mysite.safelink.staging.airfind.com Open in urlscan Pro
198.199.92.49 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mysite.safelink.staging.airfind.com/
Submission: On March 30 via automatic, source certstream-suspicious (March 30th 2020, 7:15:23 am UTC)

Summary HTTP 54 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 54 HTTP transactions. The main IP is 198.199.92.49, located in San Francisco, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is mysite.safelink.staging.airfind.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 30th 2020. Valid for: 3 months.

This is the only time mysite.safelink.staging.airfind.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	198.199.92.49 198.199.92.49	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
13	23.111.11.113 23.111.11.113	33438 (HIGHWINDS2) (HIGHWINDS2)
5	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
3	147.75.32.99 147.75.32.99	54825 (PACKET) (PACKET)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
6	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
11	95.101.184.26 95.101.184.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
54	12

3 198.199.92.49 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

mysite.safelink.staging.airfind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.staging.airfind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.111.11.113 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

cdn.airfind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.32.99 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress12

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 95.101.184.26 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-184-26.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	airfind.com mysite.safelink.staging.airfind.com cdn.airfind.com api.staging.airfind.com	146 KB
11	media.net contextual.media.net lg3.media.net	415 KB
6	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	11 KB
6	doubleclick.net securepubads.g.doubleclick.net	91 KB
4	googletagservices.com www.googletagservices.com	97 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	72 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
54	10

	Domain	Requested by
13	cdn.airfind.com	mysite.safelink.staging.airfind.com securepubads.g.doubleclick.net cdn.airfind.com
10	contextual.media.net	securepubads.g.doubleclick.net mysite.safelink.staging.airfind.com contextual.media.net
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net mysite.safelink.staging.airfind.com
4	www.googletagservices.com	mysite.safelink.staging.airfind.com securepubads.g.doubleclick.net
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	fonts.gstatic.com	securepubads.g.doubleclick.net mysite.safelink.staging.airfind.com
2	www.google-analytics.com	mysite.safelink.staging.airfind.com www.google-analytics.com
2	mysite.safelink.staging.airfind.com	mysite.safelink.staging.airfind.com
1	lg3.media.net
1	api.staging.airfind.com
1	vars.hotjar.com	static.hotjar.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	mysite.safelink.staging.airfind.com
54	16

This site contains links to these domains. Also see Links.

Domain
mysites.safelink.com
dsweb.safelink.com
www.safelink.com
play.google.com

Subject Issuer	Validity	Valid
mysite.safelink.staging.airfind.com Let's Encrypt Authority X3	`2020-01-30` - `2020-04-29`	3 months	crt.sh
cdn.airfind.com Let's Encrypt Authority X3	`2020-03-13` - `2020-06-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
api.staging.airfind.com Let's Encrypt Authority X3	`2020-03-04` - `2020-06-02`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://mysite.safelink.staging.airfind.com/
Frame ID: 54095FDE5D6129EA961F905EC7FAE3A9
Requests: 37 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: CD7365E10BDBF4D4C65351CC738F079E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6Q6jAZ8C1ZcikiBv4jyD2XcZtEsS7LXo5pjzRsZr6LkEGdW1jO9n098ujI8F0fNarJ7mkFLK57ev5byTHjtGIcOWZcKMGBpfTm0D9g6bP91_v4Ddw18Gv7CKC6gSkKgtWrw0BjMxYRLPFm_ta0dALCroj9pfmcnCZ2fFt9xYqPRZBBqUAL66uCKRaBGzln_5moFWqV6lK4RaXRzsDSYs8aJLg2M6hnlZ_MHMKD_yjm-JldeJ1YaKZcK0Z1Hw_nzEdxKWgS1BpOqRwQmPdy50h6Et66UrBkrDp5B8yJRKinkOWZ6BHPQ&sai=AMfl-YTgR2yfdWedZEu_WzLx5Mo4zLOP4fLHdilSRbjsb1lCoO9xnsOSiUGA_s5nICl99OOhSw4ZTF41qCGi8ilSeVyqVucc3X3RihXQmLuTVQ&sig=Cg0ArKJSzNleQSfhEOUzEAE&urlfix=1&adurl=
Frame ID: 34F57C71D811800D03FA7AA5F65C4817
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/fcmdynet.js?&gdpr=1&cid=8CU38B48Y&cpcd=C9PzVk8aMXSvBhC79bYySw%3D%3D&crid=522808538&size=300x250&cc=GB&chnm=mysites.safelink.comFeaturephoneBottomBannerSearch&https=1&vif=1&requrl=https%3A%2F%2Fmysite.safelink.staging.airfind.com%2F&vi=1585552506226577012&lw=1&ugd=4&nb=1
Frame ID: DF2FC6E64CEE9DA2DDE53C6FEBBDCEE3
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/mediamain.html?&cid=8CU38B48Y&cpcd=C9PzVk8aMXSvBhC79bYySw%3D%3D&crid=522808538&pid=8PO39M0FG&size=300x250&cpnet=yVb1sHm-0KKoFeunLBVJxQKRKb181XczuQKEYN8V5yc%3D&cme=eEtcsJgYJO1jFFuG_phxILm1bGJRzeTIpvEWkvsidcQCD6AysYmBKjAMFnksBPXTz9MqTw_4CtxAxutsa5thm_jifb2WsfkZfJ4cLMbCZudrTryNjjlPiSTBqkcmWUseMp3awexrSo0%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7CjjOxSydaJ7kGPNLYpkAG7ahKdSk1XYgTDZ1QYswcjv0on_6xgEHN7EIRTvZT0NlQL2Ff40SYaDiNlZQqKfpI8g%3D%3D%7CN7fu2vKt8_s%3D%7CYdjFvixrVaESUUqaGXJqc_wuF_xIINYtd6wYrz4pvAl83usFO5vF22WbVR9xB93vCFn8vA_c-8215VfA-SH1yd28MqmQBmnR%7CsRBSg3CPSiQ%3D%7C&https=1&cc=GB&bf=0&staticIframe=1&vif=1&vi=1585552506226577012&lw=1&ugd=4&ib=0&bid=270774&nb=1
Frame ID: CB57773412916AD9CDDB9500B8FC8278
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 125DC399E3B081E06AF895C5F1C42BCF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvg57WQ6MUQlvXcIB4eiFnI770sQq5iV9UEygi6k2DVra5bX86i2KiEuMyqUxivGuo0KysyYJVTznT3gjohSY2LYCHIxaEE8mwNQLZKk8IAndE47abxpJ8qWGfGNByy-JzD54AIgCBSrG1t8jw4RKzSOd9WwPKYrAdR4SMDahcZzgxcgM8FiNTYYUMApZTUIQkeYIBbyJhfrxyaEDcO4e_ns9Kevty-_No00T2z6C-2ZnQWJUfM4IgZr076rCzIKXZBa7XkZ9WJHJLxxzgzkgGCMb2qR7gAWAaJGbcKGjBDiVhw41eXDw&sig=Cg0ArKJSzDhS4EMwQi8TEAE&urlfix=1&adurl=
Frame ID: 2566DA39E09E1F2A227C6A740ED97B90
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/fcmdynet.js?&gdpr=1&cid=8CU38B48Y&cpcd=C9PzVk8aMXSvBhC79bYySw%3D%3D&crid=522808538&size=300x250&cc=GB&chnm=mysites.safelink.comFeaturephoneBottomBannerSearch&https=1&vif=1&requrl=https%3A%2F%2Fmysite.safelink.staging.airfind.com%2F&vi=1585552507385355525&lw=1&ugd=4&nb=1
Frame ID: 424789FEDF891DB2CBCE9B79F337DDF2
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/mediamain.html?&cid=8CU38B48Y&cpcd=C9PzVk8aMXSvBhC79bYySw%3D%3D&crid=522808538&pid=8PO39M0FG&size=300x250&cpnet=yVb1sHm-0KKoFeunLBVJxQKRKb181XczuQKEYN8V5yc%3D&cme=eEtcsJgYJO1jFFuG_phxILm1bGJRzeTIpvEWkvsidcQCD6AysYmBKjAMFnksBPXTz9MqTw_4CtxAxutsa5thm_jifb2WsfkZfJ4cLMbCZudrTryNjjlPiSTBqkcmWUseMp3awexrSo0%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7CjjOxSydaJ7kGPNLYpkAG7ahKdSk1XYgTDZ1QYswcjv0on_6xgEHN7EIRTvZT0NlQL2Ff40SYaDiNlZQqKfpI8g%3D%3D%7CN7fu2vKt8_s%3D%7CYdjFvixrVaESUUqaGXJqc_wuF_xIINYtd6wYrz4pvAl83usFO5vF22WbVR9xB93vCFn8vA_c-8215VfA-SH1yd28MqmQBmnR%7CsRBSg3CPSiQ%3D%7C&https=1&cc=GB&bf=0&staticIframe=1&vif=1&vi=1585552507385355525&lw=1&ugd=4&ib=0&bid=270774&nb=1
Frame ID: F10527640FCA3C58219D963A08EB83BA
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/nrrV44171.js
Frame ID: 525AE34F21A07732FDE76EDFB1AFFB27
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Page Statistics

