office365-securetransfer.serveuser.com Open in urlscan Pro
165.232.141.33 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://office365-securetransfer.serveuser.com/
Submission: On June 02 via api (June 2nd 2023, 9:22:44 am UTC) from US — Scanned from US

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 2 countries across 16 domains to perform 62 HTTP transactions. The main IP is 165.232.141.33, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is office365-securetransfer.serveuser.com.

This is the only time office365-securetransfer.serveuser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	165.232.141.33 165.232.141.33	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
4	2607:f8b0:402... 2607:f8b0:4020:804::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:807::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:806::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
1 1	34.194.116.96 34.194.116.96	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:21d... 2600:9000:21dd:4600:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:26b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.54.69.74 23.54.69.74	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:202... 2600:9000:202c:ca00:4:1957:6500:93a1	16509 (AMAZON-02) (AMAZON-02)
6	54.86.8.109 54.86.8.109	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:402... 2607:f8b0:4020:805::200e	15169 (GOOGLE) (GOOGLE)
2	70.42.32.223 70.42.32.223	13789 (INTERNAP-...) (INTERNAP-BLK3)
2	54.210.26.4 54.210.26.4	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.125.43 108.138.125.43	16509 (AMAZON-02) (AMAZON-02)
1	34.227.181.128 34.227.181.128	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	52.4.12.52 52.4.12.52	14618 (AMAZON-AES) (AMAZON-AES)
1	75.101.228.218 75.101.228.218	14618 (AMAZON-AES) (AMAZON-AES)
62	22

15 165.232.141.33 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: medicarecoverage.io

office365-securetransfer.serveuser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:804::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::200a (Flushing, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.116.96 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-116-96.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21dd:4600:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.54.69.74 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-69-74.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:202c:ca00:4:1957:6500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-js.ringba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.86.8.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-8-109.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.210.26.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-26-4.compute-1.amazonaws.com

display.ringba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.125.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-125-43.jfk50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.227.181.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-181-128.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.4.12.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-12-52.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.101.228.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-228-218.compute-1.amazonaws.com

info.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	serveuser.com office365-securetransfer.serveuser.com	523 KB
8	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 24495 cdn.trustedform.com — Cisco Umbrella Rank: 29417	42 KB
7	leadid.com create.leadid.com — Cisco Umbrella Rank: 14721 info.leadid.com — Cisco Umbrella Rank: 56385	4 KB
5	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 379 fonts.googleapis.com — Cisco Umbrella Rank: 66	185 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 367	88 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	377 B
3	ringba.com b-js.ringba.com — Cisco Umbrella Rank: 218906 display.ringba.com — Cisco Umbrella Rank: 167487	15 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	134 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3029 tr.outbrain.com — Cisco Umbrella Rank: 2794	8 KB
3	gstatic.com fonts.gstatic.com	23 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	239 B
2	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 26077	79 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	141 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 15922	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	2 KB
62	16

	Domain	Requested by
15	office365-securetransfer.serveuser.com	office365-securetransfer.serveuser.com cdn.trustedform.com
6	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
6	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
4	maps.googleapis.com	office365-securetransfer.serveuser.com maps.googleapis.com
4	cdn.jsdelivr.net	office365-securetransfer.serveuser.com
3	www.google-analytics.com	www.googletagmanager.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	office365-securetransfer.serveuser.com
2	display.ringba.com	b-js.ringba.com
2	tr.outbrain.com	amplify.outbrain.com office365-securetransfer.serveuser.com
2	create.lidstatic.com	office365-securetransfer.serveuser.com
2	cdn.trustedform.com	office365-securetransfer.serveuser.com api.trustedform.com
2	www.googletagmanager.com	office365-securetransfer.serveuser.com www.googletagmanager.com
1	info.leadid.com	create.lidstatic.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	b-js.ringba.com	www.googletagmanager.com
1	amplify.outbrain.com	www.googletagmanager.com
1	fonts.googleapis.com	office365-securetransfer.serveuser.com
1	cdnjs.cloudflare.com	office365-securetransfer.serveuser.com
62	21

This site contains no links.

