urlscan.io logo urlscan.io
SecurityTrails logo

audit.tdsgroup.org Open in urlscan Pro
34.68.234.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://email.ghl.tdsbenefits.org/c/eJwVjc1qxCAYRZ8mLsX4Ez8XLtqBQDt06NBFsxscNVFq6tQY2snTNwP3Lg6Xw7WX6PQc38h89oeND3PXH7buOHCUsn1sn_...
Effective URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phon...
Submission: On July 07 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 2 countries across 14 domains to perform 50 HTTP transactions. The main IP is 34.68.234.4, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is audit.tdsgroup.org.
TLS certificate: Issued by R3 on June 1st 2022. Valid for: 3 months.
This is the only time audit.tdsgroup.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.223.162.87 16509 (AMAZON-02)
2 2 34.70.111.192 396982 (GOOGLE-CL...)
1 34.68.234.4 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
16 35.244.153.18 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 151.101.64.176 54113 (FASTLY)
6 34.98.115.9 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 72.52.161.88 32244 (LIQUIDWEB)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.120.211.235 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 54.186.23.98 16509 (AMAZON-02)
2 52.222.236.60 16509 (AMAZON-02)
1 52.42.222.104 16509 (AMAZON-02)
50 19
1    34.223.162.87 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-162-87.us-west-2.compute.amazonaws.com
email.ghl.tdsbenefits.org
2    34.70.111.192 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.111.70.34.bc.googleusercontent.com
go.fhri.org
1    34.68.234.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.234.68.34.bc.googleusercontent.com
audit.tdsgroup.org
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)
msgsndr.com
16    35.244.153.18 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 18.153.244.35.bc.googleusercontent.com
cdn.msgsndr.com
widgets.leadconnectorhq.com
assets.cdn.msgsndr.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    151.101.64.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
6    34.98.115.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.115.98.34.bc.googleusercontent.com
services.msgsndr.com
1    2a00:1450:4001:800::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    72.52.161.88 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.tdsgroup.org
tdsgroup.org
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    34.120.211.235 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 235.211.120.34.bc.googleusercontent.com
services.leadconnectorhq.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
2    52.222.236.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-60.fra56.r.cloudfront.net
m.stripe.network
1    52.42.222.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-222-104.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
19 msgsndr.com
msgsndr.com — Cisco Umbrella Rank: 42309
cdn.msgsndr.com — Cisco Umbrella Rank: 63612
services.msgsndr.com — Cisco Umbrella Rank: 58930
assets.cdn.msgsndr.com — Cisco Umbrella Rank: 151470
818 KB
7 leadconnectorhq.com
widgets.leadconnectorhq.com — Cisco Umbrella Rank: 105123
services.leadconnectorhq.com — Cisco Umbrella Rank: 151433
83 KB
6 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1748
q.stripe.com — Cisco Umbrella Rank: 12728
m.stripe.com — Cisco Umbrella Rank: 1533
77 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
56 KB
3 gstatic.com
fonts.gstatic.com
77 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 964
2 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1852
16 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
storage.googleapis.com — Cisco Umbrella Rank: 422
31 KB
2 tdsgroup.org
audit.tdsgroup.org
tdsgroup.org
351 KB
2 fhri.org
go.fhri.org
642 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2733
349 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
69 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 944
40 KB
1 tdsbenefits.org
email.ghl.tdsbenefits.org
212 B
50 14
Domain Requested by
9 cdn.msgsndr.com audit.tdsgroup.org
6 services.msgsndr.com cdn.msgsndr.com
msgsndr.com
5 widgets.leadconnectorhq.com cdn.msgsndr.com
widgets.leadconnectorhq.com
audit.tdsgroup.org
3 cdnjs.cloudflare.com cdn.msgsndr.com
audit.tdsgroup.org
3 js.stripe.com cdn.msgsndr.com
js.stripe.com
3 fonts.gstatic.com fonts.googleapis.com
3 use.fontawesome.com audit.tdsgroup.org
2 m.stripe.network js.stripe.com
m.stripe.network
2 q.stripe.com audit.tdsgroup.org
2 services.leadconnectorhq.com widgets.leadconnectorhq.com
2 assets.cdn.msgsndr.com audit.tdsgroup.org
2 msgsndr.com audit.tdsgroup.org
2 go.fhri.org 2 redirects
1 m.stripe.com m.stripe.network
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com audit.tdsgroup.org
1 unpkg.com cdn.msgsndr.com
1 tdsgroup.org audit.tdsgroup.org
1 storage.googleapis.com cdn.msgsndr.com
1 fonts.googleapis.com audit.tdsgroup.org
1 audit.tdsgroup.org
1 email.ghl.tdsbenefits.org 1 redirects
50 22

This site contains links to these domains. Also see Links.

Domain
go.fhri.org
rig.tdsgroup.org
healthcare.tdsgroup.org
strs.tdsgroup.org
7702.tdsgroup.org
Subject Issuer Validity Valid
audit.tdsgroup.org
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
msgsndr.com
GTS CA 1D4		 2022-06-29 -
2022-09-27		 3 months crt.sh
cdn.msgsndr.com
GTS CA 1D4		 2022-06-09 -
2022-09-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-05-20 -
2022-09-25		 4 months crt.sh
services.msgsndr.com
GTS CA 1D4		 2022-06-01 -
2022-08-30		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
widgets.leadconnectorhq.com
GTS CA 1D4		 2022-06-10 -
2022-09-08		 3 months crt.sh
tdsgroup.org
R3		 2022-05-28 -
2022-08-26		 3 months crt.sh
assets.cdn.msgsndr.com
GTS CA 1D4		 2022-06-29 -
2022-09-27		 3 months crt.sh
services.leadconnectorhq.com
GTS CA 1D4		 2022-06-30 -
2022-09-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-25 -
2022-09-08		 4 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-11 -
2022-08-03		 4 months crt.sh

This page contains 3 frames:

Primary Page: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Frame ID: 6621842D0E8584BE91C7B7F0F0C98250
Requests: 40 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Frame ID: 2D7DCCEC2AC7859F9D578EBF5ECAE528
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 188E6A3E85A4E76E8D31D4D40D190949
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Audit Support and Request

Page URL History Show full URLs

  1. http://email.ghl.tdsbenefits.org/c/eJwVjc1qxCAYRZ8mLsX4Ez8XLtqBQDt06NBFsxscNVFq6tQY2snTNwP3Lg6Xw7WX6PQc38h89o... HTTP 302
    https://go.fhri.org/l/KSXQ38FxhqI HTTP 302
    https://go.fhri.org/r/1/eyJsaW5rX2lkIjoiOWZxVWFtUlo0aWhQUmtKMWh2NkIiLCJjb250YWN0X2lkIjoiWnNsd3B5... HTTP 302
    https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.ho... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