54
Requests

98 %
HTTPS

55 %
IPv6

10
Domains

16
Subdomains

12
IPs

4
Countries

898 kB
Transfer

2627 kB
Size

12
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://mysites.safelink.com/lifeline
Title: My Lifeline Programs

Search URL Search Domain Scan URL

URL: https://dsweb.safelink.com/611611/help/
Title: 611611 Helpline

Search URL Search Domain Scan URL

URL: https://www.safelink.com/wps/portal/home/retailers
Title: Store Locator

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.safelinkwireless.app
Title:

Search URL Search Domain Scan URL

URL: https://www.safelink.com/wps/portal/home/h/tandc
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.safelink.com/wps/portal/home/h/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mysite.safelink.staging.airfind.com/ 74 KB
34 KB 934ms
274ms Document
text/html 198.199.92.49
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mysite.safelink.staging.airfind.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.199.92.49 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 / Express
Resource Hash: 0753db5b416666ab41de87c4732efa68b3f1c7f05679343b5542bc60b1a9f676

Request headers

:method: GET
:authority: mysite.safelink.staging.airfind.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
server: nginx/1.10.3
date: Mon, 30 Mar 2020 07:15:05 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type
set-cookie: visitorId=b161ebe3-6a52-4d72-a4a2-958a8d465773; Max-Age=157680000; Path=/; Expires=Sat, 29 Mar 2025 07:15:05 GMT Feature Phone v1-variantNo=126; Max-Age=31536000; Path=/; Expires=Tue, 30 Mar 2021 07:15:05 GMT Feature Phone v1-testDate=2020-02-01T19%3A27%3A00Z; Max-Age=31536000; Path=/; Expires=Tue, 30 Mar 2021 07:15:05 GMT Feature Phone v1-testVersion=1; Max-Age=31536000; Path=/; Expires=Tue, 30 Mar 2021 07:15:05 GMT connect.sid=s%3AzGZ5nGx7wTbfrkrYSG_VgHCPfjqoTUyr.RpRIqNdmzwFNVuZNjCFk1ujc8TZwGcwuFR4AQhAQHX4; Path=/; HttpOnly
content-encoding: gzip

GET
H2 200 owl.carousel.css
cdn.airfind.com/staging/genericportal/public/css/components/ 5 KB
1 KB 360ms
296ms Stylesheet
text/css 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.airfind.com/staging/genericportal/public/css/components/owl.carousel.css?cb=c9a1aec
Requested by: Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.113 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 30 Mar 2020 07:15:05 GMT
content-encoding: gzip
last-modified: Thu, 21 Sep 2017 12:13:31 GMT
server: NetDNA-cache/2.2
etag: W/"1206-559b20544d0c0"
vary: Accept-Encoding
x-cache: MISS
content-type: text/css
status: 200
cache-control: max-age=1200
expires: Mon, 30 Mar 2020 07:35:05 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 44 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a16417ac3b2b7344334ddcd7ab738e98b083671b5b4f33985dad681b5cde4b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 07:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "471 / 457 of 1000 / last-modified: 1585413544"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
expires: Mon, 30 Mar 2020 07:15:05 GMT

GET
H2 200 home.css
cdn.airfind.com/staging/genericportal/public/css/fp1/pages/ 46 KB
9 KB 484ms
419ms Stylesheet
text/css 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.airfind.com/staging/genericportal/public/css/fp1/pages/home.css?cb=c9a1aec
Requested by: Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.113 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2f1fd1da005a99507ce44a6f651372bbfdb631d344ec42b49890fefc3ef6e9ce

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 30 Mar 2020 07:15:05 GMT
content-encoding: gzip
last-modified: Wed, 29 Jan 2020 16:37:29 GMT
server: NetDNA-cache/2.2
etag: W/"b853-59d49f4d00440"
vary: Accept-Encoding
x-cache: MISS
content-type: text/css
status: 200
cache-control: max-age=1200
expires: Mon, 30 Mar 2020 07:35:05 GMT

GET
H2 200 hotjar-285355.js Show response
static.hotjar.com/c/ 5 KB
2 KB 77ms
25ms Script
application/javascript 147.75.32.99
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-285355.js?sv=5

Requested by

Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.32.99 Amsterdam, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress12

