urlscan.io logo urlscan.io
SecurityTrails logo

push.fm Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://push.fm/fl/s6hdwhvc
Submission: On October 25 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 24 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is push.fm.
TLS certificate: Issued by WE1 on September 25th 2024. Valid for: 3 months.
This is the only time push.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 188.114.96.3 13335 (CLOUDFLAR...)
6 18.245.78.111 16509 (AMAZON-02)
1 157.240.252.13 32934 (FACEBOOK)
4 142.250.185.168 15169 (GOOGLE)
2 142.250.186.142 15169 (GOOGLE)
1 216.58.206.36 15169 (GOOGLE)
2 108.156.61.224 16509 (AMAZON-02)
2 4 216.239.32.36 15169 (GOOGLE)
1 64.233.166.154 15169 (GOOGLE)
1 142.250.74.195 15169 (GOOGLE)
24 11
3    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
push.fm
6    18.245.78.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-78-111.fra60.r.cloudfront.net
d29xpkeqnsbaz3.cloudfront.net
1    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
4    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
2    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
www.google-analytics.com
1    216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f4.1e100.net
www.google.com
2    108.156.61.224 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-61-224.ams1.r.cloudfront.net
d1l1gotk1xybsc.cloudfront.net
4    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    64.233.166.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f154.1e100.net
stats.g.doubleclick.net
1    142.250.74.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
www.google.nl
Apex Domain
Subdomains		 Transfer
8 cloudfront.net
d29xpkeqnsbaz3.cloudfront.net
d1l1gotk1xybsc.cloudfront.net
273 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
21 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 Failed
273 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4401
2 KB
3 push.fm
push.fm
14 KB
1 google.nl
www.google.nl — Cisco Umbrella Rank: 13162
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
548 B
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
58 KB
24 8
Domain Requested by
6 d29xpkeqnsbaz3.cloudfront.net push.fm
d29xpkeqnsbaz3.cloudfront.net
4 www.googletagmanager.com push.fm
www.googletagmanager.com
3 push.fm push.fm
d29xpkeqnsbaz3.cloudfront.net
2 region1.google-analytics.com
2 region1.analytics.google.com 2 redirects
2 d1l1gotk1xybsc.cloudfront.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.google.nl
1 stats.g.doubleclick.net www.googletagmanager.com
1 www.google.com www.googletagmanager.com
1 connect.facebook.net push.fm
24 11

This site contains links to these domains. Also see Links.

Domain
qrcc.me
routenote.com
Subject Issuer Validity Valid
push.fm
WE1		 2024-09-25 -
2024-12-24		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-03 -
2024-11-01		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.nl
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://push.fm/fl/s6hdwhvc
Frame ID: 85F63CE22D1E377ADDED735DD1606EA4
Requests: 23 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fpush.fm
Frame ID: 64EDAA754B9F181EDBDC13339739B2A1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

My Medical Clinic MN by Online Payment Portal Alternate Signing Method | Find more at VIEW | PUSH.fm

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

24
Requests

88 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

11
IPs

3
Countries

641 kB
Transfer

2350 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-VC4FJ5WFTN&gtm=45je4al0v885018856z89113111505za200&_p=1729875402971&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685~101823848&cid=63491860.1729875404&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1729875403&sct=1&seg=0&dl=https%3A%2F%2Fpush.fm%2Ffl%2Fs6hdwhvc&dt=My%20Medical%20Clinic%20MN%20by%20Online%20Payment%20Portal%20Alternate%20Signing%20Method%20%7C%20Find%20more%20at%20VIEW%20%7C%20PUSH.fm&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=1322 HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=63491860.1729875404&dbk=17666810341932912842&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4al0v885018856z89113111505za200&npa=1&tid=G-VC4FJ5WFTN&dl=https%3A%2F%2Fpush.fm%3F
Request Chain 20
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-VC4FJ5WFTN&gtm=45je4al0v885018856za200&_p=1729875402971&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685~101823848&cid=63491860.1729875404&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAK&_s=2&sid=1729875403&sct=1&seg=1&dl=https%3A%2F%2Fpush.fm%2Ffl%2Fs6hdwhvc&dt=My%20Medical%20Clinic%20MN%20by%20Online%20Payment%20Portal%20Alternate%20Signing%20Method%20%7C%20Find%20more%20at%20VIEW%20%7C%20PUSH.fm&en=page_view&_c=1&_et=6&tfd=1331 HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=63491860.1729875404&dbk=14944184040627858487&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4al0v885018856za200&npa=1&tid=G-VC4FJ5WFTN&dl=https%3A%2F%2Fpush.fm%3F