50
Requests

100 %
HTTPS

45 %
IPv6

14
Domains

22
Subdomains

19
IPs

2
Countries

1622 kB
Transfer

3687 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email.ghl.tdsbenefits.org/c/eJwVjc1qxCAYRZ8mLsX4Ez8XLtqBQDt06NBFsxscNVFq6tQY2snTNwP3Lg6Xw7WX6PQc38h89oeND3PXH7buOHCUsn1sn_k5vEIGdzrJdyOE2eqK_GxiutT7zetcgy8oakooJZLIVhDCKbbcMqVEy52gSnJoOJlCwtUtV__tx1gXnMuEgu5I116ZV6LjYBQY6YFQUOBG4CCdQkmHWm9Lw54a2u-ZMh5DiQ99p7T3-DGcGfR_4ecFFb0ZG0y545BL_o1125_d-uWxdytymigrGPsHC-BMcw HTTP 302
    https://go.fhri.org/l/KSXQ38FxhqI HTTP 302
    https://go.fhri.org/r/1/eyJsaW5rX2lkIjoiOWZxVWFtUlo0aWhQUmtKMWh2NkIiLCJjb250YWN0X2lkIjoiWnNsd3B5aG1MbWdjd1hNWmIwd08iLCJtZXNzYWdlVHlwZSI6ImVtYWlsIiwibWVzc2FnZUlkIjoicTVzVUprbDdNZEVQYzN1djVmbnQiLCJidWxrX3JlcV9pZCI6InVqS0JlTHBIcVR4VlJRcHBxZGY0In0= HTTP 302
    https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request audit-report-mn542401
audit.tdsgroup.org/
Redirect Chain
  • http://email.ghl.tdsbenefits.org/c/eJwVjc1qxCAYRZ8mLsX4Ez8XLtqBQDt06NBFsxscNVFq6tQY2snTNwP3Lg6Xw7WX6PQc38h89oeND3PXH7buOHCUsn1sn_k5vEIGdzrJdyOE2eqK_GxiutT7zetcgy8oakooJZLIVhDCKbbcMqVEy52gSnJoOJlCwt...
  • https://go.fhri.org/l/KSXQ38FxhqI
  • https://go.fhri.org/r/1/eyJsaW5rX2lkIjoiOWZxVWFtUlo0aWhQUmtKMWh2NkIiLCJjb250YWN0X2lkIjoiWnNsd3B5aG1MbWdjd1hNWmIwd08iLCJtZXNzYWdlVHlwZSI6ImVtYWlsIiwibWVzc2FnZUlkIjoicTVzVUprbDdNZEVQYzN1djVmbnQiLCJid...
  • https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ih...
368 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.68.234.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.234.68.34.bc.googleusercontent.com
Software
openresty / Express
Resource Hash
38730695109284b3838c96c783da6226904ef5813073c80bacad991637e3f973

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
46713
content-type
text/html; charset=utf-8
date
Thu, 07 Jul 2022 15:27:00 GMT
etag
W/"b679-I13tslr8gNANvX2ZS6KhAVdyP/s"
server
openresty
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

access-control-allow-origin
*
content-length
496
content-type
text/html; charset=utf-8
date
Thu, 07 Jul 2022 15:26:59 GMT
location
https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
server
openresty
vary
Accept
x-cloud-trace-context
b94407e572fc953ab0b81654afd54e2a
x-powered-by
Express
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700%7COpen%20Sans:400,700%7CMontserrat:400,700&display=swap
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
27c5835babdb6a17a9a94ee906b9c0f5300309e5afb8e5433ca1836ac9520788
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 15:27:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 07 Jul 2022 15:27:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Jul 2022 15:27:00 GMT
regular.css
use.fontawesome.com/releases/v5.13.0/css/ 		677 B
697 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/css/regular.css
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80cb1bf451faf21b7bfb5cc96b6eb88a35ef4c9a2d5498839fe3828167ee68e9

Request headers

Referer
https://audit.tdsgroup.org/
Origin
https://audit.tdsgroup.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:27:00 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QVQREPJG0DJARGAQ
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
K0UFZLrirQL0Q3KNqN99tJ6eP+ij33ePtZ+hldGsJItz0VgiueKOl2W8j16Lj6srsAOt8L19DHY=
last-modified
Wed, 30 Jun 2021 15:38:38 GMT
server
cloudflare
etag
W/"fa6a7083e56fcb67df350a5a323a2b38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZLn2ysdLwELhM%2FtWPBgVwSGcbCAxsC5aluv6VV6M5hT1Cu45KDAWw5%2BLq15yVe3jocgltda3Mfco0aTuWofeQCaMX%2BqYnMiwYFMErH%2Fx694jLlv2yflEDfldNUemFuiUY7zcIeYACxRcyp%2F3wUk0lO6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
72719a0d6d37bbdf-FRA
solid.css
use.fontawesome.com/releases/v5.13.0/css/ 		669 B
707 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/css/solid.css
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4803373f048228fe14afb4d10322231306d47d11f2b708e9a71f6a6df1c3c36

Request headers

Referer
https://audit.tdsgroup.org/
Origin
https://audit.tdsgroup.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:27:00 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QVQW2D7BC07BK65D
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
clygDTiqnNDqmyOVmyaq/Suej2uyI4a8SQkhrKKG/agECLEH7AJyE6wj/w/OM0rGM+LcFEN7UTtgmjm3DyHN2g==
last-modified
Wed, 30 Jun 2021 15:38:38 GMT
server
cloudflare
etag
W/"2b98e9fe1c909f528fb0d123c9373a76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrlBV5P3LTkgvXcg3B6bC9ZfEXkQntedh88UJCHkibfxUU4i7wFmDlbULl309MG6ABoIVne3VYo19Q9OhVXRD0j2%2BmwdhJuxCgaV4mPYY4POeEWQfU3I28GhW7I%2FqVhr2ugf3RiFtTjwL8PrYFbkHKBn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
72719a0d6d3bbbdf-FRA
brands.css
use.fontawesome.com/releases/v5.13.0/css/ 		675 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/css/brands.css
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1f6dbb101582a78b3422fd62cf5d2df0543bb40e98b6c944296410ec6f61f5b

