casetext.com Open in urlscan Pro
2606:4700:10::6816:a0b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.casetext.com/covid-access/
Effective URL:
https://casetext.com/covid-access/
Submission: On April 03 via manual (April 3rd 2020, 7:26:13 pm UTC) from US

Summary HTTP 62 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 29 domains to perform 62 HTTP transactions. The main IP is 2606:4700:10::6816:a0b, located in United States and belongs to CLOUDFLARENET, US. The main domain is casetext.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 29th 2020. Valid for: 7 months.

This is the only time casetext.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2606:4700:10:... 2606:4700:10::6816:a0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1	23.23.73.253 23.23.73.253	14618 (AMAZON-AES) (AMAZON-AES)
1 1	13.224.194.15 13.224.194.15	16509 (AMAZON-02) (AMAZON-02)
7	13.225.73.73 13.225.73.73	16509 (AMAZON-02) (AMAZON-02)
1	143.204.99.83 143.204.99.83	16509 (AMAZON-02) (AMAZON-02)
2	52.88.208.102 52.88.208.102	16509 (AMAZON-02) (AMAZON-02)
1	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:10c... 2a02:26f0:10c:39e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.13.2 151.101.13.2	54113 (FASTLY) (FASTLY)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN)
1	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
4	35.186.241.51 35.186.241.51	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	34.205.56.105 34.205.56.105	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	75.2.88.188 75.2.88.188	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
3	13.225.73.15 13.225.73.15	16509 (AMAZON-02) (AMAZON-02)
62	33

10 2606:4700:10::6816:a0b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.casetext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
casetext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.getambassador.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.73.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-73-253.compute-1.amazonaws.com

mbsy.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.15 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-15.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.225.73.73 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-73.fra2.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.99.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-99-83.fra50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.88.208.102 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-208-102.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.112.186 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:39e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.241.51 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.56.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-56-105.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.88.188 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.73.15 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-15.fra2.r.cloudfront.net

static.intercomassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	casetext.com 1 redirects www.casetext.com casetext.com	63 KB
7	intercomcdn.com js.intercomcdn.com	240 KB
6	google-analytics.com www.google-analytics.com	44 KB
4	mixpanel.com api-js.mixpanel.com	609 B
3	intercomassets.com static.intercomassets.com	30 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	facebook.net connect.facebook.net	153 KB
3	intercom.io 1 redirects widget.intercom.io api-iam.intercom.io	3 KB
3	google.com 1 redirects docs.google.com www.google.com	296 B
2	google.de www.google.de	219 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
2	facebook.com 1 redirects www.facebook.com	527 B
2	quora.com a.quora.com q.quora.com	14 KB
2	fullstory.com edge.fullstory.com rs.fullstory.com	56 KB
2	segment.io api.segment.io	276 B
2	gstatic.com fonts.gstatic.com	26 KB
1	atdmt.com cx.atdmt.com	319 B
1	t.co t.co	448 B
1	twitter.com analytics.twitter.com	652 B
1	googleadservices.com www.googleadservices.com	11 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
1	mxpnl.com cdn.mxpnl.com	25 KB
1	licdn.com snap.licdn.com	2 KB
1	segment.com cdn.segment.com	84 KB
1	mbsy.co mbsy.co	321 B
1	getambassador.com cdn.getambassador.com	84 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	23 KB
62	29

	Domain	Requested by
9	casetext.com	casetext.com
7	js.intercomcdn.com	js.intercomcdn.com
6	www.google-analytics.com	cdn.segment.com www.google-analytics.com
4	api-js.mixpanel.com	cdn.mxpnl.com
3	static.intercomassets.com
3	connect.facebook.net	cdn.segment.com connect.facebook.net
2	api-iam.intercom.io	js.intercomcdn.com
2	www.google.de
2	www.google.com	1 redirects
2	www.facebook.com	1 redirects
2	px.ads.linkedin.com	1 redirects
2	api.segment.io	cdn.segment.com
2	fonts.gstatic.com	casetext.com
1	cx.atdmt.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	q.quora.com
1	t.co
1	analytics.twitter.com	static.ads-twitter.com
1	rs.fullstory.com	edge.fullstory.com
1	stats.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	www.linkedin.com	1 redirects
1	static.ads-twitter.com	cdn.segment.com
1	a.quora.com	cdn.segment.com
1	www.googletagmanager.com	cdn.segment.com
1	cdn.mxpnl.com	cdn.segment.com
1	snap.licdn.com	cdn.segment.com
1	edge.fullstory.com	cdn.segment.com
1	cdn.segment.com	casetext.com
1	widget.intercom.io	1 redirects
1	mbsy.co	casetext.com
1	cdn.getambassador.com	casetext.com
1	docs.google.com	casetext.com
1	fonts.googleapis.com	casetext.com
1	stackpath.bootstrapcdn.com	casetext.com
1	www.casetext.com	1 redirects
62	36

This site contains links to these domains. Also see Links.

Domain
jobs.lever.co
info.casetext.com
twitter.com
www.facebook.com
www.linkedin.com
www.instagram.com
help.casetext.com

Subject Issuer	Validity	Valid
casetext.com CloudFlare Inc ECC CA-2	`2020-02-29` - `2020-10-09`	7 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.getambassador.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-10` - `2022-04-10`	2 years	crt.sh
*.mbsy.co Sectigo RSA Domain Validation Secure Server CA	`2019-03-28` - `2020-04-26`	a year	crt.sh
*.intercomcdn.com Amazon	`2020-03-29` - `2021-04-29`	a year	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2019-06-24` - `2020-07-01`	a year	crt.sh
edge.fullstory.com GTS CA 1D2	`2020-03-05` - `2020-06-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.mxpnl.com RapidSSL RSA CA 2018	`2019-07-29` - `2021-07-28`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
quora.com Let's Encrypt Authority X3	`2020-03-29` - `2020-06-27`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-03-04` - `2020-09-04`	6 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.mixpanel.com RapidSSL RSA CA 2018	`2018-01-11` - `2020-05-01`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.fullstory.com COMODO RSA Domain Validation Secure Server CA	`2017-12-27` - `2021-03-26`	3 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-01-02` - `2020-12-28`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-02-18` - `2021-02-06`	a year	crt.sh
*.quora.com Let's Encrypt Authority X3	`2020-03-29` - `2020-06-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.intercom.com Amazon	`2019-06-11` - `2020-07-11`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2020-06-03`	3 months	crt.sh
intercomassets.com Amazon	`2019-09-13` - `2020-10-13`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://casetext.com/covid-access/
Frame ID: 068CDEB04FB29B950D0E2FE84DDA6EE5
Requests: 51 HTTP requests in this frame

Frame: https://docs.google.com/forms/d/e/1FAIpQLSe1iaWhnbS3JP8wSSrxVwnchEc0ceMjDuMLz5NcTAtpbM-JOg/viewform?usp=sf_link
Frame ID: D890B7DC0DD641DCFC77577F527BA504
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.ef0bb865.js
Frame ID: FC4643B2F1DB788EFA1188BA99A214C9
Requests: 7 HTTP requests in this frame