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request s6hdwhvc
push.fm/fl/ 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://push.fm/fl/s6hdwhvc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3e9a3a287e402a5d7b3f8bde8c3de84138b941a188a52c3527f093d9aed8f2c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8d83bdd05bb1d25e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 25 Oct 2024 16:56:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fUnH5ZPK21AxxrpTVpwpV%2BvtlMvxr0lvKXMgNLGNhT1R2DWvove%2Ft%2Bxtd%2F7UcNe%2FfUFvuw5Pd5NV5l2wZ7ENJBfqSD%2FcaG7WK1SLsFYoAFNCHJgWFYp4i7qB"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=21256&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4131&recv_bytes=4487&delivery_rate=651&cwnd=12000&unsent_bytes=0&cid=9fd635ecdf0a480a&ts=284&x=1" cfExtPri cfHdrFlush;dur=0
via
1.1 f0b5999c895f4b29c49c485a0a825d0c.cloudfront.net (CloudFront)
x-amz-apigw-id
AN0XrECsLPEENcA=
x-amz-cf-id
sHHAkaLOGMlf7Hdnrmx_UEZvoDGqK1s2XT5O8llhFojcb6s_FvUP-Q==
x-amz-cf-pop
FRA56-P12
x-amzn-remapped-date
Fri, 25 Oct 2024 16:56:42 GMT
x-amzn-requestid
c59c0226-f173-49d7-b1d8-c9b68034167b
x-amzn-trace-id
Root=1-671bcdca-5bdb046b27945ea56ed6bf16;Parent=68bcedb1cea6cbe1;Sampled=0;Lineage=1:7c788e94:0
x-cache
Miss from cloudfront
x-robots-tag
all
products.css
d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/ 		196 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/products.css
Requested by
Host: push.fm
URL: https://push.fm/fl/s6hdwhvc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-111.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c244bb5c201e6e2bb67efb8749e0cd612efc3ac8d03f2ae78cb90ae27b11846

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
content-encoding
br
etag
W/"8ce06c52db93cd0ac5d85aafbe90afb4"
age
192507
via
1.1 75102a66d781b0fa0df5617ce2738546.cloudfront.net (CloudFront)
expires
Sat, 23 Nov 2024 11:25:42 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
ayjfX26QYLWi82k7q4zDDJIadlanEnkBpBhLDrU3Zf2gHq_zs-y5xg==
date
Wed, 23 Oct 2024 11:28:16 GMT
content-type
text/css
last-modified
Wed, 23 Oct 2024 11:25:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
fonts.css
d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/ 		5 KB
897 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/fonts.css
Requested by
Host: push.fm
URL: https://push.fm/fl/s6hdwhvc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-111.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
71401a2e4a48f15b0d02ba2fc6fc9ed3a219760b4eada58fe01b07b940118e4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

vary
Accept-Encoding, Origin
cache-control
public, max-age=2628000
content-encoding
br
etag
W/"1a68fc0c866f1cac6f5288cf63933106"
age
192507
via
1.1 75102a66d781b0fa0df5617ce2738546.cloudfront.net (CloudFront)
expires
Fri, 13 May 2022 11:15:03 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
6TO2Lo7RoWaaV2W6EumFigvjQ9i13Bgm3M28CRgifLX1kkXsvAahHA==
date
Wed, 23 Oct 2024 11:28:16 GMT
content-type
text/css
last-modified
Wed, 23 Oct 2024 11:25:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
rocket-loader.min.js
push.fm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://push.fm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: push.fm
URL: https://push.fm/fl/s6hdwhvc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/fl/s6hdwhvc