Request headers

Referer
https://audit.tdsgroup.org/
Origin
https://audit.tdsgroup.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:27:00 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QVQG13A7KCVMADFW
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
vl3IrteB5O70jvQq9czY49hcx7Z0KC7ngWgDzFgyVvU2qWe+8fCdjlBmH0vlZA1Nrp5n3/cG//Y=
last-modified
Wed, 30 Jun 2021 15:38:38 GMT
server
cloudflare
etag
W/"7f48614a568c2c4a2b3cc47e2727de2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEB%2BIJOrY6xtdrBGEe4ePoWD3UJyV0hD6hk5hfrkuZqBB0NaOnueGDggTJ7UG4WAarccgDssw8cUJUfqH3JY2jRm09JEtx7TEub%2BT3lhu0S4pJn%2B6bqbe4BY0wQ6ZGhQAiGxGPK%2BUuCYo7MMEEr7qOUJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
72719a0d6d3cbbdf-FRA
user_session.js
msgsndr.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msgsndr.com/js/user_session.js
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
2fddb0152b7827669035a54fcc3b4bf03c675b80fa6ec0ec48478e581db914de
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=2592000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
server
Google Frontend
etag
"Z4nn_g"
x-frame-options
sameorigin
content-type
application/javascript
x-cloud-trace-context
e2da10c4c18719627d319cc7f3d02292
cache-control
no-cache, must-revalidate
date
Thu, 07 Jul 2022 15:27:00 GMT
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
692aa13.js
cdn.msgsndr.com/_preview/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.msgsndr.com/_preview/692aa13.js
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
aa84758531ea58fbe55ed3b381669d16b75afd8bb915e91c0c32dd4a2d0dbc7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:39:50 GMT
content-encoding
gzip
age
1306030
x-guploader-uploadid
ADPycduKiSIwRujGJ0kvP7v6RKvEbhPBUTwlCrwRLaEkzbWCKW8JLaf-hsyHGSigS006gCkvTVxATGo9jJWr9h70Zbs9zg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1260
last-modified
Wed, 22 Jun 2022 12:38:52 GMT
server
UploadServer
etag
"f22b640829945c22955bbdadd47cd245"
x-goog-hash
crc32c=zYrjiA==, md5=8itkCCmUXCKVW72t1HzSRQ==
x-goog-generation
1655901531920563
access-control-allow-origin
*
cache-control
public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length
1260
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 22 Jun 2023 12:39:50 GMT
2b1b523.js
cdn.msgsndr.com/_preview/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.msgsndr.com/_preview/2b1b523.js
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
601305b6e50c64276d10dce02f13ce2f91636cec20ee0b2cb9cb37d56a36fd16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:42:57 GMT
content-encoding
gzip
age
1305843
x-guploader-uploadid
ADPycdunjSGxk-YvpmATNFDqK5xNkr0i7l-QAR7Pi6SM_sNXBadoWRwu8jG8L84oA8XL-xvSvV5A9fo4yyeDWc93eByqDuY1KRax
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3544
last-modified
Wed, 22 Jun 2022 12:38:50 GMT
server
UploadServer
etag
"4823abdaaba617d453150e65566f5534"
x-goog-hash
crc32c=tOsewg==, md5=SCOr2qumF9RTFQ5lVm9VNA==
x-goog-generation
1655901530855082
access-control-allow-origin
*
cache-control
public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length
3544
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 22 Jun 2023 12:42:57 GMT
7b9015a.js
cdn.msgsndr.com/_preview/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.msgsndr.com/_preview/7b9015a.js
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ecfe112e6522210d01d17810fb655a09dba60466a11ffc2cb22e0358ab5cc402

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:42:57 GMT
content-encoding
gzip
age
1305843
x-guploader-uploadid
ADPycduly00V6OToXunh2DlBRA13Hqzi4NfX-rOK7nXR3-d7BpT8eu5L1pqWzA0Clm3gtmFeKtBFF3iFU1b7OzcBcjcr8A
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4199
last-modified
Wed, 22 Jun 2022 12:38:52 GMT
server
UploadServer
etag
"8d3256a08cfbf6e614ac1fc517253445"
x-goog-hash
crc32c=j4jJcg==, md5=jTJWoIz79uYUrB/FFyU0RQ==
x-goog-generation
1655901532352026
access-control-allow-origin
*
cache-control
public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length
4199
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 22 Jun 2023 12:42:57 GMT
55b8c6f.js
cdn.msgsndr.com/_preview/ 		277 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.msgsndr.com/_preview/55b8c6f.js
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
07e7f2a69fafc41fa34c044cb78d6c53968b2888b51c9bc4cf84f17de0ad7d6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:39:50 GMT
content-encoding
gzip
age
1306030
x-guploader-uploadid
ADPycdv-mgpc6xQ21VEQ49nWVToh5L70dW6u4118h2qLN5qSDchedn94aE5CIeSQH0ASO1upzrsbDfzeXrvI8v06ba6tfA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95075
last-modified
Wed, 22 Jun 2022 12:38:51 GMT
server
UploadServer
etag
"bd09335c34fbad06769057f59443b75f"
x-goog-hash
crc32c=dSvbUQ==, md5=vQkzXDT7rQZ2kFf1lEO3Xw==
x-goog-generation
1655901531677304
access-control-allow-origin
*
cache-control
public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length
95075
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 22 Jun 2023 12:39:50 GMT
d682d4b.js
cdn.msgsndr.com/_preview/ 		244 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.msgsndr.com/_preview/d682d4b.js
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0f998b9d3dfbe04d867513b6e094f2227f32d81e96a811572f6b546f3baafc06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 12:39:50 GMT
content-encoding
gzip
age
1306030
x-guploader-uploadid
ADPycdsJweGEyVuycj7eY8sLOQEyCsj7-TBfHWqjGmGozYltOso2pm5eXrjMw3UpSJv1lcuNDS8Yb4YdOrAKHTjwlG7hfvebDSLd
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76151
last-modified
Wed, 22 Jun 2022 12:38:53 GMT
server
UploadServer
etag
"bc759c33afc693fd4c89dc4645549355"
x-goog-hash
crc32c=FhrrbQ==, md5=vHWcM6/Gk/1MidxGRVSTVQ==
x-goog-generation
1655901533304150
access-control-allow-origin
*
cache-control
public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length
76151
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 22 Jun 2023 12:39:50 GMT
a86dc93.js
cdn.msgsndr.com/_preview/ 		744 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.msgsndr.com/_preview/a86dc93.js
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b1959fb878410ed82aa1e5fbf57f1d98d1e77906a65cd63a4f916ac6706a389f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 19:16:27 GMT
content-encoding
gzip
age
159033
x-guploader-uploadid
ADPycdsvtMHH03LAiY0hlhZJiV5hWzMs9gefJ2KlRCTGaSu14PklGQWHjrYR56xfm8rRkS9H-ruUpkV6hY77tAR0pCTo2A
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157023
last-modified
Wed, 29 Jun 2022 17:37:40 GMT
server
UploadServer
etag
"765074799c0b83fa707fde3e4afd75b5"
x-goog-hash
crc32c=terdZg==, md5=dlB0eZwLg/pwf94+Sv11tQ==
x-goog-generation
1656524260066328
access-control-allow-origin
*
cache-control
public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length
157023
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 05 Jul 2023 19:16:27 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7COpen%20Sans:400,700%7CMontserrat:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://audit.tdsgroup.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 17:07:05 GMT
x-content-type-options
nosniff
age
166796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 17:07:05 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7COpen%20Sans:400,700%7CMontserrat:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://audit.tdsgroup.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 17:08:09 GMT
x-content-type-options
nosniff
age
166732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 17:08:09 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7COpen%20Sans:400,700%7CMontserrat:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://audit.tdsgroup.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 17:08:09 GMT
x-content-type-options
nosniff
age
166732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 17:08:09 GMT
truncated
/ 		788 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2bcaa68f0a7810ee95b5a352a707a941602cec2a5f1fde91e6cd1e8ee5326f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
v3
js.stripe.com/ 		316 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: cdn.msgsndr.com
URL: https://cdn.msgsndr.com/_preview/d682d4b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9368c25576edd4e4251a217697bdd72e555ad15dc9294faca6de60a90a21e055
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
43
x-cache
HIT
content-length
75935
etag
"fc59ab8d33cc514bb4d9d31f2f831f0b"
x-request-id
dab475c4-4160-4900-b84a-a531bdc02919
x-served-by
cache-hhn4035-HHN
access-control-allow-origin
*
last-modified
Wed, 06 Jul 2022 20:51:21 GMT
server
Fastly
date
Thu, 07 Jul 2022 15:27:03 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
16
event
services.msgsndr.com/funnels/stats/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.msgsndr.com/funnels/stats/event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.115.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.115.98.34.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
channel,content-type,source,version
Access-Control-Request-Method
POST
Origin
https://audit.tdsgroup.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
channel,content-type,source,version
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 07 Jul 2022 15:27:01 GMT
vary
Access-Control-Request-Headers
via
1.1 google
x-powered-by
Express
event
services.msgsndr.com/funnels/stats/ 		56 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.msgsndr.com/funnels/stats/event
Requested by
Host: cdn.msgsndr.com
URL: https://cdn.msgsndr.com/_preview/55b8c6f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.115.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.115.98.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
aa13d5ca6d93bb9b20b755a492d8ff6561cb3f58e0753933bbd79b5b3c4f122d