Software

Resource Hash

796d152c6adbc394520bc81689225a2323622060a82c15b214a6363f0495e719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 07:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 3
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 1890
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/0792e2fe3df8931e1edb73a4ae7f1d27
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.082
accept-ranges: bytes
section-io-id: 371da3b36e4cc73c7f583109c458d340
section-origin-responded: true

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 2493
date: Mon, 30 Mar 2020 06:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Mon, 30 Mar 2020 08:33:32 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
935 B 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 06:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1171
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Mon, 30 Mar 2020 07:55:34 GMT

GET
H2 200 modules.17c97750a9d093b794df.js Show response
script.hotjar.com/ 366 KB
69 KB 76ms
27ms Script
application/javascript 147.75.32.99
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.17c97750a9d093b794df.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-285355.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.32.99 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress12
Software: /
Resource Hash: 0f9b6f33f064f378e7f390a41dd5f22adecbc56a8d40c6e219a086f5f4ef1f16

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 07:15:05 GMT
content-encoding: br
content-type: application/javascript
age: 331180
status: 200
section-io-cache: Hit
content-length: 70645
last-modified: Thu, 26 Mar 2020 11:12:31 GMT
etag: "3a5a4807e54283bcadc4388cb084ad93"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.022
accept-ranges: bytes
section-io-id: c5dee3d04eb6633167cecd24ad14d360
section-origin-responded: true

GET
H2 200 warn-icon.png
mysite.safelink.staging.airfind.com/fp1/ 306 B
583 B 228ms
228ms Image
image/png 198.199.92.49
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysite.safelink.staging.airfind.com/fp1/warn-icon.png
Requested by: Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.199.92.49 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 / Express
Resource Hash: 91e37b74c2e405969030cdcb452d71b80acc29a048c1acddf5bbed6fdeca6c82

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 07:15:05 GMT
last-modified: Fri, 23 Aug 2019 11:31:19 GMT
server: nginx/1.10.3
x-powered-by: Express
etag: W/"132-16cbe3ec31b"
status: 200
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 306

GET
H2 200 my-lifeline-icon.png
cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/ 2 KB
3 KB 289ms
289ms Image
image/png 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/my-lifeline-icon.png
Requested by: Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.113 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: d358e37a60b55c4362e2aeeeab1897fa6b359d77379482a1b681c3469dced861

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 07:15:06 GMT
last-modified: Wed, 29 Jan 2020 14:01:45 GMT
server: NetDNA-cache/2.2
etag: "9e6-59d47c7dde440"
x-cache: MISS
content-type: image/png
status: 200
cache-control: max-age=1200
accept-ranges: bytes
content-length: 2534
expires: Mon, 30 Mar 2020 07:35:05 GMT

GET
H2 200 arrow-right.svg
cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/ 1 KB
734 B 303ms
301ms Image
image/svg+xml 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/arrow-right.svg
Requested by: Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.113 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: afb985da7ca4f4bc4b9799f2beb8225b1714e6ba3126c74685e88dff1ef0437d

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 07:15:06 GMT
content-encoding: gzip
last-modified: Wed, 29 Jan 2020 14:01:45 GMT
server: NetDNA-cache/2.2
etag: W/"447-59d47c7dde440"
x-cache: MISS
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
expires: Tue, 30 Mar 2021 07:15:06 GMT

GET
H2 200 customer-care-icon.png
cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/ 6 KB
6 KB 285ms
284ms Image
image/png 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/customer-care-icon.png
Requested by: Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.113 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9a848ab6178a60b4aa9ba5e8892630f29472441be241b749363139160f5600a7

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 07:15:06 GMT
last-modified: Wed, 29 Jan 2020 14:01:45 GMT
server: NetDNA-cache/2.2
etag: "183e-59d47c7dde440"
x-cache: MISS
content-type: image/png
status: 200
cache-control: max-age=1200
accept-ranges: bytes
content-length: 6206
expires: Mon, 30 Mar 2020 07:35:06 GMT

GET
H2 200 helpline-icon.png
cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/ 6 KB
6 KB 283ms
282ms Image
image/png 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/helpline-icon.png
Requested by: Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.113 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: fe40d0caf210d666c6811f843f70f4e23a4a886c5ba510411ae6db089c919cc4

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 07:15:06 GMT
last-modified: Wed, 29 Jan 2020 14:01:45 GMT
server: NetDNA-cache/2.2
etag: "1622-59d47c7dde440"
x-cache: MISS
content-type: image/png
status: 200
cache-control: max-age=1200
accept-ranges: bytes
content-length: 5666
expires: Mon, 30 Mar 2020 07:35:06 GMT

GET
H2 200 store-locator-icon.png
cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/ 11 KB
11 KB 300ms
299ms Image
image/png 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/store-locator-icon.png
Requested by: Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.113 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 3ca413ecbd0f2a491f1425d95dd4f636b249052dc8c42322ce475ae328815dd6

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 07:15:06 GMT
last-modified: Wed, 29 Jan 2020 14:01:45 GMT
server: NetDNA-cache/2.2
etag: "2cf1-59d47c7dde440"
x-cache: MISS
content-type: image/png
status: 200
cache-control: max-age=1200
accept-ranges: bytes
content-length: 11505
expires: Mon, 30 Mar 2020 07:35:06 GMT

GET
H2 200 TRHC-SL-Mobile-App-icon.png
cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/ 4 KB
4 KB 286ms
286ms Image
image/png 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/TRHC-SL-Mobile-App-icon.png
Requested by: Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.113 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1ae13b5ad45349a0671caf735640f0b7321d68769c1051ab3190c5b35e23735a

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 07:15:06 GMT
last-modified: Fri, 14 Feb 2020 16:38:40 GMT
server: NetDNA-cache/2.2
etag: "104a-59e8bd6816400"
x-cache: MISS
content-type: image/png
status: 200
cache-control: max-age=1200
accept-ranges: bytes
content-length: 4170
expires: Mon, 30 Mar 2020 07:35:06 GMT

GET
H2 200 recertify-icon.png
cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/ 5 KB
5 KB 302ms
301ms Image
image/png 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airfind.com/staging/genericportal/public/img/mybalance/v2/recertify-icon.png
Requested by: Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.113 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 34a83b04bfbec233945ef6263536d68fc268556ac1b5bd61fbadeb77845dcb19

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 07:15:06 GMT
last-modified: Wed, 29 Jan 2020 14:01:45 GMT
server: NetDNA-cache/2.2
etag: "146b-59d47c7dde440"
x-cache: MISS
content-type: image/png
status: 200
cache-control: max-age=1200
accept-ranges: bytes
content-length: 5227
expires: Mon, 30 Mar 2020 07:35:06 GMT

GET
H2 200 fp1home.min.js Show response
cdn.airfind.com/staging/genericportal/public/js/ 156 KB
61 KB 583ms
583ms Script
text/javascript 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.airfind.com/staging/genericportal/public/js/fp1home.min.js?cb=c9a1aec
Requested by: Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.113 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: be0f8439f9a838e22020d5c17ef60c7ed88fbb058f26709215553a1e8364060f