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"67180f7e-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNEyuaQoItK%2F5t0g7OtLM%2FQWTBKgEcuNZ2kgdaRx62sMn3ExmT0B0Cxuy1VJmw9gk0XowybjWc8rdF%2BB7tRBhgxSf30YnV3TOFYxow3Dk6A6gDWaX9qandAR"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d83bdd248d2d25e-FRA
expires
Sun, 27 Oct 2024 16:56:42 GMT
date
Fri, 25 Oct 2024 16:56:42 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 20:47:58 GMT
server
cloudflare
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		0
0
products.js
d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/js/ 		997 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/js/products.js
Requested by
Host: push.fm
URL: https://push.fm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-111.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
829cf4f9d8bec889ce962937d1535a5e0f63b45d22d6bb57c0610f44309a356a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
content-encoding
br
etag
W/"357e880575dff1674aa7b2196884b278"
age
192506
via
1.1 75102a66d781b0fa0df5617ce2738546.cloudfront.net (CloudFront)
expires
Sat, 23 Nov 2024 04:59:31 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
g2pfjbN10i7TjKGizYiABe5FhTfMXrjb9TWrh_SRqP6MlgvO03mnsg==
date
Wed, 23 Oct 2024 11:28:18 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 11:26:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/ 		229 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: push.fm
URL: https://push.fm/fl/s6hdwhvc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
eab9cbb1928a9de3ed2b7164ea7215b1ee0c9d7584d04aac97fe5b6798140c48
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Oct 2024 16:56:43 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4413, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
PaatIx0LgM10eybnRmPHg51I6jvQVhcAzfPL3pvIyumMA69VBkoW9yemrf3JFoaIB0kKUs4DYCHPQc7m4u5bBQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59722
x-xss-protection
0
origin-agent-cluster
?1
gtm.js
www.googletagmanager.com/ 		274 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TJWRC65
Requested by
Host: push.fm
URL: https://push.fm/fl/s6hdwhvc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bb10127235be5cdff25cca26847f6c126f2dceb12f368c87e549bace5d29612b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 25 Oct 2024 16:56:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 16:56:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Oct 2024 16:25:06 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96825
x-xss-protection
0
server
Google Tag Manager
favicon.png
d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-111.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef18fbb2ba59e1fbf2b91b87ba5b203d3c5b10c4c996b6b7edce99f0a5c68f94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

etag
"b662260c55b49f96fa2d81d25bd4fd1c"
age
192269
expires
Fri, 13 May 2022 11:15:03 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
asOSoua3-xH-z5nSXA4Q2AyJp5nHwp0XVwAY6dZQPe72BD-TwBYKUw==
date
Wed, 23 Oct 2024 11:32:14 GMT
content-type
image/png
vary
Origin
last-modified
Wed, 23 Oct 2024 11:25:55 GMT
cache-control
public, max-age=2628000
via
1.1 75102a66d781b0fa0df5617ce2738546.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
5346
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		211 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-136798758-1
Requested by
Host: push.fm
URL: https://push.fm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
25314a85dcd8b66ff0f39db3063571f4e7b0107a59dc5b92e5664c47643a1442
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 25 Oct 2024 16:56:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 16:56:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
77371
x-xss-protection
0
server
Google Tag Manager
s6hdwhvc
push.fm/api/guest/link/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://push.fm/api/guest/link/s6hdwhvc
Requested by
Host: d29xpkeqnsbaz3.cloudfront.net
URL: https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/js/products.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26d2ccdb0860148637225964989291fe80b931c64b5adb36e4fcb087ec56c468

Request headers

X-XSRF-TOKEN
eyJpdiI6InhJVEdpenl5ZEloaG8xZlZlMzdGT1E9PSIsInZhbHVlIjoiSlcvOENDbTRycjJ1U20rTUpYallzTTRjdHNMUkQ3b3EyNXBjMzdjdkFMZENqWFBUNERCZVNpazNwU1JxOCszeUVDekNnWjRpMllFNHhTYTdrSkdhbW5rQ09aNGx2N00yOGptaWU1L2lQeHFoUzJzQ1QxdU81ZjY0NmQ0YU9wVGMiLCJtYWMiOiJlZWZhYzQ0MmFmNTcwZjdiMjBmOTZiYzhjMmJlOTY5NDk4YjA1NmZkMWEwZTkzZmY5NGJlNjZlMWFjZmY2NjkxIiwidGFnIjoiIn0=
Referer
https://push.fm/fl/s6hdwhvc
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Referer-start