Subject Issuer	Validity	Valid
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-11` - `2023-06-09`	3 months	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-02-23` - `2023-10-19`	8 months	crt.sh
deviceid.trueleadid.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-06`	10 months	crt.sh
*.trustedform.com Amazon RSA 2048 M02	`2023-02-22` - `2023-10-09`	8 months	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh
info.leadid.com Amazon RSA 2048 M02	`2023-02-23` - `2023-10-19`	8 months	crt.sh

This page contains 3 frames:

Primary Page: http://office365-securetransfer.serveuser.com/
Frame ID: EBBA1DAF6ACDCFA4B9A0A370BE073AC2
Requests: 60 HTTP requests in this frame

Frame: http://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=74B36B73-EF26-E2F8-670D-4A92FDF4D252&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=C087065B-A725-013D-3DAD-ABDE1F9C0B15&lac=57A8BA09-86C6-6A42-5157-455C09952706
Frame ID: AFD286A4D91DC8B190F2FB62A3382A76
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=74B36B73-EF26-E2F8-670D-4A92FDF4D252&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=C087065B-A725-013D-3DAD-ABDE1F9C0B15&lac=57A8BA09-86C6-6A42-5157-455C09952706
Frame ID: A79A5F72746E109F39C4299C82846671
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MedicareCoverage

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

62
Requests

61 %
HTTPS

55 %
IPv6

16
Domains

21
Subdomains

22
IPs

2
Countries

1259 kB
Transfer

2922 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

http://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16856977569150.3836442602314962&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16856977569150.3836442602314962&invert_field_sensitivity=false

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
office365-securetransfer.serveuser.com/ 32 KB
8 KB 228ms
77ms Document
text/html 165.232.141.33
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://office365-securetransfer.serveuser.com/
Protocol: HTTP/1.1
Server: 165.232.141.33 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: medicarecoverage.io
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 478403d575a3bdf10711cfc4295becbad90e08057d6e50833e53c68b1da123ec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Jun 2023 09:22:36 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 160 KB
26 KB 94ms
28ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

Requested by

Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 09:22:36 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1194144
x-jsd-version: 5.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26333
x-served-by: cache-fra-eddf8230037-FRA, cache-chi-klot8100102-CHI
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK style.css
office365-securetransfer.serveuser.com/css/ 32 KB
32 KB 77ms
77ms Stylesheet
text/css 165.232.141.33
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://office365-securetransfer.serveuser.com/css/style.css
Requested by: Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/
Protocol: HTTP/1.1
Server: 165.232.141.33 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: medicarecoverage.io
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 979ce5f113fa4631ed79702b14003c2845ae8950a24286de635352a96503ddaa

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:36 GMT
Last-Modified: Wed, 09 Feb 2022 19:01:50 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62040f9e-7f62"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32610

GET
H/1.1 200
OK logo.svg
office365-securetransfer.serveuser.com/images/ 10 KB
10 KB 77ms
76ms Image
image/svg+xml 165.232.141.33
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://office365-securetransfer.serveuser.com/images/logo.svg
Requested by: Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/
Protocol: HTTP/1.1
Server: 165.232.141.33 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: medicarecoverage.io
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f874e372f91c4718049929a8beba0c63510554461c729013dd9780efd3617cc4

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:36 GMT
Last-Modified: Tue, 08 Feb 2022 17:15:46 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6202a542-2729"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10025

GET
H/1.1 200
OK icon-close.svg
office365-securetransfer.serveuser.com/images/ 1 KB
1 KB 234ms
76ms Image
image/svg+xml 165.232.141.33
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://office365-securetransfer.serveuser.com/images/icon-close.svg
Requested by: Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/
Protocol: HTTP/1.1
Server: 165.232.141.33 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: medicarecoverage.io
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d6ca227bf207256e4bbdd3e5e8e04dc9ffecbbad70f3b84aa01cad2224444768

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:37 GMT
Last-Modified: Mon, 07 Feb 2022 15:56:21 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62014125-4b0"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1200

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/ 87 KB
32 KB 29ms
28ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js