Frame: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Frame ID: CB294B563B2CF00873AB8DB8B957EAC3
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.casetext.com/covid-access/ HTTP 301
https://casetext.com/covid-access/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.segment\.com\/analytics\.js/i

Page Statistics

62
Requests

100 %
HTTPS

51 %
IPv6

29
Domains

36
Subdomains

33
IPs

6
Countries

894 kB
Transfer

3030 kB
Size

4
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://jobs.lever.co/casetext/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://info.casetext.com/podcast
Title: Podcast

Search URL Search Domain Scan URL

URL: https://twitter.com/casetext
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/casetext/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/casetext/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/lifeatcasetext/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://help.casetext.com/
Title: Help articles

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.casetext.com/covid-access/ HTTP 301
https://casetext.com/covid-access/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://widget.intercom.io/widget/qkjicb4d HTTP 302
https://js.intercomcdn.com/shim.latest.js

Request Chain 31

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=253028&url=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&time=1585941959635 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D253028%26url%3Dhttps%253A%252F%252Fcasetext.com%252Fcovid-access%252F%26time%3D1585941959635%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=253028&url=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&time=1585941959635&liSync=true

Request Chain 39

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-41954442-1&cid=404802663.1585941960&jid=804096072&gjid=809543257&_gid=899667519.1585941960&_u=aGBAgEADQ~&z=1899990236 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41954442-1&cid=404802663.1585941960&jid=804096072&_v=j81&z=1899990236 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41954442-1&cid=404802663.1585941960&jid=804096072&_v=j81&z=1899990236&slf_rd=1&random=3909915133

Request Chain 55

https://www.facebook.com/tr/?id=2336410749960625&ev=Microdata&dl=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&rl=&if=false&ts=1585941960173&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22COVID%20Access%20-%20Casetext%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22COVID%20Access%20-%20Casetext%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcasetext.com%2Fcovid-access%2F%22%2C%22og%3Asite_name%22%3A%22Casetext%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40graph%22%3A%5B%7B%22%40type%22%3A%22WebSite%22%2C%22%40id%22%3A%22https%3A%2F%2Fcasetext.com%2F%23website%22%2C%22url%22%3A%22https%3A%2F%2Fcasetext.com%2F%22%2C%22name%22%3A%22Casetext%22%2C%22description%22%3A%22Casetext%20Legal%20Research%20Platform%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fcasetext.com%2F%3Fs%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%2C%7B%22%40type%22%3A%22WebPage%22%2C%22%40id%22%3A%22https%3A%2F%2Fcasetext.com%2Fcovid-access%2F%23webpage%22%2C%22url%22%3A%22https%3A%2F%2Fcasetext.com%2Fcovid-access%2F%22%2C%22inLanguage%22%3A%22en-US%22%2C%22name%22%3A%22COVID%20Access%20-%20Casetext%22%2C%22isPartOf%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fcasetext.com%2F%23website%22%7D%2C%22datePublished%22%3A%222020-03-19T21%3A25%3A39%2B00%3A00%22%2C%22dateModified%22%3A%222020-03-20T23%3A44%3A00%2B00%3A00%22%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=seg&ec=1&o=30&fbp=fb.1.1585941959670.835063527&it=1585941959633&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
https://cx.atdmt.com/?c=9317062681749305631&f=AYxty9rIjolrzwrCvOcvnifH93LinqILKi0sT9HSSfGrDdB2Ovb_UEU6TwMhkWvyexV9DggdMX3l7xH0F-O7nB4X&id=2336410749960625&l=3&v=0

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
casetext.com/covid-access/
Redirect Chain

http://www.casetext.com/covid-access/
https://casetext.com/covid-access/

40 KB
10 KB

741ms
711ms

Document
text/html

2606:4700:10::6816:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casetext.com/covid-access/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e2e22cb654b7e3edd674df75c7076f62b69d04fa93e8f9befdc74028e0fb388e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: casetext.com
:scheme: https
:path: /covid-access/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 03 Apr 2020 19:25:56 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d79ace2ab923cab8d35a14aa1275db90f1585941956; expires=Sun, 03-May-20 19:25:56 GMT; path=/; domain=.casetext.com; HttpOnly; SameSite=Lax; Secure PHONE_NUMBER_GROUP=C; path=/
cf-ray: 57e52da9ec651456-FRA
cache-control: private, no-store
etag: W/"28d8-kKLNLAKMviS3IVLndhcA0Pcd5WY"
link: <https://casetext.com/wp-json/>; rel="https://api.w.org/", <https://casetext.com/?p=2816>; rel=shortlink
strict-transport-security: max-age=31536000
vary: Accept-Encoding,Cookie
via: 1.1 vegur
cf-cache-status: BYPASS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-powered-by: Express
server: cloudflare
content-encoding: br

Redirect headers

Date: Fri, 03 Apr 2020 19:25:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 03 Apr 2020 20:25:56 GMT
Location: https://casetext.com/covid-access/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 57e52da97fa3637d-FRA

GET
H2 200 style.min.css
casetext.com/wp-includes/css/dist/block-library/ 40 KB
6 KB 46ms
45ms Stylesheet
text/css 2606:4700:10::6816:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casetext.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2

Requested by

Host: casetext.com
URL: https://casetext.com/covid-access/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

cf-ray: 57e52daef9611456-FRA
date: Fri, 03 Apr 2020 19:25:56 GMT
via: 1.1 vegur
etag: W/"a1fb-596a0a3682b00-gzip"
cf-cache-status: HIT
last-modified: Tue, 05 Nov 2019 22:06:04 GMT
server: cloudflare
age: 3062
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
strict-transport-security: max-age=31536000
content-encoding: br

GET
H2 200 dashicons.min.css
casetext.com/wp-includes/css/ 46 KB
28 KB 36ms
35ms Stylesheet
text/css 2606:4700:10::6816:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casetext.com/wp-includes/css/dashicons.min.css?ver=5.3.2

Requested by

Host: casetext.com
URL: https://casetext.com/covid-access/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

cf-ray: 57e52daef9651456-FRA
date: Fri, 03 Apr 2020 19:25:56 GMT
via: 1.1 vegur
etag: W/"b9c6-588ef5dded840-gzip"
cf-cache-status: HIT
last-modified: Wed, 15 May 2019 16:08:57 GMT
server: cloudflare
age: 3062
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
strict-transport-security: max-age=31536000
content-encoding: br

GET
H2 200 everest-forms.css
casetext.com/wp-content/plugins/everest-forms/assets/css/ 26 KB
3 KB 39ms
38ms Stylesheet
text/css 2606:4700:10::6816:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casetext.com/wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=1.6.4

Requested by

Host: casetext.com
URL: https://casetext.com/covid-access/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