Response headers

x-robots-tag
all
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sHAG%2FQJS%2B3RQ8KcPr06dIvn3%2BKyJ0crXNJ1Piwnr7KB0TnkGSuYs9h%2FTuI2Z%2BybUFsR17nfWHAC8Ghz0vFgAadt0%2BfyZ1xOzunIRcwXTpHBFI6sqpwMyDdLQ"}],"group":"cf-nel","max_age":604800}
x-amzn-requestid
0dca010d-b5a7-465c-8694-b27d9f638abb
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
oXbXBfzsC6VlSdVFvYWPJfGNhPdpbmy2_KMjYNTJGdcdz6auMDzWFQ==
date
Fri, 25 Oct 2024 16:56:43 GMT
content-type
application/json
priority
u=1,i
server-timing
cfL4;desc="?proto=QUIC&rtt=20126&sent=26&recv=18&lost=0&retrans=0&sent_bytes=16439&recv_bytes=6826&delivery_rate=227676&cwnd=12000&unsent_bytes=0&cid=9fd635ecdf0a480a&ts=1181&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-apigw-id
AN0X0Gj3LPEElsA=
x-amzn-remapped-date
Fri, 25 Oct 2024 16:56:43 GMT
x-amzn-trace-id
Root=1-671bcdcb-07672fc4454291aa6c0bcab9;Parent=141c4d5189479e2c;Sampled=0;Lineage=1:7c788e94:0
via
1.1 f0b5999c895f4b29c49c485a0a825d0c.cloudfront.net (CloudFront)
cf-ray
8d83bdd5da45d25e-FRA
x-amz-cf-pop
FRA56-P12
server
cloudflare
js
www.googletagmanager.com/gtag/ 		299 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VC4FJ5WFTN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136798758-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
cb14ad8bdb2aef09fae139f42b040dfb29c146aa5eebdfbef45d9aeb3edfa4d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 25 Oct 2024 16:56:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 16:56:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103900
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136798758-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

content-encoding
gzip
age
5428
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 25 Oct 2024 17:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 15:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fpush.fm%2Ffl%2Fs6hdwhvc&scrsrc=www.googletagmanager.com&frm=0&rnd=1725936134.1729875403&auid=270547951.1729875403&npa=1&gtm=45He4al0v9113111505za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685~101823848&tft=1729875403472&tfd=1232&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJWRC65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 64ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fpush.fm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJWRC65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
327965
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Mon, 21 Oct 2024 21:50:38 GMT
expires
Tue, 21 Oct 2025 21:50:38 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
eyJrZXkiOiIxMzM5OTZcLzBiMWE3MjU3LWMzNzUtNGZjNS1iNzBjLWFiZGIzOTEyZGQxNSIsImJ1Y2tldCI6InJvdXRlbm90ZS1wdXNoIiwiZWRpdHMiOnsicmVzaXplIjp7ImZpdCI6ImNvdmVyIiwid2lkdGgiOjEyOCwiaGVpZ2h0IjoxMjh9fX0=
d1l1gotk1xybsc.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1l1gotk1xybsc.cloudfront.net/eyJrZXkiOiIxMzM5OTZcLzBiMWE3MjU3LWMzNzUtNGZjNS1iNzBjLWFiZGIzOTEyZGQxNSIsImJ1Y2tldCI6InJvdXRlbm90ZS1wdXNoIiwiZWRpdHMiOnsicmVzaXplIjp7ImZpdCI6ImNvdmVyIiwid2lkdGgiOjEyOCwiaGVpZ2h0IjoxMjh9fX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.61.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-61-224.ams1.r.cloudfront.net
Software
/
Resource Hash
86bb0ade504e103d2155c8dc5bb65705d457a70daa5871f347789162c6279604