Requested by

Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 09:22:36 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6812572
x-jsd-version: 3.5.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32699
x-served-by: cache-fra-eddf8230128-FRA, cache-chi-klot8100102-CHI
x-jsd-version-type: version
etag: W/"15d84-yOHIs4bcW3qRhMdjyI0Zo0brM0I"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 76 KB
24 KB 29ms
28ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 09:22:36 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6812571
x-jsd-version: 5.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24376
x-served-by: cache-fra-eddf8230075-FRA, cache-chi-klot8100145-CHI
x-jsd-version-type: version
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK jquery.countdown.js Show response
office365-securetransfer.serveuser.com/js/ 10 KB
10 KB 77ms
76ms Script
application/javascript 165.232.141.33
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://office365-securetransfer.serveuser.com/js/jquery.countdown.js
Requested by: Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/
Protocol: HTTP/1.1
Server: 165.232.141.33 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: medicarecoverage.io
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6967ee0b8c7461cedca596d41a946e61a474842617a64448b66a6552ec2bd58a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:36 GMT
Last-Modified: Wed, 15 Jun 2022 22:06:00 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62aa57c8-271b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10011

GET
H3 200 jquery-dropdown-datepicker.min.js Show response
cdn.jsdelivr.net/npm/jquery-dropdown-datepicker@1.3.0/dist/ 25 KB
5 KB 32ms
31ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-dropdown-datepicker@1.3.0/dist/jquery-dropdown-datepicker.min.js

Requested by

Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

356661bf7470a5e8400bedf6acdd68282882c48a1d87136f8f758bfe20ed1ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 09:22:36 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4232516
x-jsd-version: 1.3.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5058
x-served-by: cache-fra-eddf8230098-FRA, cache-chi-klot8100145-CHI
x-jsd-version-type: version
etag: W/"62cc-Q9J213c7ROaCsOCBfmwylserktw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 220 KB
70 KB 229ms
111ms Script
text/javascript 2607:f8b0:4020:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyB0kuNi9HL0KIUaRg7lf0RHWsyxP7l8yXw&libraries=places

Requested by

Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

e48174c26f3c2cae1aaac70c985a9eaf51ab01448c70efa68f2d0188b542d95f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 09:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71708
x-xss-protection: 0

GET
H2 200 jquery.easing.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/ 5 KB
2 KB 290ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js

Requested by

Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 09:22:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 224962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1507
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-15b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qaI%2Bno2qp2ktefFIeQZIwq6p3rkkPAkG6iRNGNV%2BE1fXRci0b%2FCYebSfAcysAIwuBBQRJXiivK1AKWzU62NC%2F%2BRQEtmqX8yrSN5MhiW%2FzED88KIbswZJp%2Bdkc1QaBXS0xMUgt2XLUDZqn1hrzs0kd4l3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d0ea2045d201130-ORD
expires: Wed, 22 May 2024 09:22:36 GMT

GET
H/1.1 200
OK main.js Show response
office365-securetransfer.serveuser.com/js/ 13 KB
13 KB 76ms
76ms Script
application/javascript 165.232.141.33
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://office365-securetransfer.serveuser.com/js/main.js?v=2.5
Requested by: Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/
Protocol: HTTP/1.1
Server: 165.232.141.33 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: medicarecoverage.io
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b1c9563195db9f175816517666b22e7f93b9c7c3128f5af2300a53ae5e786b72

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:36 GMT
Last-Modified: Wed, 15 Jun 2022 22:06:00 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62aa57c8-3357"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13143

GET
H2 200 css2
fonts.googleapis.com/ 75 KB
3 KB 171ms
68ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04e755021129f8a4ca167f1b83593a7cfda1506fde65d57fcc205f08f283a5fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Jun 2023 09:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 02 Jun 2023 09:22:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jun 2023 09:22:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 174 KB
62 KB 207ms
91ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVMQBCS

Requested by

Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebd8ed0fa7a20c9b783ab8776505545bfdbd45195efcfbc3cbc3d1f8da71aff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 09:22:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63319
x-xss-protection: 0
last-modified: Fri, 02 Jun 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Jun 2023 09:22:37 GMT

GET
H/1.1 200
OK block-bg-1.svg
office365-securetransfer.serveuser.com/images/ 265 KB
266 KB 285ms
76ms Image
image/svg+xml 165.232.141.33
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://office365-securetransfer.serveuser.com/images/block-bg-1.svg
Requested by: Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/css/style.css
Protocol: HTTP/1.1
Server: 165.232.141.33 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: medicarecoverage.io
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: deb73c89323020e2fbee1b8b12772f8851b866600b357549029664dda62295e9