09b057be10490e7ae8f39f708dd081c5f3466735c2731cbd280af8322f8f1808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

cf-ray: 57e52daef9691456-FRA
date: Fri, 03 Apr 2020 19:25:56 GMT
via: 1.1 vegur
etag: W/"6631-5a1c650b549c0-gzip"
cf-cache-status: HIT
last-modified: Thu, 26 Mar 2020 18:40:13 GMT
server: cloudflare
age: 3062
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
strict-transport-security: max-age=31536000
content-encoding: br

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
23 KB 29ms
11ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css?ver=5.3.2
Requested by: Host: casetext.com
URL: https://casetext.com/covid-access/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 03 Apr 2020 19:25:56 GMT
content-encoding: gzip
last-modified: Wed, 13 Feb 2019 16:40:50 GMT
access-control-allow-origin: *
etag: "1550076050"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 23237

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans%3A300%2C400%2C500%7CIBM+Plex+Serif%3A300%2C400%2C500&display=swap%22&ver=5.3.2

Requested by

Host: casetext.com
URL: https://casetext.com/covid-access/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7452b2dfe3e566f56949199806c04687a97680c3a8a324b5046f06af31cdb0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Apr 2020 19:25:56 GMT
server: ESF
date: Fri, 03 Apr 2020 19:25:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Apr 2020 19:25:56 GMT

GET
H2 200 common
casetext.com/dist/css/ 882 B
466 B 37ms
36ms Stylesheet
text/css 2606:4700:10::6816:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casetext.com/dist/css/common?d791ed1d7d

Requested by

Host: casetext.com
URL: https://casetext.com/covid-access/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e99d4b15f93994107b6109c9e118374ccab367bcbf3526a567b1fb3362c1c250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 03 Apr 2020 19:25:56 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
age: 328109
x-powered-by: Express
status: 200
content-encoding: br
last-modified: Mon, 30 Mar 2020 23:36:28 GMT
server: cloudflare
etag: W/"372-1712dcdb460"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 57e52daef96b1456-FRA

GET
H2 200 lazysizes.min.js Show response
casetext.com/wp-content/plugins/ewww-image-optimizer/includes/ 11 KB
4 KB 38ms
37ms Script
application/javascript 2606:4700:10::6816:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casetext.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=513.0

Requested by

Host: casetext.com
URL: https://casetext.com/covid-access/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6c69a5e97f9348c6604982725abd13221e3977f5c795aa45ff46497453692a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

cf-ray: 57e52daef96f1456-FRA
date: Fri, 03 Apr 2020 19:25:56 GMT
via: 1.1 vegur
etag: W/"2acb-599eadef99990-gzip"
cf-cache-status: HIT
last-modified: Tue, 17 Dec 2019 18:55:25 GMT
server: cloudflare
age: 3062
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
strict-transport-security: max-age=31536000
content-encoding: br

GET
H2 200 logo-dark.png
casetext.com/dist/assets/images/ 3 KB
4 KB 41ms
41ms Image
image/webp 2606:4700:10::6816:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casetext.com/dist/assets/images/logo-dark.png

Requested by

Host: casetext.com
URL: https://casetext.com/covid-access/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

35c54f4e4199f8c5fe006642a99813f3484053e0261c70693a7485bfe4669a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 19:25:56 GMT
via: 1.1 vegur
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 328174
cf-polished: origFmt=png, origSize=3771
status: 200
content-disposition: inline; filename="logo-dark.webp"
content-length: 3446
last-modified: Mon, 30 Mar 2020 23:48:27 GMT
server: cloudflare
x-powered-by: Express
etag: W/"ebb-1712dd8acf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 57e52daef9741456-FRA
cf-bgj: imgq:100

GET
H2 200 common Show response
casetext.com/dist/js/ 7 KB
3 KB 36ms
36ms Script
application/javascript 2606:4700:10::6816:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casetext.com/dist/js/common?b09d20bb4b

Requested by

Host: casetext.com
URL: https://casetext.com/covid-access/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9e69500c05e266b4a98f33f156829cf40b0d05767331f71c6c86c08e716ae6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 03 Apr 2020 19:25:56 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
age: 328108
x-powered-by: Express
status: 200
content-encoding: br
last-modified: Mon, 30 Mar 2020 23:36:45 GMT
server: cloudflare
etag: W/"1b2d-1712dcdf6c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 57e52daef9701456-FRA

GET
H2 200 wp-emoji-release.min.js Show response
casetext.com/wp-includes/js/ 14 KB
4 KB 34ms
34ms Script
application/javascript 2606:4700:10::6816:a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casetext.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2

Requested by

Host: casetext.com
URL: https://casetext.com/covid-access/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

cf-ray: 57e52daf29fc1456-FRA
date: Fri, 03 Apr 2020 19:25:57 GMT
via: 1.1 vegur
etag: W/"362a-596a0c70cec80-gzip"
cf-cache-status: HIT
last-modified: Tue, 05 Nov 2019 22:16:02 GMT
server: cloudflare
age: 3063
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
strict-transport-security: max-age=31536000
content-encoding: br

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 viewform
docs.google.com/forms/d/e/1FAIpQLSe1iaWhnbS3JP8wSSrxVwnchEc0ceMjDuMLz5NcTAtpbM-JOg/ Frame D890 0
0 275ms
263ms Document
text/html 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/forms/d/e/1FAIpQLSe1iaWhnbS3JP8wSSrxVwnchEc0ceMjDuMLz5NcTAtpbM-JOg/viewform?usp=sf_link

Requested by

Host: casetext.com
URL: https://casetext.com/covid-access/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-WOmNIXGKGwR3oSVmmhyLtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: docs.google.com
:scheme: https
:path: /forms/d/e/1FAIpQLSe1iaWhnbS3JP8wSSrxVwnchEc0ceMjDuMLz5NcTAtpbM-JOg/viewform?usp=sf_link
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://casetext.com/covid-access/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://casetext.com/covid-access/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 03 Apr 2020 19:25:57 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-WOmNIXGKGwR3oSVmmhyLtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=201=EbfZXsENLSpEILv0J5c083MccoMVbfgRxElDvK67Wz0UnqQvW0vLSMJao7_cnGlTNyfwjxEc1kqZU0rjqLXKPVqd9GunLQtwHE1-SAn_bHjgKP02JMOr-IBLBPWMaWqEQbqu6kKZK0F5jr2E_2jIncdFh_9X7JUAL3Fyl3swqiE; expires=Sat, 03-Oct-2020 19:25:57 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none S=spreadsheet_forms=nT-gifqJuGBQ9G7sxvooCag4WGw7iGF7; Domain=.docs.google.com; Expires=Fri, 03-Apr-2020 20:25:57 GMT; Path=/forms/d/e/1FAIpQLSe1iaWhnbS3JP8wSSrxVwnchEc0ceMjDuMLz5NcTAtpbM-JOg; Secure; HttpOnly; Priority=LOW; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdP3pBms.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ 13 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v7/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdP3pBms.woff2