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

age
76631
access-control-allow-methods
GET
x-amzn-requestid
5271b377-5cd7-4ac3-8820-79fa27bea5fc
x-cache
Hit from cloudfront
x-amz-cf-id
eQ6d3Va5j3wvqMwT3vSPHilnQ1Pbl_Ib0SFwkV-7_Li_verfn6df-g==
date
Thu, 24 Oct 2024 19:39:32 GMT
content-type
image/webp
last-modified
Thu, 24 Oct 2024 19:23:51 GMT
access-control-allow-headers
Content-Type, Authorization
cache-control
max-age=604800
x-amz-apigw-id
AK5SPHVaoAMED-A=
x-amzn-trace-id
Root=1-671aa274-5c6aef19480bb3b179503a47;Parent=34cc082562999098;Sampled=0;Lineage=1:0f41bae8:0
access-control-allow-credentials
true
via
1.1 b4b344356515496fe04e908f6ee73f4e.cloudfront.net (CloudFront)
access-control-allow-origin
push.fm
content-length
1742
x-amz-cf-pop
AMS1-P2
eyJrZXkiOiIxMzM5OTZcLzBiMWE3MjU3LWMzNzUtNGZjNS1iNzBjLWFiZGIzOTEyZGQxNSIsImJ1Y2tldCI6InJvdXRlbm90ZS1wdXNoIiwiZWRpdHMiOnsicmVzaXplIjp7ImZpdCI6ImNvbnRhaW4iLCJ3aWR0aCI6bnVsbCwiaGVpZ2h0Ijo1NDB9fX0=
d1l1gotk1xybsc.cloudfront.net/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1l1gotk1xybsc.cloudfront.net/eyJrZXkiOiIxMzM5OTZcLzBiMWE3MjU3LWMzNzUtNGZjNS1iNzBjLWFiZGIzOTEyZGQxNSIsImJ1Y2tldCI6InJvdXRlbm90ZS1wdXNoIiwiZWRpdHMiOnsicmVzaXplIjp7ImZpdCI6ImNvbnRhaW4iLCJ3aWR0aCI6bnVsbCwiaGVpZ2h0Ijo1NDB9fX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.61.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-61-224.ams1.r.cloudfront.net
Software
/
Resource Hash
2594d1a7975b020b38a9d9691176fd073065cb6a03d1af5bbb5fd5ce59e93678

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

age
76630
access-control-allow-methods
GET
x-amzn-requestid
d0ee2a38-800b-4466-9461-1ae38b46e1c8
x-cache
Hit from cloudfront
x-amz-cf-id
F4IZ1yfEWHJCsHlXu509go0ODiiXFvf54BQhIzAwiG609zkk9Hx1iA==
date
Thu, 24 Oct 2024 19:39:32 GMT
content-type
image/webp
last-modified
Thu, 24 Oct 2024 19:23:51 GMT
access-control-allow-headers
Content-Type, Authorization
cache-control
max-age=604800
x-amz-apigw-id
AK5SPFj4IAMEu4g=
x-amzn-trace-id
Root=1-671aa274-05f994295de6eefe01aa9ecd;Parent=35e082d0af6b0b30;Sampled=0;Lineage=1:0f41bae8:0
access-control-allow-credentials
true
via
1.1 b4b344356515496fe04e908f6ee73f4e.cloudfront.net (CloudFront)
access-control-allow-origin
push.fm
content-length
11518
x-amz-cf-pop
AMS1-P2
hkgrotesk-bold.woff2
d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/hkgrotesk-bold.woff2
Requested by
Host: d29xpkeqnsbaz3.cloudfront.net
URL: https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-111.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c72825546c0287b55e30928c6a7bf4a8267a0c728c991e4edbce9a65165944ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://push.fm
Referer
https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/fonts.css

Response headers

etag
"7823c0cc2e8eb2cba8331bbdab5b715d"
age
192502
access-control-allow-methods
HEAD, GET, PUT, POST
expires
Fri, 13 May 2022 11:15:03 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
wXrMNBBm83Ol8a092Jegp6N0LK1IE_yLdliqZSP8ht9hbDE1O1nn8w==
date
Wed, 23 Oct 2024 11:28:22 GMT
content-type
font/woff2
last-modified
Wed, 23 Oct 2024 11:25:47 GMT
cache-control
public, max-age=2628000
via
1.1 fca814089bc9a82fba87ce0548f9f358.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
16364
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
hkgrotesk-regular.woff2
d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/hkgrotesk-regular.woff2
Requested by
Host: d29xpkeqnsbaz3.cloudfront.net
URL: https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-78-111.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e2f81c36d44fb7b2ca2999cdf8fe02a6c7858abc38f2b8353b1daaa12c9b61a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://push.fm
Referer
https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/fonts.css