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:37 GMT
Last-Modified: Mon, 07 Feb 2022 15:56:20 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62014124-425ae"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 271790

GET
H/1.1 200
OK TTFirsNeue-Regular.woff2
office365-securetransfer.serveuser.com/fonts/tt-firt-neue/ 30 KB
30 KB 130ms
79ms Font
application/octet-stream 165.232.141.33
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://office365-securetransfer.serveuser.com/fonts/tt-firt-neue/TTFirsNeue-Regular.woff2
Requested by: Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/css/style.css
Protocol: HTTP/1.1
Server: 165.232.141.33 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: medicarecoverage.io
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8f9353a7ba7d1bfebc599e93f2d53ad94124877adff86c7bc8cdbad2c43c6576

Request headers

Referer: http://office365-securetransfer.serveuser.com/css/style.css
Origin: http://office365-securetransfer.serveuser.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:36 GMT
Last-Modified: Mon, 07 Feb 2022 15:56:19 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62014123-782c"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30764

GET
H/1.1 200
OK TTFirsNeue-Bold.woff2
office365-securetransfer.serveuser.com/fonts/tt-firt-neue/ 30 KB
30 KB 130ms
79ms Font
application/octet-stream 165.232.141.33
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://office365-securetransfer.serveuser.com/fonts/tt-firt-neue/TTFirsNeue-Bold.woff2
Requested by: Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/css/style.css
Protocol: HTTP/1.1
Server: 165.232.141.33 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: medicarecoverage.io
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9cac14b2ccbf842f8a6d50066744663a1e9cd5dc9d75c2e7c2f6e7411969626b

Request headers

Referer: http://office365-securetransfer.serveuser.com/css/style.css
Origin: http://office365-securetransfer.serveuser.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:36 GMT
Last-Modified: Mon, 07 Feb 2022 15:56:16 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62014120-78a4"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30884

GET
H/1.1 200
OK TTFirsNeue-Medium.woff2
office365-securetransfer.serveuser.com/fonts/tt-firt-neue/ 30 KB
31 KB 160ms
84ms Font
application/octet-stream 165.232.141.33
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://office365-securetransfer.serveuser.com/fonts/tt-firt-neue/TTFirsNeue-Medium.woff2
Requested by: Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/css/style.css
Protocol: HTTP/1.1
Server: 165.232.141.33 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: medicarecoverage.io
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 811a0521f7eab473754e0885dcfca5dfc6885209ad56464aeade94c9b6b857f4

Request headers

Referer: http://office365-securetransfer.serveuser.com/css/style.css
Origin: http://office365-securetransfer.serveuser.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:36 GMT
Last-Modified: Mon, 07 Feb 2022 15:56:18 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62014122-798c"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31116

GET
H2 200 pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 7 KB
8 KB 164ms
50ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://office365-securetransfer.serveuser.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 08:10:23 GMT
x-content-type-options: nosniff
age: 90734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7632
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:09:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 May 2024 08:10:23 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 175ms
61ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://office365-securetransfer.serveuser.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 17:08:20 GMT
x-content-type-options: nosniff
age: 490457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 17:08:20 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 168ms
54ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://office365-securetransfer.serveuser.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:29:34 GMT
x-content-type-options: nosniff
age: 96783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 May 2024 06:29:34 GMT

GET
H/1.1 200
OK Gilroy-Medium.woff2
office365-securetransfer.serveuser.com/fonts/Gilroy/ 27 KB
27 KB 159ms
85ms Font
application/octet-stream 165.232.141.33
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://office365-securetransfer.serveuser.com/fonts/Gilroy/Gilroy-Medium.woff2
Requested by: Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/css/style.css
Protocol: HTTP/1.1
Server: 165.232.141.33 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: medicarecoverage.io
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ee68ee26d5447d3db65e70f508cfb5940f00b0bc2a5072283f3b13d583ade782