Requested by

Host: casetext.com
URL: https://casetext.com/covid-access/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8151f87552052755282c1300d6b7590b30e29b2845d85af2626cb7b08bcdbc19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans%3A300%2C400%2C500%7CIBM+Plex+Serif%3A300%2C400%2C500&display=swap%22&ver=5.3.2
Origin: https://casetext.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 02:11:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:48:22 GMT
server: sffe
age: 5591647
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13716
x-xss-protection: 0
expires: Fri, 29 Jan 2021 02:11:50 GMT

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v7/zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2

Requested by

Host: casetext.com
URL: https://casetext.com/covid-access/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d32b2c653c571d5ebe401463197bd449b52f013c0da42995f8fc8b67524abccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans%3A300%2C400%2C500%7CIBM+Plex+Serif%3A300%2C400%2C500&display=swap%22&ver=5.3.2
Origin: https://casetext.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 19:06:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:47:55 GMT
server: sffe
age: 6135593
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12872
x-xss-protection: 0
expires: Fri, 22 Jan 2021 19:06:04 GMT

GET
H2 200 us-f3e6d6b8-dd1c-4e93-85e9-9697746ad561.js Show response
cdn.getambassador.com/ 320 KB
84 KB 115ms
35ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getambassador.com/us-f3e6d6b8-dd1c-4e93-85e9-9697746ad561.js
Requested by: Host: casetext.com
URL: https://casetext.com/dist/js/common?b09d20bb4b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy / Express
Resource Hash: c20076d840b4bf5c78ad11557fdbe2199aa61c953e001308541209d89adb1936

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 03 Apr 2020 19:25:59 GMT
content-encoding: gzip
age: 2063654
x-powered-by: Express
x-cache: HIT
status: 200
content-length: 85763
x-served-by: cache-hhn4066-HHN
access-control-allow-origin: *
server: Cowboy
x-timer: S1585941959.118985,VS0,VE1
etag: W/"501a2-YgM1mJ9zFzAIvv2MeoDIXTh6SEg"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 vegur, 1.1 varnish
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
access-control-allow-headers: accept, authorization, cache-control, content-type, mbsy-universal-id, mbsy-universal-location, origin, x-mbsy-client-id, x-mbsy-url
x-cache-hits: 1

GET
H/1.1 200
OK casetext Show response
mbsy.co/embed/v2/getcookie/ 54 B
321 B 402ms
107ms Script
application/x-javascript 23.23.73.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mbsy.co/embed/v2/getcookie/casetext
Requested by: Host: casetext.com
URL: https://casetext.com/dist/js/common?b09d20bb4b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.73.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-73-253.compute-1.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 6df9ff96634af9a2be5f7206fd25cbfeed18db008717541fd7e83b58fd528e2b

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 03 Apr 2020 19:25:59 GMT
Via: 1.1 vegur
Server: TornadoServer/5.1.1
Etag: "1257fff1f426159159c810331a1efdb2aaf0d9c2"
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 54

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/qkjicb4d
https://js.intercomcdn.com/shim.latest.js

7 KB
3 KB

136ms
42ms

Script
application/javascript

13.225.73.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-73.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dfe93388e634c6837b71ea995c584fd589609b38ed355051db85e4a276f625de

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 03 Apr 2020 19:23:37 GMT
content-encoding: gzip
age: 145
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 2828
last-modified: Fri, 03 Apr 2020 12:07:39 GMT
server: AmazonS3
etag: "6b8b1e0556221b4f801024da59c02c13"
content-type: application/javascript; charset=UTF-8
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 1SyvVkQ-B_H3se7_GXSVqMwOnE-97r_hzC8jyf4fcyKxAmt-yLPmpw==

Redirect headers

date: Wed, 01 Apr 2020 18:51:53 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
server: AmazonS3
age: 174847
location: https://js.intercomcdn.com/shim.latest.js
x-cache: Hit from cloudfront
status: 302
x-amz-cf-pop: FRA2-C1
content-length: 0
x-amz-cf-id: 95Ipv8lefCrlkSAQ45eNgMrqOM6XUDg7j5VKg7YzHeKiI5myoT-lWg==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/ 417 KB
84 KB 82ms
82ms Script
text/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/analytics.min.js
Requested by: Host: casetext.com
URL: https://casetext.com/covid-access/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.99.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ffe7114f182b4fc3aa8fd104bf58e796af0b7b0e01c35cea05197d9c680ed3eb

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 03 Apr 2020 19:21:36 GMT
content-encoding: gzip
age: 264
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-length: 85316
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
last-modified: Fri, 03 Apr 2020 18:09:17 GMT
server: AmazonS3
etag: "00fef1d36bbac0c26f44926575c39eb0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: WubaWXBu02WqDUTSijcH8wEU3Dm9Lbnc
access-control-allow-origin: *
cache-control: public, max-age=300
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
x-amz-cf-id: rV489PIUK9xURzMhpW-J0uCutX5aY3fYHRg0jYVitE6mnFb4JfyE9A==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
138 B 170ms
170ms XHR
application/json 52.88.208.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.208.102 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-208-102.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://casetext.com/covid-access/
Origin: https://casetext.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Fri, 03 Apr 2020 19:25:59 GMT
access-control-allow-origin: https://casetext.com
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
138 B 171ms
170ms XHR
application/json 52.88.208.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.208.102 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-208-102.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://casetext.com/covid-access/
Origin: https://casetext.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Fri, 03 Apr 2020 19:25:59 GMT
access-control-allow-origin: https://casetext.com
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 185 KB
56 KB 69ms
22ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 826f059272c66efa36f173869cd384956c785c2d677840455af492a36ad3b68b

Request headers

Referer: https://casetext.com/covid-access/
Origin: https://casetext.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 03 Apr 2020 19:20:31 GMT
content-encoding: gzip
age: 328
status: 200
x-guploader-uploadid: AEnB2Uobrm3HUQKWp8epIYDy9W6JXpQc_CtlXkcSbWimCZspMOUoHMP3XUF1iBVdl-swQL7J1ujtC9iwW4AJ-Psc4CElC2lsy88hsVQD8qzG48Xhlo5OJfY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 56575
last-modified: Tue, 31 Mar 2020 19:53:07 GMT
server: UploadServer
etag: "b5c9d3783ddc53208fed8abe2b9cc57f"
x-goog-hash: crc32c=K4qlaQ==, md5=tcnTeD3cUyCP7Yq+K5zFfw==
x-goog-generation: 1585684387447115
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=600,no-transform
x-goog-stored-content-length: 56575
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 03 Apr 2020 19:30:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3147
date: Fri, 03 Apr 2020 18:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Fri, 03 Apr 2020 20:33:32 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 11ms
11ms Script
application/x-javascript 2a02:26f0:10c:39e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:39e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 03 Apr 2020 19:25:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=40477
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 73 KB
25 KB 24ms
6ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 83b2aa58b640b81d6c29ed11af1848a7203bf61f390eba97e23d70f99c4313c8