Response headers

etag
"746f8da697b19c1b516af72bd2d737dc"
age
192502
access-control-allow-methods
HEAD, GET, PUT, POST
expires
Fri, 13 May 2022 11:15:03 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
mI_eS6yZiEDWux6qZBi2tIC7HbyKfJYGpyVIgmh6zqsBZ1h1f-fXxA==
date
Wed, 23 Oct 2024 11:28:22 GMT
content-type
font/woff2
last-modified
Wed, 23 Oct 2024 11:25:54 GMT
cache-control
public, max-age=2628000
via
1.1 fca814089bc9a82fba87ce0548f9f358.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
16468
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
register-conversion
region1.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-VC4FJ5WFTN&gtm=45je4al0v885018856z89113111505za200&_p=1729875402971&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~10...
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=63491860.1729875404&dbk=17666810341932912842&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4al0v885018856z89113111505z...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=63491860.1729875404&dbk=17666810341932912842&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4al0v885018856z89113111505za200&npa=1&tid=G-VC4FJ5WFTN&dl=https%3A%2F%2Fpush.fm%3F
Protocol
H2
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 25 Oct 2024 16:56:44 GMT
content-type
text/plain
server
Golfe2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=63491860.1729875404&dbk=17666810341932912842&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4al0v885018856z89113111505za200&npa=1&tid=G-VC4FJ5WFTN&dl=https%3A%2F%2Fpush.fm%3F
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
485
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 16:56:43 GMT
content-type
text/html; charset=UTF-8
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
548 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VC4FJ5WFTN&cid=63491860.1729875404&gtm=45je4al0v885018856z89113111505za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101686685~101823848
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VC4FJ5WFTN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://push.fm
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 16:56:43 GMT
content-type
text/plain
server
Golfe2
register-conversion
region1.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-VC4FJ5WFTN&gtm=45je4al0v885018856za200&_p=1729875402971&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685~101823848&c...
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=63491860.1729875404&dbk=14944184040627858487&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4al0v885018856za200&npa=1&t...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=63491860.1729875404&dbk=14944184040627858487&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4al0v885018856za200&npa=1&tid=G-VC4FJ5WFTN&dl=https%3A%2F%2Fpush.fm%3F
Protocol
H2
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 25 Oct 2024 16:56:44 GMT
content-type
text/plain
server
Golfe2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=63491860.1729875404&dbk=14944184040627858487&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4al0v885018856za200&npa=1&tid=G-VC4FJ5WFTN&dl=https%3A%2F%2Fpush.fm%3F
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
473
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 16:56:43 GMT
content-type
text/html; charset=UTF-8
server
Golfe2
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VC4FJ5WFTN&cid=63491860.1729875404&gtm=45je4al0v885018856z89113111505za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101686685~101823848&tag_exp=101533422~101686685~101823848&z=972224053
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Oct 2024 16:56:43 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
www.google-analytics.com/j/ 		1 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2010215183&t=pageview&_s=1&dl=https%3A%2F%2Fpush.fm%2Ffl%2Fs6hdwhvc&ul=nl-nl&de=UTF-8&dt=My%20Medical%20Clinic%20MN%20by%20Online%20Payment%20Portal%20Alternate%20Signing%20Method%20%7C%20Find%20more%20at%20VIEW%20%7C%20PUSH.fm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1623199393&gjid=1956028614&cid=63491860.1729875404&tid=UA-136798758-1&_gid=1309647605.1729875404&_r=1&gtm=457e4ao0h2za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685~101823848~101925629&jsscut=1&npa=1&z=186971533
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://push.fm/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 16:56:43 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://push.fm
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=UA-136798758-1

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfQR function| loadApp object| dataLayer function| gtag function| fbq function| _fbq boolean| __cfRLUnblockHandlers function| captchaCallback object| Push function| setImmediate function| clearImmediate object| regeneratorRuntime object| env function| moment function| ajax function| convertTimestampToLocal function| Vue function| VueRouter function| base64Json function| optional function| opt function| optionalDeep function| optDeep function| formatBytes function| formatMegabytes function| combineVueSlots function| walkObject function| flattenObject function| truthy function| walkObjectForTruth function| walkObjectForTotalTruth function| tap function| twScreen function| downloadFile function| logtap function| insideElement function| formatNumber function| createCenterPopup function| waitUntil function| leadingZero function| Form function| Bag object| verge function| CreatePush function| __validate function| validate object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