Request headers

accept-language
de-DE,de;q=0.9
source
WEB_USER
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://audit.tdsgroup.org/
channel
APP
version
2021-04-15

Response headers

date
Thu, 07 Jul 2022 15:27:01 GMT
via
1.1 google
etag
W/"38-VwhAjb2vsESbndIJNDJcCmxnoTg"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
intlTelInput.min.js
storage.googleapis.com/preview-production-assets/funnel/intl-tel-input/ 		29 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/preview-production-assets/funnel/intl-tel-input/intlTelInput.min.js
Requested by
Host: cdn.msgsndr.com
URL: https://cdn.msgsndr.com/_preview/a86dc93.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8aef4defbc01eccd0a2989dcbd2af9d4470c3312a0941e1ddba3f7bbca2ae393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:25:49 GMT
age
72
x-guploader-uploadid
ADPycdsd0HsWrCaQ7SQKOHG-zufMJ_Nomiko0mKhVQFY6UKLbquHXvGSU9XSFgkRjgucvPtGHLoCsvsovq6RuNfbwHaUIQ
x-goog-storage-class
STANDARD
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
last-modified
Tue, 23 Nov 2021 07:07:14 GMT
server
UploadServer
etag
"bb5beb75fac739727eda667a25f114b1"
x-goog-meta-x-goog-reserved-source-generation
1637651075625974
x-goog-hash
crc32c=87TtOQ==, md5=u1vrdfrHOXJ+2mZ6JfEUsQ==
x-goog-generation
1637651234328442
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Range, Content-Range, X-From-Cache
cache-control
public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length
29618
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 07 Jul 2023 15:25:49 GMT
loader.js
widgets.leadconnectorhq.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.leadconnectorhq.com/loader.js
Requested by
Host: cdn.msgsndr.com
URL: https://cdn.msgsndr.com/_preview/d682d4b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2f68fb77d030449cb77ba3838658d2f9aecdd74f4e7da82028557945e378b33b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:09:04 GMT
age
1077
x-guploader-uploadid
ADPycdv9i8dOK1P4kFjPmRmHv5P4rMLMjUFGhAzm0W40Zu2NH_jPfb_81q8xrxD99ZXph-p00Flq1Ll5X2P9DTChthovvD5UCjKd
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2878
last-modified
Thu, 07 Jul 2022 11:57:46 GMT
server
UploadServer
etag
"6cbe86638f6003a327e04da167fe9640"
x-goog-hash
crc32c=oR8x1w==, md5=bL6GY49gA6Mn4E2hZ/6WQA==
x-goog-generation
1640338343844782
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Range, Content-Range, X-From-Cache
cache-control
public, max-age=3600
x-goog-stored-content-length
2878
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 07 Jul 2022 16:09:04 GMT
SAMPLE-AUDIT-REPORT_001.jpg
tdsgroup.org/wp-content/uploads/2019/07/ 		305 KB
305 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tdsgroup.org/wp-content/uploads/2019/07/SAMPLE-AUDIT-REPORT_001.jpg
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz%40duke.edu&phone&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.52.161.88 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.tdsgroup.org
Software
Apache / PleskLin
Resource Hash
1fdfe783d479074b30e95e5d1b2f0a0d5b4477f3875886b7111fae088cc89471

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 07 Jul 2022 15:37:23 GMT
Last-Modified
Mon, 20 Jul 2020 14:38:26 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"4c486-5aae0759a5c80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
312454
6202d81d6a97e34e4449db19.png
assets.cdn.msgsndr.com/WoBhJ8o8dNN7Pa55aztu/media/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.cdn.msgsndr.com/WoBhJ8o8dNN7Pa55aztu/media/6202d81d6a97e34e4449db19.png
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz%40duke.edu&phone&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d4d61d0459c82657aea51e71b1c2313cbf973a63897881f8edff4e0aa54e7260

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:27:01 GMT
x-guploader-uploadid
ADPycdvLptvZyp3q0WcFJCCLABRFFhFLbs4zKL05tFtoVNm25mgwv6cjuMGcW13fmKOkAMYWPJrGt6fo-2FKalpaZ5WrGdUb4ioj
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78858
last-modified
Tue, 08 Feb 2022 20:52:45 GMT
server
UploadServer
etag
"36cf2bee7e3a2923f10251417a5cb4ee"
x-goog-hash
crc32c=iKuWsg==, md5=Ns8r7n46KSPxAlFBely07g==
x-goog-generation
1644353565712620
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Range, Content-Range, X-From-Cache
cache-control
public,max-age=31622400
x-goog-stored-content-length
78858
accept-ranges
bytes
content-type
image/png
location%2FWoBhJ8o8dNN7Pa55aztu%2Fimages%2Fbff6b533-ba02-4004-86a0-3bdb7f420b53.png
cdn.msgsndr.com/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.msgsndr.com/location%2FWoBhJ8o8dNN7Pa55aztu%2Fimages%2Fbff6b533-ba02-4004-86a0-3bdb7f420b53.png?alt=media
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz%40duke.edu&phone&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
de80514682adf174be8455d232de1e35e6f1803450018bd0c1b8d68192839688