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 03 Apr 2020 19:16:40 GMT
content-encoding: gzip
age: 559
status: 200
x-guploader-uploadid: AEnB2UrgdYjwon9FD1nE7IjAbT93X-MBYR2iM0S6fVw6cC-4aacH3OzZ9HwwZlP_vLv3n11HQO-axIF9wBMKC9on4gl_5z4lOKTlkw6faohfrxwDsuw2QsA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 24626
last-modified: Tue, 17 Mar 2020 00:20:00 GMT
server: UploadServer
etag: "9389362670f03c4ba67e892663649d76"
vary: Accept-Encoding
x-goog-hash: crc32c=lh1JsA==, md5=k4k2JnDwPEumfokmY2Sddg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1584404400942635
cache-control: public,max-age=600
x-goog-stored-content-length: 24626
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 03 Apr 2020 19:26:40 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: YCstTUL3uGobHp96vIT89i5DH3bmKH4ylMvvAGuyDAA8fSHfbqs5BQNcbShsJ+DAu0dTxuz8ro/YqTBSk2ZnTg==
x-fb-trip-id: 420120009
date: Fri, 03 Apr 2020 19:25:59 GMT, Fri, 03 Apr 2020 19:25:59 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 76 KB
28 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-804567192

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d1ebfbd0f2467fe3b84a7ed905b1fe63b91c313dcf5153347246ce7c386e587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 03 Apr 2020 19:25:59 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 29056
x-xss-protection: 0
last-modified: Fri, 03 Apr 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Apr 2020 19:25:59 GMT

GET
H2 200 qevents.js Show response
a.quora.com/ 39 KB
14 KB 118ms
39ms Script
text/plain 151.101.13.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding: gzip
age: 2510
x-cache: HIT, HIT
status: 200
date: Fri, 03 Apr 2020 19:25:59 GMT
content-length: 13681
x-amz-id-2: 5HDD1SEZMlwYB1tIGTHD43ry3qJR5Gxd5G2PVrZEZGl05sw5DGKOPuTFCIrCX5nZiVNXCPK00/M=
x-served-by: cache-bwi5143-BWI, cache-fra19121-FRA
last-modified: Fri, 25 Oct 2019 19:28:38 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer: S1585941960.704306,VS0,VE0
etag: "f32ebb1e93a72c0a57add6d07f688510"
vary: Accept-Encoding
x-amz-request-id: 7BE21E6C335D115A
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 1, 453

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 123ms
43ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 03 Apr 2020 19:25:59 GMT
content-encoding: gzip
age: 40287
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-fra19166-FRA
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1585941960.706300,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 73 KB
26 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PBR85D9&cid=404802663.1585941960

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6e39c3ec496a5e0cfde01254a0f015f761d5514ba33248cb591180733c54711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 03 Apr 2020 19:25:59 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: *
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 26442
x-xss-protection: 0
expires: Fri, 03 Apr 2020 19:25:59 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 42 KB
10 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.15

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 10620
x-xss-protection: 0
pragma: public
x-fb-debug: GMw77PRQoOXTRGDtuJvRTHn38alEoXTql6HtsTE/EbYvmroZctKmgsdXFDtSiVDIqJLx67vzZj4z1JChVLLabg==
x-fb-trip-id: 420120009
date: Fri, 03 Apr 2020 19:25:59 GMT, Fri, 03 Apr 2020 19:25:59 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2336410749960625 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2336410749960625?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7f50d000c6abd14a4185cb9d6250788b558af436bee9a87982725ddfd70b3b1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 114959
x-xss-protection: 0
pragma: public
x-fb-debug: kLF5Ko4Zwsjw3JSa9nGDM7ENpm8BfVgiMGfk0pman4yksW0XLtYg5hJ6S6B+K7BLJs6YUbyx/5JGRripxzHDkQ==
x-fb-trip-id: 420120009
date: Fri, 03 Apr 2020 19:25:59 GMT, Fri, 03 Apr 2020 19:25:59 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=253028&url=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&time=1585941959635
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D253028%26url%3Dhttps%253A%252F%252Fcasetext.com%252Fcovid-access%252F%26time%3D15...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=253028&url=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&time=1585941959635&liSync=true

0
96 B

168ms
168ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=253028&url=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&time=1585941959635&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 03 Apr 2020 19:26:00 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: cOANWM9lAhaQHo847ioAAA==

Redirect headers

date: Fri, 03 Apr 2020 19:25:59 GMT
x-content-type-options: nosniff
linkedin-action: 1
status: 302
strict-transport-security: max-age=2592000
content-length: 0
x-li-uuid: GCWJTM9lAhaQsmX6OisAAA==
server: Play
pragma: no-cache
x-li-pop: prod-efr5
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=253028&url=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&time=1585941959635&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 27 KB
11 KB 120ms
45ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-804567192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

f97818739ebb98f7e7158da11a697bd9369fcb59d5d2adabb78f406ebb99e48d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 03 Apr 2020 19:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 10549
x-xss-protection: 0
server: cafe
etag: 3671743730490399190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 03 Apr 2020 19:25:59 GMT

GET
H2 200 / Show response
api-js.mixpanel.com/decide/ 65 B
327 B 80ms
31ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=e309fca27a0222ed962b40f433c8cf1e&ip=1&_=1585941959650
Requested by: Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.241.186.35.bc.googleusercontent.com
Software: gunicorn/19.9.0 /
Resource Hash: 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Referer: https://casetext.com/covid-access/
Origin: https://casetext.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 03 Apr 2020 19:25:59 GMT
via: 1.1 google
server: gunicorn/19.9.0
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://casetext.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
135 B 76ms
31ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.mixpanel.com/track/?ip=1&_=1585941959654
Requested by: Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.241.186.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: https://casetext.com/covid-access/
Origin: https://casetext.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Apr 2020 19:25:59 GMT
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://casetext.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: clear
content-length: 1

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
73 B 96ms
52ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.mixpanel.com/track/?ip=1&_=1585941959656
Requested by: Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.241.186.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: https://casetext.com/covid-access/
Origin: https://casetext.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Apr 2020 19:25:59 GMT
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://casetext.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 20
alt-svc: clear
content-length: 1

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
74 B 83ms
40ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.mixpanel.com/track/?ip=1&_=1585941959657
Requested by: Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.241.186.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: https://casetext.com/covid-access/
Origin: https://casetext.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Apr 2020 19:25:59 GMT
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://casetext.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
alt-svc: clear
content-length: 1