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 07:15:06 GMT
content-encoding: gzip
last-modified: Mon, 10 Feb 2020 10:47:01 GMT
server: NetDNA-cache/2.2
etag: W/"26e99-59e36758ab340"
vary: Accept-Encoding
x-cache: MISS
content-type: text/javascript
status: 200
cache-control: max-age=1200
expires: Mon, 30 Mar 2020 07:35:06 GMT

GET
DATA 200
OK truncated
/ 356 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4e513f096e2aa98c4c8ea0adef7c5855fcd2b77ef5fea307667a966a938cac5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mysite.safelink.staging.airfind.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 07:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mysite.safelink.staging.airfind.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 07:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020032402.js Show response
securepubads.g.doubleclick.net/gpt/ 169 KB
62 KB 166ms
60ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032402.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

feb14be8312e2c7acd21e27f60522ef04853fbad024ada722c7f1d13827346b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 07:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 17:33:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 63311
x-xss-protection: 0
expires: Mon, 30 Mar 2020 07:15:06 GMT

GET
DATA 200
OK truncated
/ 21 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c43e5a58f06c9a55cf35ec48ade82d5a27f740b2310e2901663806ad7ff284b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bing-logo.svg
cdn.airfind.com/tracfone/public/img/search/ 530 B
572 B 16ms
16ms Image
image/svg+xml 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airfind.com/tracfone/public/img/search/bing-logo.svg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032402.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.113 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 7cda5ecc7f131c0951400f9ea3aa3100cdcc8ec06cb41b97d79ae273ab898ecc

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 07:15:06 GMT
content-encoding: gzip
last-modified: Wed, 30 May 2018 21:08:13 GMT
server: NetDNA-cache/2.2
etag: W/"212-56d72bfac6940"
x-cache: HIT
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
expires: Wed, 24 Mar 2021 17:08:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v19/ 15 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.airfind.com/staging/genericportal/public/css/fp1/pages/home.css?cb=c9a1aec
Origin: https://mysite.safelink.staging.airfind.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Mar 2020 08:22:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:46 GMT
server: sffe
age: 1810351
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15816
x-xss-protection: 0
expires: Tue, 09 Mar 2021 08:22:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v19/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.airfind.com/staging/genericportal/public/css/fp1/pages/home.css?cb=c9a1aec
Origin: https://mysite.safelink.staging.airfind.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 13:05:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:12:01 GMT
server: sffe
age: 151801
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15736
x-xss-protection: 0
expires: Sun, 28 Mar 2021 13:05:05 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 102ms
101ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1159179153617719&correlator=1309203394948895&output=ldjh&impl=fif&adsid=NT&eid=21065779&vrg=2020032402&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200330&iu_parts=118791925%2CTracfone_Home_News_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x50&fluid=height&prev_scp=client%3D40284%26segment%3DSL%26variant%3D126%26browserTabStatus%3Dforeground&cookie_enabled=1&bc=31&abxe=1&lmt=1585552506&dt=1585552506235&dlt=1585552505581&idt=605&frm=20&biw=1600&bih=1200&oid=3&adxs=650&adys=208&adks=2123961035&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmysite.safelink.staging.airfind.com%2F&dssz=22&icsg=170&std=0&csl=157&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1200&msz=1600x250&ga_vid=369043163.1585552506&ga_sid=1585552506&ga_hid=833909058&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

fa40f8b1863b75fb0244fe697686f32f0f05bfe5bea0ba042c66529bc8e927dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
Origin: https://mysite.safelink.staging.airfind.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Mar 2020 07:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2289
x-xss-protection: 0
google-lineitem-id: 5191880593
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138289998819
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mysite.safelink.staging.airfind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020032402.js Show response
securepubads.g.doubleclick.net/gpt/ 66 KB
24 KB 61ms
61ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032402.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

ec5b87f6263dcf0a25b7ef96abcda061918f067ae802b41a920f9ef2bd1a5c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 07:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 17:33:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 24590
x-xss-protection: 0
expires: Mon, 30 Mar 2020 07:15:06 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032402.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 owfont-regular.min.css
cdn.airfind.com/staging/core/public/bower_components/owfont/css/ 6 KB
2 KB 298ms
298ms Stylesheet
text/css 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.airfind.com/staging/core/public/bower_components/owfont/css/owfont-regular.min.css?cb=c9a1aec
Requested by: Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.113 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: c2b27d8ff9aaea2f76265988c7663472dec9e7483f07ef0ffab11dee104ef2f8

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 30 Mar 2020 07:15:06 GMT
content-encoding: gzip
last-modified: Thu, 21 Sep 2017 12:13:29 GMT
server: NetDNA-cache/2.2
etag: W/"1917-559b205264c40"
vary: Accept-Encoding
x-cache: MISS
content-type: text/css
status: 200
cache-control: max-age=1200
expires: Mon, 30 Mar 2020 07:35:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v19/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.airfind.com/staging/genericportal/public/css/fp1/pages/home.css?cb=c9a1aec
Origin: https://mysite.safelink.staging.airfind.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Mar 2020 12:19:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:12 GMT
server: sffe
age: 1796162
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15872
x-xss-protection: 0
expires: Tue, 09 Mar 2021 12:19:04 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame CD73 0
0 70ms
23ms Document
text/html 147.75.32.99
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-285355.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.32.99 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress12
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://mysite.safelink.staging.airfind.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://mysite.safelink.staging.airfind.com/

Response headers

status: 200
date: Mon, 30 Mar 2020 07:15:06 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 25 Mar 2020 15:18:29 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.093
section-origin-responded: true
age: 353270
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 6e938f68e65dab85d5bb9293da53a156

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 34F5 0
0 64ms
63ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6Q6jAZ8C1ZcikiBv4jyD2XcZtEsS7LXo5pjzRsZr6LkEGdW1jO9n098ujI8F0fNarJ7mkFLK57ev5byTHjtGIcOWZcKMGBpfTm0D9g6bP91_v4Ddw18Gv7CKC6gSkKgtWrw0BjMxYRLPFm_ta0dALCroj9pfmcnCZ2fFt9xYqPRZBBqUAL66uCKRaBGzln_5moFWqV6lK4RaXRzsDSYs8aJLg2M6hnlZ_MHMKD_yjm-JldeJ1YaKZcK0Z1Hw_nzEdxKWgS1BpOqRwQmPdy50h6Et66UrBkrDp5B8yJRKinkOWZ6BHPQ&sai=AMfl-YTgR2yfdWedZEu_WzLx5Mo4zLOP4fLHdilSRbjsb1lCoO9xnsOSiUGA_s5nICl99OOhSw4ZTF41qCGi8ilSeVyqVucc3X3RihXQmLuTVQ&sig=Cg0ArKJSzNleQSfhEOUzEAE&urlfix=1&adurl=