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:27:01 GMT
x-guploader-uploadid
ADPycdt8xA4GXeMY5AhIi3a_QtjnB_CeZtLXBSY-SdPy-vRnTvhhg0w8ypzngfcUl39c97f9pfiuNXto4q2jPAFn2E2eYg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''bff6b533-ba02-4004-86a0-3bdb7f420b53.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75291
last-modified
Fri, 09 Oct 2020 00:09:41 GMT
server
UploadServer
etag
"b0cb1ec2ce2f7817d97580c6498b6078"
x-goog-hash
crc32c=FsVGzA==, md5=sMsews4veBfZdYDGSYtgeA==
x-goog-generation
1602202181695907
access-control-allow-origin
*
cache-control
public, max-age=315360000
x-goog-stored-content-length
75291
x-goog-meta-firebasestoragedownloadtokens
9509f6f7-20fd-4e25-9f11-2478aa29b293
accept-ranges
bytes
content-type
image/png
expires
Fri, 07 Jul 2023 15:27:01 GMT
6227cc02ced30081cfd0be33.png
assets.cdn.msgsndr.com/WoBhJ8o8dNN7Pa55aztu/media/ 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.cdn.msgsndr.com/WoBhJ8o8dNN7Pa55aztu/media/6227cc02ced30081cfd0be33.png
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz%40duke.edu&phone&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8050570a09ac21328a1ec663c23002d727f5022cbbb42acb950020382cfff4f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:27:01 GMT
x-guploader-uploadid
ADPycdsG_iVImUM8_FTamTZcWhDj1vVSPRZEgrdvtfrJMNkH6BL9CiLATp2P2tWwOX2fkRGmJdtNLDBU4lWQU41oOYhtru6BBFew
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145098
last-modified
Tue, 08 Mar 2022 21:34:58 GMT
server
UploadServer
etag
"c1f68b0757f83027da79ca8fe21f37f7"
x-goog-hash
crc32c=3gM3+w==, md5=wfaLB1f4MCfaecqP4h839w==
x-goog-generation
1646775298300230
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Range, Content-Range, X-From-Cache
cache-control
public,max-age=31622400
x-goog-stored-content-length
145098
accept-ranges
bytes
content-type
image/png
location%2FWoBhJ8o8dNN7Pa55aztu%2Fimages%2F4eaac030-fe08-43ff-91a8-0d0fba8299c8.png
cdn.msgsndr.com/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.msgsndr.com/location%2FWoBhJ8o8dNN7Pa55aztu%2Fimages%2F4eaac030-fe08-43ff-91a8-0d0fba8299c8.png?alt=media
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz%40duke.edu&phone&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6059a87884e7db39975946c64af86ac76c36fcfcd1dc1744cfe6ef88c0cc2159

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:27:01 GMT
x-guploader-uploadid
ADPycdtq5o0y_yPG2U1otCe_w1Wu4eBvqGcw-HtyVdmdftIIrsQYa830UiYM-KWZw1sx8a8ccqPA6j5P9OL3J9G5_5ICdQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''4eaac030-fe08-43ff-91a8-0d0fba8299c8.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126490
last-modified
Fri, 09 Oct 2020 00:09:41 GMT
server
UploadServer
etag
"e83f029a21aa1573ca173fd8a9e4305a"
x-goog-hash
crc32c=Cah3wg==, md5=6D8CmiGqFXPKFz/YqeQwWg==
x-goog-generation
1602202181846165
access-control-allow-origin
*
cache-control
public, max-age=315360000
x-goog-stored-content-length
126490
x-goog-meta-firebasestoragedownloadtokens
b3bee299-894c-4412-9a26-58b2fc36f60a
accept-ranges
bytes
content-type
image/png
expires
Fri, 07 Jul 2023 15:27:01 GMT
location%2FWoBhJ8o8dNN7Pa55aztu%2Fimages%2F506f198f-83c9-4ee8-9e5a-50ede1e6ce9d.png
cdn.msgsndr.com/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.msgsndr.com/location%2FWoBhJ8o8dNN7Pa55aztu%2Fimages%2F506f198f-83c9-4ee8-9e5a-50ede1e6ce9d.png?alt=media
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz%40duke.edu&phone&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
414d60a57f90e56dbdf6c32c98b5aec7eaa0a9e8b63806bc4ea7113f67ca11af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:27:01 GMT
x-guploader-uploadid
ADPycdudSbjwo1o23L5A1TOQnTlqbmlWhhWktJH3HjkPvWHznpNbaMzPwMtRWTrBU33nLS8XtE6Ajxy9YsB-7_UgspgjbaMs1sog
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''506f198f-83c9-4ee8-9e5a-50ede1e6ce9d.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63683
last-modified
Fri, 09 Oct 2020 00:09:41 GMT
server
UploadServer
etag
"8fa5bc554262f7e0bc7de2feed987747"
x-goog-hash
crc32c=TfJjYA==, md5=j6W8VUJi9+C8feL+7Zh3Rw==
x-goog-generation
1602202181213908
access-control-allow-origin
*
cache-control
public, max-age=315360000
x-goog-stored-content-length
63683
x-goog-meta-firebasestoragedownloadtokens
94739fc1-7304-4e97-91cb-570d963138ec
accept-ranges
bytes
content-type
image/png
expires
Fri, 07 Jul 2023 15:27:01 GMT
intlTelInput.min.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/ 		19 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css
Requested by
Host: cdn.msgsndr.com
URL: https://cdn.msgsndr.com/_preview/55b8c6f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
63099
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1820
timing-allow-origin
*
last-modified
Sat, 13 Feb 2021 20:29:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"602836ba-4ad5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ww50%2Fwe1DpAGqhWY1Sih%2FO0%2BZJHl%2BVlFb%2F47x23ndMQPXmukTfHWh3Ch1Txrh6qwQCaRUU58ix1YXbTX%2FfCqs5K0rumcgid1IUQF8xARgLwkUGMre5XW96T3KDCbFfWyi09LGvSD2WrW8sb8GQmY%2FZCT"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72719a10ec759bb0-FRA
expires
Tue, 27 Jun 2023 15:27:01 GMT
libphonenumber-min.js
unpkg.com/libphonenumber-js@1.9.43/bundle/ 		148 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/libphonenumber-js@1.9.43/bundle/libphonenumber-min.js
Requested by
Host: cdn.msgsndr.com
URL: https://cdn.msgsndr.com/_preview/55b8c6f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c89181942c69b68aaa88eccc2e90d8c69fea99d93b36db6d857303a3197ef9c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:27:01 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
14202116
fly-request-id
01FT5C4TTKGJ8WZR2NT0TJX16V
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"24fd7-VsWsyMlPbowMQ2RL4y2WeMfG2vs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
72719a10ef359b1f-FRA
utils.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/ 		240 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/utils.min.js
Requested by
Host: cdn.msgsndr.com
URL: https://cdn.msgsndr.com/_preview/55b8c6f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40be34b828e28a6e711efb10cb00aab537ef9de74abb3864acd2fa59665f6fbf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3783202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44956
timing-allow-origin
*
last-modified
Sat, 13 Feb 2021 20:31:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6028372e-3bf7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezmkvoSriYB9su5u0woKWthmgBPNgsYAgZDDgvOZxMe%2FBUZc0F34tLIbkUQxN5fR9N1oLaHB%2BgNixvx%2Bj1y%2BRuF1J%2F7%2FGV8rJsaNlf2VnhpK400V1pw%2F65IsBlHDT1p08PrvEBLSsKXqUzZX%2F%2B9mhFwI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72719a10ec799bb0-FRA
expires
Tue, 27 Jun 2023 15:27:01 GMT
chat-widget.esm.js
widgets.leadconnectorhq.com/chat-widget/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.leadconnectorhq.com/chat-widget/chat-widget.esm.js
Requested by
Host: widgets.leadconnectorhq.com
URL: https://widgets.leadconnectorhq.com/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c6b260f8587ab60e0d55356318658eb54cff1a03b8d2dd6dcad73158c1ef47de