GET
H2 200 /
www.facebook.com/tr/ 44 B
249 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2336410749960625&ev=PageView&dl=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&rl=&if=false&ts=1585941959671&sw=1600&sh=1200&v=2.9.15&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1585941959670.835063527&it=1585941959633&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 19:25:59 GMT, Fri, 03 Apr 2020 19:25:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 03 Apr 2020 19:25:59 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 6ms
5ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1727452310&t=pageview&_s=1&dl=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&dp=%2Fcovid-access%2F&ul=en-us&de=UTF-8&dt=COVID%20Access%20-%20Casetext&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAgEADQ~&jid=804096072&gjid=809543257&cid=404802663.1585941960&tid=UA-41954442-1&_gid=899667519.1585941960&z=1359288358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 23:33:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2577143
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-41954442-1&cid=404802663.1585941960&jid=804096072&gjid=809543257&_gid=899667519.1585941960&_u=aGBAgEADQ~&z=1899990236
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41954442-1&cid=404802663.1585941960&jid=804096072&_v=j81&z=1899990236
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41954442-1&cid=404802663.1585941960&jid=804096072&_v=j81&z=1899990236&slf_rd=1&random=3909915133

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41954442-1&cid=404802663.1585941960&jid=804096072&_v=j81&z=1899990236&slf_rd=1&random=3909915133

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Apr 2020 19:25:59 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Apr 2020 19:25:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41954442-1&cid=404802663.1585941960&jid=804096072&_v=j81&z=1899990236&slf_rd=1&random=3909915133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
94 B 8ms
7ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1727452310&t=event&ni=1&_s=2&dl=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&dp=%2Fcovid-access%2F&ul=en-us&de=UTF-8&dt=COVID%20Access%20-%20Casetext&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=All&ea=Viewed%20COVID%20Access%20-%20Casetext%20Page&ev=0&_u=aGBAgEADQ~&jid=&gjid=&cid=404802663.1585941960&tid=UA-41954442-1&_gid=899667519.1585941960&z=1180242598

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 23:33:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2577143
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
94 B 7ms
7ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1727452310&t=event&ni=1&_s=3&dl=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&dp=%2Fcovid-access%2F&ul=en-us&de=UTF-8&dt=COVID%20Access%20-%20Casetext&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=All&ea=Viewed%20Page&ev=0&_u=aGBAgEADQ~&jid=&gjid=&cid=404802663.1585941960&tid=UA-41954442-1&_gid=899667519.1585941960&z=1332211334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 23:33:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2577143
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
94 B 6ms
6ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1727452310&t=timing&_s=4&dl=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&dp=%2Fcovid-access%2F&ul=en-us&de=UTF-8&dt=COVID%20Access%20-%20Casetext&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&plt=1396&pdt=1&dns=9&rrt=53&srt=711&tcp=21&dit=959&clt=959&_gst=3531&_gbt=3554&_cst=3574&_cbt=3573&_u=aGBAgEADQ~&jid=&gjid=&cid=404802663.1585941960&tid=UA-41954442-1&_gid=899667519.1585941960&z=1386096238

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 23:33:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2577143
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 202 page Show response
rs.fullstory.com/rec/ 49 B
230 B 171ms
124ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

d8e35dfcfa65da03261b141199138bddab18a75547434f8059c50c15fa297c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://casetext.com/covid-access/
Origin: https://casetext.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Apr 2020 19:25:59 GMT
via: 1.1 google
x-content-type-options: nosniff
status: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://casetext.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 49

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
652 B 191ms
148ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o2lyg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 03 Apr 2020 19:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 126
pragma: no-cache
last-modified: Fri, 03 Apr 2020 19:25:59 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6b5868ced01532d20211b4a8b7dc76b9
x-transaction: 008dc8e300671198
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 181ms
138ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o2lyg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 19:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Fri, 03 Apr 2020 19:25:59 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bf52206eac97f90b2e34959e5f16453f
x-transaction: 0020b7c1003b0dab
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 frame-modern.ef0bb865.js Show response
js.intercomcdn.com/ Frame FC46 209 KB
58 KB 52ms
52ms Script
application/javascript 13.225.73.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.ef0bb865.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-73.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a36c287a1bf25986363e1a32f018a76f91563e024684ee5b3e4193993eb859e0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 03 Apr 2020 18:20:11 GMT
content-encoding: gzip
age: 3964
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 59276
last-modified: Fri, 03 Apr 2020 11:59:52 GMT
server: AmazonS3
etag: "89a27a14a9f4fa441762392cfd40a7ac"
content-type: application/javascript; charset=UTF-8
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: IHBbW822jhjfM-RvR7EdUZHbD5b-cBa_L-adHeFe8RmqawrjLwzOHg==

GET
H2 200 vendor-modern.1576f7a2.js Show response
js.intercomcdn.com/ Frame FC46 153 KB
46 KB 87ms
86ms Script
application/javascript 13.225.73.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.1576f7a2.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-73.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3cdf281b12c2026f4073a56bb191628ef490a2f7d21c122d0c1a413e3e432d51

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 03 Apr 2020 18:29:53 GMT
content-encoding: gzip
age: 3372
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 46566
last-modified: Thu, 02 Apr 2020 16:35:23 GMT
server: AmazonS3
etag: "4b7b26b03f78ebd89b3e7d9ce1ef8868"
content-type: application/javascript; charset=UTF-8
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 6ZSe6aOa5GOFt6D46YA3aZNK2M2h-ko0xbPrrPwR9HywDaDXfXYsjA==

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/fa8541ec92694ddaa543b8b04f517016/ 43 B
424 B 395ms
99ms Image
image/gif 34.205.56.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/fa8541ec92694ddaa543b8b04f517016/pixel?j=1&u=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&tag=ViewContent&ts=1585941959754

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.56.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-56-105.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 03 Apr 2020 19:26:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: 81,1e41e8b2fa27bd2c3c15a51f21a7214b,10.0.0.67,64138,185.125.207.234,,5849595312,1,1585941960.099,0.001,,.,0,0,0.000,0.004,-,0,0,197,212,106,10,26847,,,,,,-,
Content-Type: image/gif

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/804567192/ 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/804567192/?random=1585941959774&cv=9&fst=1585941959774&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&tiba=COVID%20Access%20-%20Casetext&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5009607e1b02c256b9cee894fccccfc0bd6d19ccc4a04bffba4cc7e067d12343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 03 Apr 2020 19:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1027
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/804567192/ 42 B
113 B 58ms
58ms Image
image/gif 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/804567192/?random=1585941959774&cv=9&fst=1585940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&tiba=COVID%20Access%20-%20Casetext&async=1&fmt=3&is_vtc=1&random=781968303&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 03 Apr 2020 19:25:59 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/804567192/ 42 B
110 B 18ms
18ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/804567192/?random=1585941959774&cv=9&fst=1585940400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&tiba=COVID%20Access%20-%20Casetext&async=1&fmt=3&is_vtc=1&random=781968303&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 03 Apr 2020 19:25:59 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendors~app-modern.fb9cbb83.js Show response
js.intercomcdn.com/ Frame FC46 264 KB
82 KB 42ms
41ms Script
application/javascript 13.225.73.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~app-modern.fb9cbb83.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ef0bb865.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-73.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bdd5c1d1d0722df5f5efa06ceb3ba8b58098fc8abc4b7ad7d9aba946df4218a2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 03 Apr 2020 19:24:11 GMT
content-encoding: gzip
age: 113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 83237
last-modified: Thu, 02 Apr 2020 16:35:23 GMT
server: AmazonS3
etag: "f8d547b09f2954b6ceaa29f44cc53fe5"
content-type: application/javascript; charset=UTF-8
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: dRbWhiF2AkLEqL1geRMES3jEHeHNUbE_k461aA33wflNvyXmh1wy6g==