Requested by

Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Mon, 30 Mar 2020 07:15:06 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 30 Mar 2020 07:15:06 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ Frame 34F5 394 KB
128 KB 134ms
66ms Script
text/javascript 95.101.184.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU38B48Y

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032402.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.184.26 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a95-101-184-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ad5baf41b373aeb53d4524529a2a29287331f72ba86730a331c85c655c6b3d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-mnt-h: 8-18
content-encoding: gzip
server: Apache
date: Mon, 30 Mar 2020 07:15:06 GMT
x-mnt-w: 8-10
vary: Accept-Encoding
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
status: 200
cache-control: max-age=2400
strict-transport-security: max-age=604800
content-type: text/javascript; charset=utf-8
expires: Mon, 30 Mar 2020 07:55:06 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34F5 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e576f25f810ffe36e011b2bcaac420631d9e51515cc6c610adf360af39aa72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 07:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585308637081045"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28226
x-xss-protection: 0
expires: Mon, 30 Mar 2020 07:15:06 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a323f4957960c6c1cf494dc3b52e1e38a97a152bedf3b9a78df4d6b60c9d00b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 07:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585308637081045"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27959
x-xss-protection: 0
expires: Mon, 30 Mar 2020 07:15:06 GMT

GET
DATA 200
OK truncated
/ Frame 34F5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5039eaeaed61ef3b7d6939333b5926bf212040ac8f235e3ea94f9ada20f3bfc8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 fcmdynet.js Show response
contextual.media.net/ Frame DF2F 41 KB
15 KB 258ms
257ms Script
text/javascript 95.101.184.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/fcmdynet.js?&gdpr=1&cid=8CU38B48Y&cpcd=C9PzVk8aMXSvBhC79bYySw%3D%3D&crid=522808538&size=300x250&cc=GB&chnm=mysites.safelink.comFeaturephoneBottomBannerSearch&https=1&vif=1&requrl=https%3A%2F%2Fmysite.safelink.staging.airfind.com%2F&vi=1585552506226577012&lw=1&ugd=4&nb=1

Requested by

Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.184.26 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a95-101-184-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c310a0817baddceba96cb65473deeafdb9a9d7f483241fee6fd8ee4ae2579725

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 8-3
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: max-age=300
date: Mon, 30 Mar 2020 07:15:06 GMT
x-mnt-w: 8-12
content-length: 15194
expires: Mon, 30 Mar 2020 07:20:06 GMT

GET
H2 200 google-analytics-scroll-tracker.min.js Show response
cdn.airfind.com/staging/genericportal/public/js/ 2 KB
1 KB 280ms
280ms Script
text/javascript 23.111.11.113
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.airfind.com/staging/genericportal/public/js/google-analytics-scroll-tracker.min.js?cb=c9a1aec
Requested by: Host: cdn.airfind.com
URL: https://cdn.airfind.com/staging/genericportal/public/js/fp1home.min.js?cb=c9a1aec
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.113 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 887b4b7ed1abfb122d3769955396215b0cfb9d726ebb022803515fc5c0d3fe47

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 07:15:06 GMT
content-encoding: gzip
last-modified: Mon, 10 Feb 2020 10:47:01 GMT
server: NetDNA-cache/2.2
etag: W/"878-59e36758ab340"
vary: Accept-Encoding
x-cache: MISS
content-type: text/javascript
status: 200
cache-control: max-age=1200
expires: Mon, 30 Mar 2020 07:35:06 GMT

GET
H2 200 nrrV44171.js Show response
contextual.media.net/ Frame DF2F 85 KB
27 KB 38ms
37ms Script
text/javascript 95.101.184.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nrrV44171.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/fcmdynet.js?&gdpr=1&cid=8CU38B48Y&cpcd=C9PzVk8aMXSvBhC79bYySw%3D%3D&crid=522808538&size=300x250&cc=GB&chnm=mysites.safelink.comFeaturephoneBottomBannerSearch&https=1&vif=1&requrl=https%3A%2F%2Fmysite.safelink.staging.airfind.com%2F&vi=1585552506226577012&lw=1&ugd=4&nb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.184.26 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a95-101-184-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e366531d1646da9790c96bfec728b47bb34c3f1d38cb579b272152644e5ae71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Mon, 30 Mar 2020 07:15:06 GMT
vary: Accept-Encoding
x-mnet-h: 8-14
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=1209600
content-length: 27596
expires: Mon, 13 Apr 2020 07:15:06 GMT

GET mediamain.html
contextual.media.net/ Frame CB57 0
0

GET
H2 200 hmmaster.js Show response
contextual.media.net/ Frame DF2F 43 KB
13 KB 41ms
39ms Script
text/html 95.101.184.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/hmmaster.js?cid=8CU38B48Y&p=cm&v=3.1.3&https=1&hm=1&sm=1&alt=1&adt=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.184.26 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a95-101-184-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f65f18e3738f775f0f576095fe9930638ad532696b03c1666e339f7562954506

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Mon, 30 Mar 2020 07:15:06 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=1800
content-length: 12645
expires: Mon, 30 Mar 2020 07:45:06 GMT

GET
H2 200 v1
api.staging.airfind.com/stats/pageviews/ 48 B
402 B 1216ms
697ms Image
image/gif 198.199.92.49
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.staging.airfind.com/stats/pageviews/v1?clientId=40284&brand=SL&path=%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.199.92.49 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Mar 2020 07:15:07 GMT
server: nginx/1.10.3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/gif
status: 200
cache-control: private, no-cache, proxy-revalidate, max-age=0
content-disposition: inline
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 35

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 19ms
18ms XHR
application/json 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020032402&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d2680cf3179b962ac43930ee17ab1e88591b84f1fca103d0931fc09e01330b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
Origin: https://mysite.safelink.staging.airfind.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Mar 2020 07:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5198
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 07:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Mon, 30 Mar 2020 07:15:07 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 125D 0
0 13ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://mysite.safelink.staging.airfind.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://mysite.safelink.staging.airfind.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Mon, 30 Mar 2020 06:55:45 GMT
expires: Tue, 30 Mar 2021 06:55:45 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1162
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 95ms
95ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1159179153617719&correlator=1379545383369663&output=ldjh&impl=fif&adsid=NT&eid=21065779%2C21064500&vrg=2020032402&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200330&iu_parts=118791925%2CTracfone_Home_News_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x50&fluid=height&rcs=1&prev_scp=client%3D40284%26segment%3DSL%26variant%3D126%26browserTabStatus%3Dforeground&eri=1&cookie=ID%3D843a439f459ec2c4%3AT%3D1585552506%3AS%3DALNI_MbpyMAOVx_FQH4KA6BT1LjPj7RL9g&cookie_enabled=1&bc=31&abxe=1&lmt=1585552507&dt=1585552507248&dlt=1585552505581&idt=605&frm=20&biw=1600&bih=1200&oid=3&adxs=650&adys=208&adks=2123961035&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmysite.safelink.staging.airfind.com%2F&dssz=33&icsg=2622120&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1200&msz=1600x250&ga_vid=369043163.1585552506&ga_sid=1585552506&ga_hid=833909058&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