Request headers

Referer
https://audit.tdsgroup.org/
Origin
https://audit.tdsgroup.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:24:46 GMT
age
135
x-guploader-uploadid
ADPycduBcnAbaygn2TweCT6Vs_9Hu6PnwHWW-mN88-wamxiHxwgU8Zd17g9JL60_6aIPUuYZYcIB9d_ArGtGp-RUk44BI1THdEP6
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2132
last-modified
Thu, 07 Jul 2022 11:57:33 GMT
server
UploadServer
etag
"c839a05d54d2312fbf79088ce61e09c1"
x-goog-hash
crc32c=rIHY4Q==, md5=yDmgXVTSMS+/eQiM5h4JwQ==
x-goog-generation
1657195053177871
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
2132
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 07 Jul 2022 16:24:46 GMT
create_session
services.msgsndr.com/attribution_service/user_session_v3/ 		105 B
121 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://services.msgsndr.com/attribution_service/user_session_v3/create_session
Requested by
Host: msgsndr.com
URL: https://msgsndr.com/js/user_session.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.115.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.115.98.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
fbfa93cfadb749b5c52323b0cf756b41808a4d5f2f2485e57de44c7e5e4245ae

Request headers

Referer
https://audit.tdsgroup.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 07 Jul 2022 15:27:01 GMT
via
1.1 google
etag
W/"69-VGWbmrK8G1fqoTcKYXnMb/+wV6c"
x-powered-by
Express
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105
create_session
services.msgsndr.com/attribution_service/user_session_v3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.msgsndr.com/attribution_service/user_session_v3/create_session
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.115.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.115.98.34.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://audit.tdsgroup.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 07 Jul 2022 15:27:01 GMT
vary
Access-Control-Request-Headers
via
1.1 google
x-powered-by
Express
p-41fe6408.js
widgets.leadconnectorhq.com/chat-widget/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.leadconnectorhq.com/chat-widget/p-41fe6408.js
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1fa29bec614ba590e3e5eb93b83cea07dcadf9ac3bb304bb059c8c123e57832d

Request headers

Referer
https://widgets.leadconnectorhq.com/chat-widget/chat-widget.esm.js
Origin
https://audit.tdsgroup.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:50:59 GMT
age
2162
x-guploader-uploadid
ADPycdu9IaNDdODeUYse6LX3gd556sO3u4QB6VoGcIDQQ9DGJjAIjQ18tQdHaDhIpGROcy5-X4xXjWvynjHbz9epDozNTEiYHAKB
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9184
last-modified
Thu, 07 Jul 2022 11:57:32 GMT
server
UploadServer
etag
"2419853392b26296f49c22610567e747"
x-goog-hash
crc32c=d72PWQ==, md5=JBmFM5KyYpb0nCJhBWfnRw==
x-goog-generation
1640338333887910
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
9184
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 07 Jul 2022 15:50:59 GMT
p-8a60f1ba.entry.js
widgets.leadconnectorhq.com/chat-widget/ 		47 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.leadconnectorhq.com/chat-widget/p-8a60f1ba.entry.js
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
33d9f2c16efae0aef9be84df023a85686e0b1336aa3946aef9a97fd8087cd461

Request headers

Referer
https://audit.tdsgroup.org/
Origin
https://audit.tdsgroup.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:24:47 GMT
age
134
x-guploader-uploadid
ADPycdvau2GHDStyZ6T0uISk7t_LGma4UiayE28IZjPiBtWJW2x1eBiYyV3W1sxOa1ElpDyEIb_F5BMHDKbaC5bCs1d3Ms5LwkD9
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47756
last-modified
Thu, 07 Jul 2022 11:57:30 GMT
server
UploadServer
etag
"7782c0f808173d2f62bc6fcf9641f3a0"
x-goog-hash
crc32c=SNZUlg==, md5=d4LA+AgXPS9ivG/PlkHzoA==
x-goog-generation
1657195050850435
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
47756
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 07 Jul 2022 16:24:47 GMT
/
services.msgsndr.com/funnels/funnel/geo-location/ 		61 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.msgsndr.com/funnels/funnel/geo-location/
Requested by
Host: cdn.msgsndr.com
URL: https://cdn.msgsndr.com/_preview/55b8c6f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.115.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.115.98.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
b662616313d1910db222f7c85c9184958d099b873639e2907885d42303429564

Request headers

Accept
application/json, text/plain, */*
Referer
https://audit.tdsgroup.org/
version
2021-04-15
accept-language
de-DE,de;q=0.9
channel
APP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
source
WEB_USER