GET
H2 200 app-modern.a386e278.js Show response
js.intercomcdn.com/ Frame FC46 64 KB
19 KB 65ms
64ms Script
application/javascript 13.225.73.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/app-modern.a386e278.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ef0bb865.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-73.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 846d361cc1aab96aeea49fa168156bf6e4b9f6103b96e1d47b5fb6da2b263afc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 03 Apr 2020 18:40:07 GMT
content-encoding: gzip
age: 2758
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 18909
last-modified: Fri, 03 Apr 2020 10:31:58 GMT
server: AmazonS3
etag: "16834184e5963ea40e587f7ed6bd1dc7"
content-type: application/javascript; charset=UTF-8
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: u3GFn8nVRqLDpJjJCuiVwRR1Y0zCgJbSZjdUZSrdN31Z5PbGBn64BA==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame FC46 6 KB
2 KB 667ms
468ms XHR
application/json 75.2.88.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ef0bb865.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

fbdba0c15f2d3f29ad17b0e1e082f5a849e93d5c5a751022188643af4e9330e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://casetext.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Apr 2020 19:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0004mc6a3g1uieqbesa0
x-runtime: 0.341628
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"fbdba0c15f2d3f29ad17b0e1e082f5a8"
x-ratelimit-remaining: 19999
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://casetext.com
x-intercom-version: 0563551302258816387ecc58dec7dfc4579ce051
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1585942020
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=2336410749960625&ev=Microdata&dl=https%3A%2F%2Fcasetext.com%2Fcovid-access%2F&rl=&if=false&ts=1585941960173&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22COVID%2...
https://cx.atdmt.com/?c=9317062681749305631&f=AYxty9rIjolrzwrCvOcvnifH93LinqILKi0sT9HSSfGrDdB2Ovb_UEU6TwMhkWvyexV9DggdMX3l7xH0F-O7nB4X&id=2336410749960625&l=3&v=0

42 B
319 B

39ms
38ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=9317062681749305631&f=AYxty9rIjolrzwrCvOcvnifH93LinqILKi0sT9HSSfGrDdB2Ovb_UEU6TwMhkWvyexV9DggdMX3l7xH0F-O7nB4X&id=2336410749960625&l=3&v=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://casetext.com/covid-access/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 03 Apr 2020 19:26:00 GMT, Fri, 03 Apr 2020 19:26:00 GMT, Fri, 03 Apr 2020 19:26:00 GMT
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
alt-svc: h3-27=":443"; ma=3600
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 03 Apr 2020 19:26:00 GMT, Fri, 03 Apr 2020 19:26:00 GMT
server: proxygen-bolt
location: https://cx.atdmt.com/?c=9317062681749305631&f=AYxty9rIjolrzwrCvOcvnifH93LinqILKi0sT9HSSfGrDdB2Ovb_UEU6TwMhkWvyexV9DggdMX3l7xH0F-O7nB4X&id=2336410749960625&l=3&v=0
content-type: text/plain
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=3600
content-length: 0
expires: 0

POST
H2 200 events Show response
api-iam.intercom.io/messenger/web/ Frame FC46 0
572 B 216ms
216ms XHR
text/html 75.2.88.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/events

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ef0bb865.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://casetext.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Apr 2020 19:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 000avv86nk8f3lnrs3tg
x-runtime: 0.097213
server: nginx
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 19999
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html
access-control-allow-origin: https://casetext.com
x-intercom-version: 0563551302258816387ecc58dec7dfc4579ce051
cache-control: no-cache
access-control-allow-credentials: true
x-ratelimit-reset: 1585942020
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type

GET
H2 200 launcher-discovery-modern.3aae198f.js Show response
js.intercomcdn.com/ Frame FC46 10 KB
4 KB 65ms
64ms Script
application/javascript 13.225.73.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/launcher-discovery-modern.3aae198f.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ef0bb865.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-73.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 566bde0e2038200c1e71fcc6edb23e9e8b1835cbd9c215528457f936d7abdacb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 03 Apr 2020 17:59:32 GMT
content-encoding: gzip
age: 5195
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 3199
last-modified: Fri, 03 Apr 2020 00:36:22 GMT
server: AmazonS3
etag: "e5e54bd107abeea5acc77d4bc7ca2687"
content-type: application/javascript; charset=UTF-8
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: QvN0EAbhPIWjIrMDsf_KP9nL6qOReDwUkNNn7mQ9x1m6xydm8DAM7A==

GET
H2 200 proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame CB29 28 KB
29 KB 142ms
61ms Font
font/woff 13.225.73.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/launcher-discovery-modern.3aae198f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-73.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

Referer: https://casetext.com/
Origin: https://casetext.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 03 Apr 2020 19:02:23 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
age: 1424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-length: 28960
last-modified: Fri, 03 Apr 2020 11:59:53 GMT
server: AmazonS3
etag: "a7942249ca925ef356c0f2b1dab17ef3"
vary: Origin
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: DxaZFL9WmpAn4Zg19k3a-bwnRabmp76EwkX5Cg-bTY32uRwU17KGeA==

GET
H2 200 linkedinphoto-1559161750.jpg
static.intercomassets.com/avatars/3230810/square_128/ Frame CB29 4 KB
4 KB 573ms
481ms Image
image/jpeg 13.225.73.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/avatars/3230810/square_128/linkedinphoto-1559161750.jpg?1559161750
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.15 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-15.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b16ad532e488a62cf5539eeba6bd70dde67715a7da387ad22e6fee83717d1a4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 19:26:08 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
etag: "c6c14c0a09d71e1f262af4cc46413945"
last-modified: Wed, 29 May 2019 20:29:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4040
x-amz-cf-id: ZqvztnoUzNIy34ZZasEWFcAnVb_o1C0VxHqvhGDlqW6kfxwiod_bOA==

GET
H2 200 Small_IMG_3422-1496258260.JPG
static.intercomassets.com/avatars/1226923/square_128/ Frame CB29 15 KB
15 KB 157ms
65ms Image
image/jpeg 13.225.73.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/avatars/1226923/square_128/Small_IMG_3422-1496258260.JPG?1496258260
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.15 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-15.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59a578ef84302d3bfb2fa42d80e969e3a60a1f8e3c2125957e9ec12b97c71f46

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 19:02:23 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2017 19:17:43 GMT
server: AmazonS3
age: 1424
etag: "5652882328a05d38c194cc0442c1cb03"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 14949
x-amz-cf-id: FUlXXJiVqizm08yKKDrsZ2DYgzJzajmV0DJSpjIS5CmTOq_kUsFE7Q==
expires: Thu, 01 Jun 2017 19:08:37 GMT