7791852d165619bd14b675133e424bf860f6ed076aaaa48782942d01bc6a9292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
Origin: https://mysite.safelink.staging.airfind.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Mar 2020 07:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2133
x-xss-protection: 0
google-lineitem-id: 5191880593
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138289998819
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mysite.safelink.staging.airfind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
65 B 15ms
15ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020032402&jk=1159179153617719&bg=!paalpr5YaYXqcCzdYXMCAAAASFIAAAALmQFvHhJaX37mx7TaKDRUpVch4b_FUMNdiDlIiQ978EwwosasXS5uXltIJY80TQw8Jy0eCoSG6fJRqvxyp9RFTO9pT6-pyIKrOZWBdyw2iyg8yp_4GZdA2P3fJNKD1JYeamlrDtV4xQXF-B7Txbty9btHTbmy7hU05SeIaOatNBjZbhRenA5cKDLVJxDUwZ_WpZeP6Ot82kMnLxsJxssW7nPWhV5zTF5KwonszWPtzbRItki7lTfKuHVpNakDDV4-jNlPDuvT-vbpqurbvkKB2nXXIvmo2oLPjfWlWxqOCs2Ko7S3Aij2Q99qeBK_ABIfibO9FftSKfFrbiOux-s8B4DnsqiXdPSw8mQswkzBAvvwlsv4eWEdzoHMPvr1iUZzlZ32NJI1I_ocbs8kPDAqR0GoiTEJF-7z1TDoeAOjLBR8-KBFg2IAxPk2MVMQp0mL_G4Qxp1CgOUmKkxeTBrp-ys3FdWRWVkbROfGLr6tOG47Kw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 30 Mar 2020 07:15:07 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2566 0
0 66ms
64ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvg57WQ6MUQlvXcIB4eiFnI770sQq5iV9UEygi6k2DVra5bX86i2KiEuMyqUxivGuo0KysyYJVTznT3gjohSY2LYCHIxaEE8mwNQLZKk8IAndE47abxpJ8qWGfGNByy-JzD54AIgCBSrG1t8jw4RKzSOd9WwPKYrAdR4SMDahcZzgxcgM8FiNTYYUMApZTUIQkeYIBbyJhfrxyaEDcO4e_ns9Kevty-_No00T2z6C-2ZnQWJUfM4IgZr076rCzIKXZBa7XkZ9WJHJLxxzgzkgGCMb2qR7gAWAaJGbcKGjBDiVhw41eXDw&sig=Cg0ArKJSzDhS4EMwQi8TEAE&urlfix=1&adurl=

Requested by

Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Mon, 30 Mar 2020 07:15:07 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dmedianet.js Show response
contextual.media.net/ Frame 2566 394 KB
128 KB 74ms
72ms Script
text/javascript 95.101.184.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU38B48Y

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032402.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.184.26 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a95-101-184-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

861c9ce14ff3b8cb15a90abc5e4e01dc0ee097ee3b956c7d3c8c0ac52d827637

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-mnt-h: 8-18
content-encoding: gzip
server: Apache
date: Mon, 30 Mar 2020 07:15:07 GMT
x-mnt-w: 8-10
vary: Accept-Encoding
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
status: 200
cache-control: max-age=2400
strict-transport-security: max-age=604800
content-type: text/javascript; charset=utf-8
expires: Mon, 30 Mar 2020 07:55:07 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2566 74 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e576f25f810ffe36e011b2bcaac420631d9e51515cc6c610adf360af39aa72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 07:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585308637081045"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28226
x-xss-protection: 0
expires: Mon, 30 Mar 2020 07:15:07 GMT

GET
DATA 200
OK truncated
/ Frame 2566 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53b7ee1333c1e2269c7673367390073c6dad27fb829ebcbdf0d31cc7af0e6f82

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 fcmdynet.js Show response
contextual.media.net/ Frame 4247 41 KB
15 KB 43ms
42ms Script
text/javascript 95.101.184.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.184.26 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a95-101-184-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f5a7fae6fbba26ef54b93f8959c2400f005663236a9187ea4409695fb566ed6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 8-3
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: max-age=300
date: Mon, 30 Mar 2020 07:15:07 GMT
x-mnt-w: 8-12
content-length: 15199
expires: Mon, 30 Mar 2020 07:20:07 GMT

GET
H2 200 nrrV44171.js Show response
contextual.media.net/ Frame 4247 85 KB
27 KB 42ms
42ms Script
text/javascript 95.101.184.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nrrV44171.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.184.26 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a95-101-184-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e366531d1646da9790c96bfec728b47bb34c3f1d38cb579b272152644e5ae71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Mon, 30 Mar 2020 07:15:07 GMT
vary: Accept-Encoding
x-mnet-h: 8-14
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=1209600
content-length: 27596
expires: Mon, 13 Apr 2020 07:15:07 GMT

GET
H2 200 mediamain.html Show response
contextual.media.net/ Frame F105 68 KB
22 KB 49ms
48ms Script
text/javascript 95.101.184.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/mediamain.html?&cid=8CU38B48Y&cpcd=C9PzVk8aMXSvBhC79bYySw%3D%3D&crid=522808538&pid=8PO39M0FG&size=300x250&cpnet=yVb1sHm-0KKoFeunLBVJxQKRKb181XczuQKEYN8V5yc%3D&cme=eEtcsJgYJO1jFFuG_phxILm1bGJRzeTIpvEWkvsidcQCD6AysYmBKjAMFnksBPXTz9MqTw_4CtxAxutsa5thm_jifb2WsfkZfJ4cLMbCZudrTryNjjlPiSTBqkcmWUseMp3awexrSo0%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7CjjOxSydaJ7kGPNLYpkAG7ahKdSk1XYgTDZ1QYswcjv0on_6xgEHN7EIRTvZT0NlQL2Ff40SYaDiNlZQqKfpI8g%3D%3D%7CN7fu2vKt8_s%3D%7CYdjFvixrVaESUUqaGXJqc_wuF_xIINYtd6wYrz4pvAl83usFO5vF22WbVR9xB93vCFn8vA_c-8215VfA-SH1yd28MqmQBmnR%7CsRBSg3CPSiQ%3D%7C&https=1&cc=GB&bf=0&staticIframe=1&vif=1&vi=1585552507385355525&lw=1&ugd=4&ib=0&bid=270774&nb=1