Response headers

date
Thu, 07 Jul 2022 15:27:01 GMT
via
1.1 google
etag
W/"3d-adFae8laSl+/JZRH9wPu8d303DE"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61
/
services.msgsndr.com/funnels/funnel/geo-location/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.msgsndr.com/funnels/funnel/geo-location/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.115.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.115.98.34.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
channel,source,version
Access-Control-Request-Method
GET
Origin
https://audit.tdsgroup.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
channel,source,version
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 07 Jul 2022 15:27:01 GMT
vary
Access-Control-Request-Headers
via
1.1 google
x-powered-by
Express
/
services.leadconnectorhq.com/funnels/funnel/geo-location/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.leadconnectorhq.com/funnels/funnel/geo-location/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.211.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
235.211.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://audit.tdsgroup.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 07 Jul 2022 15:27:01 GMT
vary
Access-Control-Request-Headers
via
1.1 google
x-powered-by
Express
intlTelInput.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b024339fe00039664fe9d06d5b49f9c7790fd3c0a49fe69b44f77360e71483ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://audit.tdsgroup.org/
Origin
https://audit.tdsgroup.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2483973
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8967
timing-allow-origin
*
last-modified
Sat, 13 Feb 2021 20:29:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"602836ba-7351"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rc0mECoKseWFWFceHDIpXXUnOAaK5WMh8nMPIubKZE%2F6mUnegMxjn5XvgaOCYMy%2BN1xGb2Tqe2RQF5bNQCTXP57Y67tTYACGLf1exuxn5BDggIU%2FVFfZc2IqYNnsnZZV10tkVJLY00D4szOlxeAMIw6b"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72719a11fa12694b-FRA
expires
Tue, 27 Jun 2023 15:27:01 GMT
/
services.leadconnectorhq.com/funnels/funnel/geo-location/ 		61 B
77 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://services.leadconnectorhq.com/funnels/funnel/geo-location/
Requested by
Host: widgets.leadconnectorhq.com
URL: https://widgets.leadconnectorhq.com/chat-widget/p-8a60f1ba.entry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.211.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
235.211.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
109e1c990e17f0fcbd14c21698e18f45a161d4f3aa72f1c1b075588b308c8ea7

Request headers

Referer
https://audit.tdsgroup.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 07 Jul 2022 15:27:01 GMT
via
1.1 google
etag
W/"3d-hUiE05Cf5i5XyYOS5Zwv6NRCiRo"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61
js
www.googletagmanager.com/gtag/ 		195 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1X0XQRMB4F
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ff0bea81dc90dad92b4222440330022e8af479ee957539e3f6a4bf9b1fcad145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://audit.tdsgroup.org/
Origin
https://audit.tdsgroup.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:27:01 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://audit.tdsgroup.org
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70540
x-xss-protection
0
expires
Thu, 07 Jul 2022 15:27:01 GMT
user-session.js
msgsndr.com/cors/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msgsndr.com/cors/js/user-session.js
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
2fddb0152b7827669035a54fcc3b4bf03c675b80fa6ec0ec48478e581db914de

Request headers

Referer
https://audit.tdsgroup.org/
Origin
https://audit.tdsgroup.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 15:27:01 GMT
content-encoding
gzip
etag
W/"1db3-49773873e8"
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cloud-trace-context
da28882d26ac39aab246095f466b4aef
cache-control
public, max-age=0
content-length
3109
defaultAvatar.png
widgets.leadconnectorhq.com/chat-widget/assets/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.leadconnectorhq.com/chat-widget/assets/defaultAvatar.png
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz%40duke.edu&phone&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.153.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7dd356ea0186893d86d20762e397c6ad8ddc4ea755082a0cace9f25cf366636a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 14:42:36 GMT
age
2665
x-guploader-uploadid
ADPycds5scQkKM8yleim5zGacxN6rKcyFsR4G-06cv4lye7IwlZoTR6JKfWmALxRJ4nbGbEhYeI6Ou7hTNsHAwPmar3u3OgdSoUr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22365
last-modified
Thu, 07 Jul 2022 11:57:34 GMT
server
UploadServer
etag
"e62177578d9be824c3f05d1b97de8de1"
x-goog-hash
crc32c=RIy0CQ==, md5=5iF3V42b6CTD8F0bl96N4Q==
x-goog-generation
1655961031845641
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Range, Content-Range, X-From-Cache
cache-control
public, max-age=3600
x-goog-stored-content-length
22365
accept-ranges
bytes
content-type
image/png
expires
Thu, 07 Jul 2022 15:42:36 GMT
collect
region1.google-analytics.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1X0XQRMB4F&gtm=2oe6t0&_p=209196051&_z=ccd.v9B&cid=717816135.1657207622&ul=en-us&sr=1600x1200&_s=1&sid=1657207621&sct=1&seg=0&dl=https%3A%2F%2Faudit.tdsgroup.org%2Faudit-report-mn542401%3Ffirst_name%3DZachary%26last_name%3DHorowitz%26email%3Dzachary.horowitz%2540duke.edu%26phone%26sessionId%3D389c108c-f8d1-4e78-a57e-6b7b996a576d%26trigger_link%3D9fqUamRZ4ihPRkJ1hv6B&dt=Audit%20Support%20and%20Request&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X0XQRMB4F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://audit.tdsgroup.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 15:27:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://audit.tdsgroup.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m-outer-6262077c14f753400d607dc30e70f1af.html
js.stripe.com/v3/ Frame 2D7D 		240 B
550 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://audit.tdsgroup.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2320875
cache-control
max-age=31536000
content-encoding
br
content-length
139
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 07 Jul 2022 15:27:03 GMT
etag
"6262077c14f753400d607dc30e70f1af"
last-modified
Fri, 10 Jun 2022 18:43:47 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
888336
x-content-type-options
nosniff
x-request-id
30553dc0-8167-4667-83e8-88f82c38796f
x-served-by
cache-hhn4035-HHN
csp-report
q.stripe.com/ Frame 2D7D 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 07 Jul 2022 15:27:03 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js
js.stripe.com/v3/fingerprinted/js/ Frame 2D7D 		1 KB
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
4
x-cache
HIT
content-length
670
etag
"77711798ecf99b8bb8207cf88a10d73c"
x-request-id
a8edd64e-2c64-449e-9445-f24e9c3c0f19
x-served-by
cache-hhn4035-HHN
access-control-allow-origin
*
last-modified
Tue, 05 Jul 2022 18:57:31 GMT
server
Fastly
date
Thu, 07 Jul 2022 15:27:03 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
11
inner.html
m.stripe.network/ Frame 188E 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-60.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
280
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 07 Jul 2022 15:22:24 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-amz-cf-id
JbNJywF9nyt_mp0SPl7SYsbw-FbJLWF_jWHDbaIIMsQxa8Kc1w0u1Q==
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 188E 		0
344 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: audit.tdsgroup.org
URL: https://audit.tdsgroup.org/audit-report-mn542401?first_name=Zachary&last_name=Horowitz&email=zachary.horowitz@duke.edu&phone=&sessionId=389c108c-f8d1-4e78-a57e-6b7b996a576d&trigger_link=9fqUamRZ4ihPRkJ1hv6B
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 07 Jul 2022 15:27:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
out-4.5.42.js
m.stripe.network/ Frame 188E 		86 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-60.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
age
54
date
Thu, 07 Jul 2022 15:26:09 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
mlxvpEL8R6UkjYp6opxhKW_QZIuKroB-UkFpaOUGo7WAzsX-H4sRZA==
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
6
m.stripe.com/ Frame 188E 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.222.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-222-104.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f7911ee726ebff2b533a27bf4f7a1a72f37b80d52f3e40aa9814eaeb5d3f3b8f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 07 Jul 2022 15:27:04 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| userSessionAttribution object| __NUXT__ object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| core function| vueRecaptchaApiLoaded object| $nuxt object| intlTelInputUtils object| libphonenumber function| __sc_import_chat_widget object| intlTelInputGlobals function| intlTelInput object| leadConnector object| google_tag_manager object| dataLayer function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal object| __webpackStripeJSv3Jsonp function| Stripe