GET
H2 200 office_picture_-1559392101.JPG
static.intercomassets.com/avatars/3232926/square_128/ Frame CB29 10 KB
11 KB 138ms
46ms Image
image/jpeg 13.225.73.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/avatars/3232926/square_128/office_picture_-1559392101.JPG?1559392101
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.15 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-15.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae587bac186382c09d1c94de634d9b538f52e55eb7e8df3f6bb2d74bbc53d9cc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 14:47:52 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
etag: "7c33d3c83e477593e4f92a0d639eaffa"
last-modified: Sat, 01 Jun 2019 12:28:22 GMT
server: AmazonS3
age: 16695
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 10478
x-amz-cf-id: xG3Ey-y-y5r1UsiAbOKKN3Tm00DBlrZvUIN0437pRnYte2R3ILeNIA==

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 12:55:53	Name: NID Value: 201=EbfZXsENLSpEILv0J5c083MccoMVbfgRxElDvK67Wz0UnqQvW0vLSMJao7_cnGlTNyfwjxEc1kqZU0rjqLXKPVqd9GunLQtwHE1-SAn_bHjgKP02JMOr-IBLBPWMaWqEQbqu6kKZK0F5jr2E_2jIncdFh_9X7JUAL3Fyl3swqiE
.docs.google.com/forms/d/e/1FAIpQLSe1iaWhnbS3JP8wSSrxVwnchEc0ceMjDuMLz5NcTAtpbM-JOg	1970-01-19 08:32:25	Name: S Value: spreadsheet_forms=nT-gifqJuGBQ9G7sxvooCag4WGw7iGF7
casetext.com/	1969-12-31 23:59:59	Name: PHONE_NUMBER_GROUP Value: C
.casetext.com/	1970-01-19 09:15:33	Name: __cfduid Value: d79ace2ab923cab8d35a14aa1275db90f1585941956

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
analytics.twitter.com
api-iam.intercom.io
api-js.mixpanel.com
api.segment.io
casetext.com
cdn.getambassador.com
cdn.mxpnl.com
cdn.segment.com
connect.facebook.net
cx.atdmt.com
docs.google.com
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.intercomcdn.com
mbsy.co
px.ads.linkedin.com
q.quora.com
rs.fullstory.com
snap.licdn.com
stackpath.bootstrapcdn.com
static.ads-twitter.com
static.intercomassets.com
stats.g.doubleclick.net
t.co
widget.intercom.io
www.casetext.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.244.42.195
104.244.42.197
13.224.194.15
13.225.73.15
13.225.73.73
143.204.99.83
151.101.114.133
151.101.12.157
151.101.13.2
172.217.21.226
2001:4de0:ac19::1:b:3b
23.23.73.253
2600:1901:0:498c::
2606:4700:10::6816:a0b
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:809::200a
2a00:1450:4001:816::200e
2a00:1450:4001:81a::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:820::2004
2a00:1450:400c:c0b::9d
2a02:26f0:10c:39e::25ea
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:11:101::b93f:9005
34.205.56.105
35.186.194.58
35.186.241.51
35.201.112.186
52.88.208.102
75.2.88.188
09b057be10490e7ae8f39f708dd081c5f3466735c2731cbd280af8322f8f1808
0b16ad532e488a62cf5539eeba6bd70dde67715a7da387ad22e6fee83717d1a4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
2d1ebfbd0f2467fe3b84a7ed905b1fe63b91c313dcf5153347246ce7c386e587
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
35c54f4e4199f8c5fe006642a99813f3484053e0261c70693a7485bfe4669a88
3cdf281b12c2026f4073a56bb191628ef490a2f7d21c122d0c1a413e3e432d51
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
5009607e1b02c256b9cee894fccccfc0bd6d19ccc4a04bffba4cc7e067d12343
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566bde0e2038200c1e71fcc6edb23e9e8b1835cbd9c215528457f936d7abdacb
59a578ef84302d3bfb2fa42d80e969e3a60a1f8e3c2125957e9ec12b97c71f46
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c69a5e97f9348c6604982725abd13221e3977f5c795aa45ff46497453692a6f
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6df9ff96634af9a2be5f7206fd25cbfeed18db008717541fd7e83b58fd528e2b
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
8151f87552052755282c1300d6b7590b30e29b2845d85af2626cb7b08bcdbc19
826f059272c66efa36f173869cd384956c785c2d677840455af492a36ad3b68b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b2aa58b640b81d6c29ed11af1848a7203bf61f390eba97e23d70f99c4313c8
846d361cc1aab96aeea49fa168156bf6e4b9f6103b96e1d47b5fb6da2b263afc
9e69500c05e266b4a98f33f156829cf40b0d05767331f71c6c86c08e716ae6a2
a36c287a1bf25986363e1a32f018a76f91563e024684ee5b3e4193993eb859e0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
ae587bac186382c09d1c94de634d9b538f52e55eb7e8df3f6bb2d74bbc53d9cc
b7f50d000c6abd14a4185cb9d6250788b558af436bee9a87982725ddfd70b3b1
bdd5c1d1d0722df5f5efa06ceb3ba8b58098fc8abc4b7ad7d9aba946df4218a2
c20076d840b4bf5c78ad11557fdbe2199aa61c953e001308541209d89adb1936
d32b2c653c571d5ebe401463197bd449b52f013c0da42995f8fc8b67524abccc
d6e39c3ec496a5e0cfde01254a0f015f761d5514ba33248cb591180733c54711
d7452b2dfe3e566f56949199806c04687a97680c3a8a324b5046f06af31cdb0f
d8e35dfcfa65da03261b141199138bddab18a75547434f8059c50c15fa297c98
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfe93388e634c6837b71ea995c584fd589609b38ed355051db85e4a276f625de
e2e22cb654b7e3edd674df75c7076f62b69d04fa93e8f9befdc74028e0fb388e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99d4b15f93994107b6109c9e118374ccab367bcbf3526a567b1fb3362c1c250
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f97818739ebb98f7e7158da11a697bd9369fcb59d5d2adabb78f406ebb99e48d
fbdba0c15f2d3f29ad17b0e1e082f5a849e93d5c5a751022188643af4e9330e1
ffe7114f182b4fc3aa8fd104bf58e796af0b7b0e01c35cea05197d9c680ed3eb

casetext.com Open in urlscan Pro 2606:4700:10::6816:a0b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

51 %IPv6

29 Domains

36 Subdomains

33 IPs

6 Countries

894 kBTransfer

3030 kBSize

4 Cookies

7 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

casetext.com Open in urlscan Pro
2606:4700:10::6816:a0b Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

51 %
IPv6

29
Domains

36
Subdomains

33
IPs

6
Countries

894 kB
Transfer

3030 kB
Size

4
Cookies

62 HTTP transactions
1 data transactions