Requested by

Host: mysite.safelink.staging.airfind.com
URL: https://mysite.safelink.staging.airfind.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.184.26 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a95-101-184-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e1e4d00211dc52e3560ac59ce2ca50a63a3eecbb57fa26c5a13293943bbf3596

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Mon, 30 Mar 2020 07:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
x-mnt-hl3: 8-21
cache-control: max-age=300
x-mnt-w: 8-31
content-length: 21979
expires: Mon, 30 Mar 2020 07:20:07 GMT

GET
H2 200 hmmaster.js Show response
contextual.media.net/ Frame 4247 43 KB
13 KB 43ms
43ms Script
text/html 95.101.184.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/hmmaster.js?cid=8CU38B48Y&p=cm&v=3.1.3&https=1&hm=1&sm=1&alt=1&adt=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.184.26 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a95-101-184-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f65f18e3738f775f0f576095fe9930638ad532696b03c1666e339f7562954506

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Mon, 30 Mar 2020 07:15:07 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=1800
content-length: 12645
expires: Mon, 30 Mar 2020 07:45:07 GMT

GET
H2 200 nrrV44171.js Show response
contextual.media.net/ Frame 525A 85 KB
27 KB 281ms
281ms Script
text/javascript 95.101.184.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nrrV44171.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.184.26 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a95-101-184-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e366531d1646da9790c96bfec728b47bb34c3f1d38cb579b272152644e5ae71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Mon, 30 Mar 2020 07:15:07 GMT
vary: Accept-Encoding
x-mnet-h: 8-14
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=1209600
content-length: 27596
expires: Mon, 13 Apr 2020 07:15:07 GMT

GET
DATA 200
OK truncated
/ Frame 525A 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 525A 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e9a9ba24042f2effe58a5d585f70a7bc4b917e60ddcb9a780ad03817a78381f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 525A 999 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2d6da97c49f62460890eb1f23f5d22db3355f62776241956a8cf20191068f88

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bqi.php
lg3.media.net/ Frame 2566 15 B
15 B 32ms
31ms Image
text/javascript 95.101.184.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg3.media.net/bqi.php?lf=3&&gdpr=1&prid=7PRFT79UO&vi=1585552507385355525&cid=8CU38B48Y&crid=522808538&ugd=4&cc=GB&sc=EN&requrl=https%3A%2F%2Fmysite.safelink.staging.airfind.com%23mnetcrid%3D522808538%23&pid=8PO39M0FG&hvsid=00001585552507535013650355205813&cme=eEtcsJgYJO1jFFuG_phxILm1bGJRzeTIpvEWkvsidcQCD6AysYmBKjAMFnksBPXTz9MqTw_4CtxAxutsa5thm_jifb2WsfkZfJ4cLMbCZudrTryNjjlPiSTBqkcmWUseMp3awexrSo0%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7CjjOxSydaJ7kGPNLYpkAG7ahKdSk1XYgTDZ1QYswcjv0on_6xgEHN7EIRTvZT0NlQL2Ff40SYaDiNlZQqKfpI8g%3D%3D%7CN7fu2vKt8_s%3D%7CYdjFvixrVaESUUqaGXJqc_wuF_xIINYtd6wYrz4pvAl83usFO5vF22WbVR9xB93vCFn8vA_c-8215VfA-SH1yd28MqmQBmnR%7CsRBSg3CPSiQ%3D%7C&abpl=2&l2wsip=2886781043&l2ch=1&dytm=1585552507602&rtbsd=6&vgd_isiolc=1&vgd_uspa=0&vgd_hbReqId=T1585496142C8S19U984&l3d=%7B%7D&infr=1&kbbq=%26sde%3D1%26adepth%3D2%26ddepth%3D2&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D2%7C%40%7Cddepth%3D2%7C%40%7Cfsap%3D0&vgd_sc=EN&verid=3121199&upk=1585552508.7518&sttm=1585552507535&l1ch=1&startTime=1585552507530
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.184.26 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-184-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 30 Mar 2020 07:15:08 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Mon, 30 Mar 2020 07:15:08 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2566 42 B
117 B 26ms
26ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNBa8W89uIT-J_Txit9jOwdvabJUFOoELnWEqNIy2uFo8bQ6-mkDTOVbxp87AKHLmv051_6iNJdA0fufOj32yPxK9G9HkbOGTbY5cgAMM&sig=Cg0ArKJSzMqUM6WZOpfAEAE&adk=2123961035&tt=-1&bs=1600%2C1200&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&p=208,650,458,950&mcvt=1022&rs=0&ht=0&tfs=126&tls=1148&mc=1&lte=0&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1585552507385&dlt&rpt=69&isd=0&msd=0&ext&xdi=0&ps=1600%2C1200&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-8-11-11-0-0-0&tvt=1142&is=300%2C250&iframe_loc=https%3A%2F%2Fmysite.safelink.staging.airfind.com%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysite.safelink.staging.airfind.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 30 Mar 2020 07:15:08 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: contextual.media.net
URL: https://contextual.media.net/mediamain.html?&cid=8CU38B48Y&cpcd=C9PzVk8aMXSvBhC79bYySw%3D%3D&crid=522808538&pid=8PO39M0FG&size=300x250&cpnet=yVb1sHm-0KKoFeunLBVJxQKRKb181XczuQKEYN8V5yc%3D&cme=eEtcsJgYJO1jFFuG_phxILm1bGJRzeTIpvEWkvsidcQCD6AysYmBKjAMFnksBPXTz9MqTw_4CtxAxutsa5thm_jifb2WsfkZfJ4cLMbCZudrTryNjjlPiSTBqkcmWUseMp3awexrSo0%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7CjjOxSydaJ7kGPNLYpkAG7ahKdSk1XYgTDZ1QYswcjv0on_6xgEHN7EIRTvZT0NlQL2Ff40SYaDiNlZQqKfpI8g%3D%3D%7CN7fu2vKt8_s%3D%7CYdjFvixrVaESUUqaGXJqc_wuF_xIINYtd6wYrz4pvAl83usFO5vF22WbVR9xB93vCFn8vA_c-8215VfA-SH1yd28MqmQBmnR%7CsRBSg3CPSiQ%3D%7C&https=1&cc=GB&bf=0&staticIframe=1&vif=1&vi=1585552506226577012&lw=1&ugd=4&ib=0&bid=270774&nb=1