6 Cookies

Domain/Path Name / Value
audit.tdsgroup.org/ Name: msgsndr_id
Value: a53c1d0b-5ae1-445b-97c8-930b64204bb3
.tdsgroup.org/ Name: _ga_1X0XQRMB4F
Value: GS1.1.1657207621.1.0.1657207621.0
.tdsgroup.org/ Name: _ga
Value: GA1.1.717816135.1657207622
m.stripe.com/ Name: m
Value: 030f5f51-10bf-4d94-bdab-44ea7ba68f173526b7
.audit.tdsgroup.org/ Name: __stripe_mid
Value: d0f0456f-5f9d-4886-b20e-42fe2830bd1c3c993f
.audit.tdsgroup.org/ Name: __stripe_sid
Value: 64680151-00e8-415b-8930-366b51c84b10ae71d8

1 Console Messages

Source Level URL
Text
javascript warning URL: https://widgets.leadconnectorhq.com/chat-widget/p-41fe6408.js
Message:
@import rules are not allowed here. See https://github.com/WICG/construct-stylesheets/issues/119#issuecomment-588352418.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.cdn.msgsndr.com
audit.tdsgroup.org
cdn.msgsndr.com
cdnjs.cloudflare.com
email.ghl.tdsbenefits.org
fonts.googleapis.com
fonts.gstatic.com
go.fhri.org
js.stripe.com
m.stripe.com
m.stripe.network
msgsndr.com
q.stripe.com
region1.google-analytics.com
services.leadconnectorhq.com
services.msgsndr.com
storage.googleapis.com
tdsgroup.org
unpkg.com
use.fontawesome.com
widgets.leadconnectorhq.com
www.googletagmanager.com
151.101.64.176
2001:4860:4802:32::15
2001:4860:4802:32::36
2606:4700:3032::ac43:a9f7
2606:4700::6810:7baf
2606:4700::6811:180e
2a00:1450:4001:800::2010
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2008
34.120.211.235
34.223.162.87
34.68.234.4
34.70.111.192
34.98.115.9
35.244.153.18
52.222.236.60
52.42.222.104
54.186.23.98
72.52.161.88
07e7f2a69fafc41fa34c044cb78d6c53968b2888b51c9bc4cf84f17de0ad7d6d
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
0f998b9d3dfbe04d867513b6e094f2227f32d81e96a811572f6b546f3baafc06
109e1c990e17f0fcbd14c21698e18f45a161d4f3aa72f1c1b075588b308c8ea7
1fa29bec614ba590e3e5eb93b83cea07dcadf9ac3bb304bb059c8c123e57832d
1fdfe783d479074b30e95e5d1b2f0a0d5b4477f3875886b7111fae088cc89471
27c5835babdb6a17a9a94ee906b9c0f5300309e5afb8e5433ca1836ac9520788
2f68fb77d030449cb77ba3838658d2f9aecdd74f4e7da82028557945e378b33b
2fddb0152b7827669035a54fcc3b4bf03c675b80fa6ec0ec48478e581db914de
33d9f2c16efae0aef9be84df023a85686e0b1336aa3946aef9a97fd8087cd461
38730695109284b3838c96c783da6226904ef5813073c80bacad991637e3f973
40be34b828e28a6e711efb10cb00aab537ef9de74abb3864acd2fa59665f6fbf
414d60a57f90e56dbdf6c32c98b5aec7eaa0a9e8b63806bc4ea7113f67ca11af
601305b6e50c64276d10dce02f13ce2f91636cec20ee0b2cb9cb37d56a36fd16
6059a87884e7db39975946c64af86ac76c36fcfcd1dc1744cfe6ef88c0cc2159
7dd356ea0186893d86d20762e397c6ad8ddc4ea755082a0cace9f25cf366636a
8050570a09ac21328a1ec663c23002d727f5022cbbb42acb950020382cfff4f9
80cb1bf451faf21b7bfb5cc96b6eb88a35ef4c9a2d5498839fe3828167ee68e9
8aef4defbc01eccd0a2989dcbd2af9d4470c3312a0941e1ddba3f7bbca2ae393
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9368c25576edd4e4251a217697bdd72e555ad15dc9294faca6de60a90a21e055
a4803373f048228fe14afb4d10322231306d47d11f2b708e9a71f6a6df1c3c36
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aa13d5ca6d93bb9b20b755a492d8ff6561cb3f58e0753933bbd79b5b3c4f122d
aa84758531ea58fbe55ed3b381669d16b75afd8bb915e91c0c32dd4a2d0dbc7f
b024339fe00039664fe9d06d5b49f9c7790fd3c0a49fe69b44f77360e71483ef
b1959fb878410ed82aa1e5fbf57f1d98d1e77906a65cd63a4f916ac6706a389f
b662616313d1910db222f7c85c9184958d099b873639e2907885d42303429564
c1f6dbb101582a78b3422fd62cf5d2df0543bb40e98b6c944296410ec6f61f5b
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845
c6b260f8587ab60e0d55356318658eb54cff1a03b8d2dd6dcad73158c1ef47de
c89181942c69b68aaa88eccc2e90d8c69fea99d93b36db6d857303a3197ef9c2
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
d4d61d0459c82657aea51e71b1c2313cbf973a63897881f8edff4e0aa54e7260
de80514682adf174be8455d232de1e35e6f1803450018bd0c1b8d68192839688
e2bcaa68f0a7810ee95b5a352a707a941602cec2a5f1fde91e6cd1e8ee5326f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecfe112e6522210d01d17810fb655a09dba60466a11ffc2cb22e0358ab5cc402
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f7911ee726ebff2b533a27bf4f7a1a72f37b80d52f3e40aa9814eaeb5d3f3b8f
fbfa93cfadb749b5c52323b0cf756b41808a4d5f2f2485e57de44c7e5e4245ae
ff0bea81dc90dad92b4222440330022e8af479ee957539e3f6a4bf9b1fcad145