA1.2.1618353236.1584557635
.patriothealthalliance.com/	1970-01-19 08:52:29	Name: __cfduid Value: d077c53aafee3650d32802a24c07e6b351584557634
.patriothealthalliance.com/	1970-01-19 10:18:53	Name: _gcl_au Value: 1.1.1318338261.1584557635
secure.patriothealthalliance.com/	1970-01-19 08:09:24	Name: PHPSESSID Value: 55e320f0e6ea0ed6b085690fb027e5de

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
amplify.outbrain.com
amplifypixel.outbrain.com
bat.bing.com
cdn.4patriots.com
cdn.useproof.com
cdn.ywxi.net
connect.facebook.net
fonts.googleapis.com
maxcdn.bootstrapcdn.com
p1.zemanta.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s.yimg.com
s3-us-west-2.amazonaws.com
secure.patriothealthalliance.com
stats.g.doubleclick.net
tr.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.trustedsite.com
2001:4de0:ac19::1:b:1a
2600:9000:2057:e600:14:6bfc:5740:93a1
2600:9000:2204:8600:5:feb4:3640:93a1
2606:4700:10::6814:1337
2606:4700:10::6814:15ef
2606:4700:20::681a:20e
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::2008
2a00:1450:4001:809::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:814::200e
2a00:1450:4001:818::2013
2a00:1450:4001:820::2003
2a00:1450:4001:824::2004
2a00:1450:400c:c06::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.166.24.200
52.218.229.192
52.30.151.94
70.42.32.63
72.247.225.215
0135e2e9e8402d3042377fb8fcba6fe26521209e26c2ae50a85e24d974fb1f8e
02c8fc3df02b4194e6d04e20582235ddd0e2b598fcc1c14f69e5b3771adb1552
043698d6d9152ef4c21bc85723a98ab47f1814ba988bb302c2d7e65a4e3793e4
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
064af8c2adb467f2e032ac75ef3a709b82d50e65ba913338375e653c1b3cc9d1
103e7f50eb450d1d006e61a508493226f5f27812811b0d5a7fc9c29258314b54
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17eff5b2a65ac52a2e737b9012751eae8f7e6f0ebe24a42b455bd72e58d03f70
189866a1763b6ce6cd280888c12dedff2030cdfe608edcb9262d0d64b5e17d92
18f78f3ed826b7dc8fb1fb851b8e73d158f24afd9dea8ffb66fb2ebb84af404d
1a21bf8a048cb325de0e695d093eefcd461fa9abf7aa6fa1d82c069e567b89f0
1afddd24b094389f33c33aa258c6596fc6bfff19db6db5e22647f35edacb1195
21031f59c051ee90926b05485dce973e9a8d7d7e8726b2c531759abdd0fc31b8
250800b2fc6caa0412c06109c595d3b6d147b34c04a63e9ed86e228bb9126331
261f151a9ee1ea9751662335c043a6f19998e6690ee61d2ad37c7b0b8efe182e
2698a435c60b64d70d8f1ce844e463571a8b057c0333f02f2fb44ae992e385f6
2d659b59a4cf40320e19b273395524a19b1a354beceb07e791746aec927465c2
337eca98f9bc429d063339ca01dc94d616d6f1da14bedf5962a5af21679bff8e
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
377e85dbb038eb9f47be7eb20f6a9c5c37798fd1c9d1e30d164c5639a1992be9
39beba83220e9c2f46c2e1b0ae6776ebd5cdf3570fe4cf68e031f92261219999
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4923b01188ce1fa83f795b56e88429dde546d1000447932d624eef7bfd513bcb
4a03df1d06d23d28e99109be84c715a1f9cd7e54977f56a784877e5f68d20228
4bcce205f04604ce7c10ea64d84730110c5872df2ac2c3699f15f337bd8c5a02
52e3b989b36276e9b71a964e4424bdcb7a18b34880f6719ca1c78b18ed2ace4d
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5f41f4849c9e82f477b4979a34f8058858bd4db1abf4e9c4b58ea7a46b32bd3a
60dee30fbb522239142324aeb60131e28d3d8e4890cf5eabe7213df0506f98c2
63f1f2783447daf9ef5a8dcddf8b64dfe0a0bb6ea25862cd953d25b884d45997
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
776dc52d0d443b8d4d1f78c3e1c3fd0ec7fb21f6ef348e017fd4da9e7043249a
7b562976d044e840922426e237f64f3e73f5694383d6d8dbf8d8c52b48fe6c20
7dc16ba03767625dbd5721da5c41e67d77d6e176254329fc731ad39a5951d5c0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87d41b9efcfc3543f794f8059912b9f8ed7bcd7bdca53f038183ee43dddccd11
89089c478abea5bc3c8f1580381640fc4819b0c4f1b5ccc6e72d5dbdfdd3faf0
8bd397636ecd49c36d687ad591807ea5ee621b1e11888657827902a5003fc4bb
9d7d1c727e1cd32745764098a76e5d3d5fb7acd3b6527c5aacd85b7c6f8ce341
9fa16418b2c8b682873e568e2e5eebdce1fb8b8fcd8ef7f80b6d0fe90a3a69d0
a2db5ecc60118c5b1fe608a3d1dfd57c1fa6f987c24bf30122a8360802022338
a3ec97f9e6883bb5194256e17650882af3be5a0f23f195cd3a98c59e8eff9ecc
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b8bd4084d4a42d6a74dc4c61d011536def9c7946c9c1c97d63f9a62170ddbdce
ba900c91c4e9a98f6eb7de99394ac83ce70b25786774a5c715bf4b66419d7c99
c1a377f5acd798b2d542f63c4e0614281f568eb6ca245bcd6a47e6f6d7b5cb8c
da5d59b3200e322f2dc723505bd974e642d013f8261ed7be36bbab88b2044324
daace9c98f3322bfc0e549637b30e18f33329eec977f5728d6b4e91c9ee524f7
e2bae9091feb53094a855dba69027a450c209da8a8dfa0fd4f2a91b6a02cfd53
e387d6fd0e847346f00f6e0ae1a65f94aae73a3cba56189dbf30367a9733acb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cc491a14cc614d9a89ab47ea04cd4e26189135697fa650e57103617fc16c1e
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ed2f59812c618025847fccbb9f06c1602727eea63fdb97be7287b07780aea2a9
ed66bd6c5c5da8ef65f57f722d70511df95bbc7738e07278ea287793b6455ccb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9a3a2521c456b2fa839e8baf1adb8083673a219f7f9f12ae34d3caf57130e7a

secure.patriothealthalliance.com Open in urlscan Pro 2606:4700:10::6814:1337 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

65 Requests

100 %HTTPS

78 %IPv6

20 Domains

24 Subdomains

21 IPs

6 Countries

1493 kBTransfer

2378 kBSize

7 Cookies

0 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.patriothealthalliance.com Open in urlscan Pro
2606:4700:10::6814:1337 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

100 %
HTTPS

78 %
IPv6

20
Domains

24
Subdomains

21
IPs

6
Countries

1493 kB
Transfer

2378 kB
Size

7
Cookies

65 HTTP transactions
0 data transactions