7 Cookies

Domain/Path Name / Value
push.fm/ Name: XSRF-TOKEN
Value: eyJpdiI6IjMveHNYdGRnRkFvVnBxaXhXZzgzYkE9PSIsInZhbHVlIjoiaVRFYUVYU3p1cDFIek55aDJzMjM3SXdVbmtjK1V3NXRXVGphOGc4OGlmR0NZa0psbFRQbDZEQkY0aUtjYjErT2s0UzhMSUN5cFdNWHhpZmZBK0x6K3NubytMZVFHZWhxbG1qbWVlY3hPSk1jMFVHNG5lUE54WWN2eHg1czkzQXIiLCJtYWMiOiI1OWNmYWUyZGEzYjliNzkxYzUyMDE4YzlmMzc5OGIyNjM3YjhhYTg3OTc2Y2I4YzgyZjdjMzAzYWM4ZGYxNjYyIiwidGFnIjoiIn0%3D
push.fm/ Name: push_session
Value: eyJpdiI6IlcxT0N1Z3dvYTgwZHRRVEtIL0ZDWnc9PSIsInZhbHVlIjoieGltZXlRZERoeFJtSFdJS0R6eTFFOHFyTjF4bkpYcVZDVHlzUFA0ZFhGMGxjc05GTUliWUk4a1V4MFEvM2NySE9pYk14MU1TR2dycFlYNnBFNzBMVnFYMzErTllpRW1FYmhMN0t5YjQySlFaZ1dTdkRVY0xGNkVPSHJUV0luZEMiLCJtYWMiOiJkODliMTM5MWQ4NjVmNDk0ZDkzMDZlYmRkMjA5ZThhYWJjYWJiYWQ3MWNjNzdiNGQwNDFiNWFlNDU0YjRkN2MzIiwidGFnIjoiIn0%3D
.push.fm/ Name: _gcl_au
Value: 1.1.270547951.1729875403
.push.fm/ Name: _ga_VC4FJ5WFTN
Value: GS1.1.1729875403.1.1.1729875403.60.0.0
.push.fm/ Name: _ga
Value: GA1.2.63491860.1729875404
.push.fm/ Name: _gid
Value: GA1.2.1309647605.1729875404
.push.fm/ Name: _gat_gtag_UA_136798758_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
d1l1gotk1xybsc.cloudfront.net
d29xpkeqnsbaz3.cloudfront.net
push.fm
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagmanager.com
108.156.61.224
142.250.185.168
142.250.186.142
142.250.74.195
157.240.252.13
18.245.78.111
188.114.96.3
216.239.32.36
216.58.206.36
64.233.166.154
25314a85dcd8b66ff0f39db3063571f4e7b0107a59dc5b92e5664c47643a1442
2594d1a7975b020b38a9d9691176fd073065cb6a03d1af5bbb5fd5ce59e93678
26d2ccdb0860148637225964989291fe80b931c64b5adb36e4fcb087ec56c468
2c244bb5c201e6e2bb67efb8749e0cd612efc3ac8d03f2ae78cb90ae27b11846
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71401a2e4a48f15b0d02ba2fc6fc9ed3a219760b4eada58fe01b07b940118e4d
829cf4f9d8bec889ce962937d1535a5e0f63b45d22d6bb57c0610f44309a356a
86bb0ade504e103d2155c8dc5bb65705d457a70daa5871f347789162c6279604
9e2f81c36d44fb7b2ca2999cdf8fe02a6c7858abc38f2b8353b1daaa12c9b61a
bb10127235be5cdff25cca26847f6c126f2dceb12f368c87e549bace5d29612b
c72825546c0287b55e30928c6a7bf4a8267a0c728c991e4edbce9a65165944ce
cb14ad8bdb2aef09fae139f42b040dfb29c146aa5eebdfbef45d9aeb3edfa4d5
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d3e9a3a287e402a5d7b3f8bde8c3de84138b941a188a52c3527f093d9aed8f2c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab9cbb1928a9de3ed2b7164ea7215b1ee0c9d7584d04aac97fe5b6798140c48
ef18fbb2ba59e1fbf2b91b87ba5b203d3c5b10c4c996b6b7edce99f0a5c68f94
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629