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mysite.safelink.staging.airfind.com/	1970-01-19 17:11:28	Name: mdn Value:
mysite.safelink.staging.airfind.com/	1970-01-19 17:11:28	Name: Feature Phone v1-testVersion Value: 1
.airfind.com/	1970-01-19 16:58:30	Name: _hjid Value: b6585417-0de5-499e-ba20-a91736dca7cb
mysite.safelink.staging.airfind.com/	1970-01-19 08:25:54	Name: session_depth Value: mysite.safelink.staging.airfind.com%3D1%7C522808538%3D1
mysite.safelink.staging.airfind.com/	1969-12-31 23:59:59	Name: connect.sid Value: s%3AzGZ5nGx7wTbfrkrYSG_VgHCPfjqoTUyr.RpRIqNdmzwFNVuZNjCFk1ujc8TZwGcwuFR4AQhAQHX4
.airfind.com/	1970-01-20 01:57:04	Name: __gads Value: ID=843a439f459ec2c4:T=1585552506:S=ALNI_MbpyMAOVx_FQH4KA6BT1LjPj7RL9g
.airfind.com/	1970-01-20 01:57:04	Name: _ga Value: GA1.2.369043163.1585552506
mysite.safelink.staging.airfind.com/	1970-01-19 17:11:28	Name: balanceData Value:
mysite.safelink.staging.airfind.com/	1970-01-21 04:13:52	Name: visitorId Value: b161ebe3-6a52-4d72-a4a2-958a8d465773
mysite.safelink.staging.airfind.com/	1970-01-19 17:11:28	Name: Feature Phone v1-testDate Value: 2020-02-01T19%3A27%3A00Z
.airfind.com/	1970-01-19 08:27:18	Name: _gid Value: GA1.2.88106436.1585552506
mysite.safelink.staging.airfind.com/	1970-01-19 17:11:28	Name: Feature Phone v1-variantNo Value: 126

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.staging.airfind.com
cdn.airfind.com
contextual.media.net
fonts.gstatic.com
lg3.media.net
mysite.safelink.staging.airfind.com
pagead2.googlesyndication.com
script.hotjar.com
securepubads.g.doubleclick.net
static.hotjar.com
tpc.googlesyndication.com
vars.hotjar.com
www.google-analytics.com
www.googletagservices.com
contextual.media.net
147.75.32.99
172.217.18.98
198.199.92.49
23.111.11.113
2a00:1450:4001:800::2002
2a00:1450:4001:808::2001
2a00:1450:4001:814::2003
2a00:1450:4001:817::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::200e
95.101.184.26
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0753db5b416666ab41de87c4732efa68b3f1c7f05679343b5542bc60b1a9f676
0f9b6f33f064f378e7f390a41dd5f22adecbc56a8d40c6e219a086f5f4ef1f16
1ae13b5ad45349a0671caf735640f0b7321d68769c1051ab3190c5b35e23735a
1e9a9ba24042f2effe58a5d585f70a7bc4b917e60ddcb9a780ad03817a78381f
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2e576f25f810ffe36e011b2bcaac420631d9e51515cc6c610adf360af39aa72f
2f1fd1da005a99507ce44a6f651372bbfdb631d344ec42b49890fefc3ef6e9ce
34a83b04bfbec233945ef6263536d68fc268556ac1b5bd61fbadeb77845dcb19
3ca413ecbd0f2a491f1425d95dd4f636b249052dc8c42322ce475ae328815dd6
47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
5039eaeaed61ef3b7d6939333b5926bf212040ac8f235e3ea94f9ada20f3bfc8
53b7ee1333c1e2269c7673367390073c6dad27fb829ebcbdf0d31cc7af0e6f82
6d2680cf3179b962ac43930ee17ab1e88591b84f1fca103d0931fc09e01330b1
7791852d165619bd14b675133e424bf860f6ed076aaaa48782942d01bc6a9292
796d152c6adbc394520bc81689225a2323622060a82c15b214a6363f0495e719
7cda5ecc7f131c0951400f9ea3aa3100cdcc8ec06cb41b97d79ae273ab898ecc
861c9ce14ff3b8cb15a90abc5e4e01dc0ee097ee3b956c7d3c8c0ac52d827637
887b4b7ed1abfb122d3769955396215b0cfb9d726ebb022803515fc5c0d3fe47
91e37b74c2e405969030cdcb452d71b80acc29a048c1acddf5bbed6fdeca6c82
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9a848ab6178a60b4aa9ba5e8892630f29472441be241b749363139160f5600a7
9c43e5a58f06c9a55cf35ec48ade82d5a27f740b2310e2901663806ad7ff284b
a16417ac3b2b7344334ddcd7ab738e98b083671b5b4f33985dad681b5cde4b72
a323f4957960c6c1cf494dc3b52e1e38a97a152bedf3b9a78df4d6b60c9d00b6
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a4e513f096e2aa98c4c8ea0adef7c5855fcd2b77ef5fea307667a966a938cac5
ad5baf41b373aeb53d4524529a2a29287331f72ba86730a331c85c655c6b3d89
afb985da7ca4f4bc4b9799f2beb8225b1714e6ba3126c74685e88dff1ef0437d
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
be0f8439f9a838e22020d5c17ef60c7ed88fbb058f26709215553a1e8364060f
c2b27d8ff9aaea2f76265988c7663472dec9e7483f07ef0ffab11dee104ef2f8
c310a0817baddceba96cb65473deeafdb9a9d7f483241fee6fd8ee4ae2579725
d358e37a60b55c4362e2aeeeab1897fa6b359d77379482a1b681c3469dced861
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e1e4d00211dc52e3560ac59ce2ca50a63a3eecbb57fa26c5a13293943bbf3596
e366531d1646da9790c96bfec728b47bb34c3f1d38cb579b272152644e5ae71b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec5b87f6263dcf0a25b7ef96abcda061918f067ae802b41a920f9ef2bd1a5c07
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d6da97c49f62460890eb1f23f5d22db3355f62776241956a8cf20191068f88
f5a7fae6fbba26ef54b93f8959c2400f005663236a9187ea4409695fb566ed6c
f65f18e3738f775f0f576095fe9930638ad532696b03c1666e339f7562954506
fa40f8b1863b75fb0244fe697686f32f0f05bfe5bea0ba042c66529bc8e927dc
fe40d0caf210d666c6811f843f70f4e23a4a886c5ba510411ae6db089c919cc4
feb14be8312e2c7acd21e27f60522ef04853fbad024ada722c7f1d13827346b1

mysite.safelink.staging.airfind.com Open in urlscan Pro 198.199.92.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

54 Requests

98 %HTTPS

55 %IPv6

10 Domains

16 Subdomains

12 IPs

4 Countries

898 kBTransfer

2627 kBSize

12 Cookies

6 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mysite.safelink.staging.airfind.com Open in urlscan Pro
198.199.92.49 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

98 %
HTTPS

55 %
IPv6

10
Domains

16
Subdomains

12
IPs

4
Countries

898 kB
Transfer

2627 kB
Size

12
Cookies

54 HTTP transactions
7 data transactions