Request headers

Referer: http://office365-securetransfer.serveuser.com/css/style.css
Origin: http://office365-securetransfer.serveuser.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:36 GMT
Last-Modified: Mon, 07 Feb 2022 15:56:15 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6201411f-6b98"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27544

GET
H/1.1 200
OK Gilroy-Regular.woff2
office365-securetransfer.serveuser.com/fonts/Gilroy/ 26 KB
26 KB 160ms
84ms Font
application/octet-stream 165.232.141.33
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://office365-securetransfer.serveuser.com/fonts/Gilroy/Gilroy-Regular.woff2
Requested by: Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/css/style.css
Protocol: HTTP/1.1
Server: 165.232.141.33 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: medicarecoverage.io
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8e78c2c8c012095c0c6c4cc93ac1162823f6e22f6cdc57cfd19f2c4df9783607

Request headers

Referer: http://office365-securetransfer.serveuser.com/css/style.css
Origin: http://office365-securetransfer.serveuser.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:36 GMT
Last-Modified: Mon, 07 Feb 2022 15:56:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6201411c-6620"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26144

GET
H/1.1 200
OK Gilroy-Bold.woff2
office365-securetransfer.serveuser.com/fonts/Gilroy/ 27 KB
27 KB 160ms
84ms Font
application/octet-stream 165.232.141.33
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://office365-securetransfer.serveuser.com/fonts/Gilroy/Gilroy-Bold.woff2
Requested by: Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/css/style.css
Protocol: HTTP/1.1
Server: 165.232.141.33 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: medicarecoverage.io
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8da03ac3ff1a88867d739227247c8accd8d9fa46b22c937f25fbc2e3e1e812f4

Request headers

Referer: http://office365-securetransfer.serveuser.com/css/style.css
Origin: http://office365-securetransfer.serveuser.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:36 GMT
Last-Modified: Mon, 07 Feb 2022 15:56:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6201411c-6ab0"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27312

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

http://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16856977569150.3836442602314962&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16856977569150.3836442602314962&invert_field_sensitivity=false

7 KB
3 KB

250ms
93ms

Script
application/javascript

2600:9000:21dd:4600:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16856977569150.3836442602314962&invert_field_sensitivity=false
Requested by: Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/
Protocol: H2
Server: 2600:9000:21dd:4600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d95166940395c50be562fe538c85311002d62b83da8f68a8500be092f4bf98fd

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 09:22:38 GMT
x-amz-version-id: 3_b23spJZawDo2DonqGySoPkWa3Umuag
content-encoding: gzip
last-modified: Fri, 12 May 2023 16:55:50 GMT
server: AmazonS3
via: 1.1 ee623581f95aa65c7c8707871d87b790.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
etag: W/"88ddf717f635b54023edd7480431e1d1"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: Iwc9giG84T9b2_NGsp2KrZPs1VFHBawc1_7iv3YD2AYuYoeMUXtcBQ==

Redirect headers

Location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16856977569150.3836442602314962&invert_field_sensitivity=false
Date: Fri, 02 Jun 2023 09:22:37 GMT
Server: awselb/2.0
Connection: keep-alive
Content-Length: 134
Content-Type: text/html

GET
H/1.1 200
OK c087065b-a725-013d-3dad-abde1f9c0b15.js Show response
create.lidstatic.com/campaign/ 122 KB
39 KB 343ms
301ms Script
text/javascript 2606:4700:10::6816:26b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://create.lidstatic.com/campaign/c087065b-a725-013d-3dad-abde1f9c0b15.js?snippet_version=2&f=reset
Requested by: Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/
Protocol: HTTP/1.1
Server: 2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bd99b67a9972ff5eaa2f0b38046cae6a67bc525a9a23d2162c5086d6b0a02c0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:37 GMT
x-amz-version-id: oZMXeWqiqGXql8Mo6cM8e.efuNSOmVXq
Content-Encoding: gzip
CF-Cache-Status: MISS
x-amz-request-id: 65DVEP0EMHMYPXG1
Transfer-Encoding: chunked
x-amz-replication-status: COMPLETED
Connection: keep-alive
x-amz-id-2: SEjhQl3sWkv67i98/T+jDMKVOj3CMOcIbDIcEmqd7Txy+pHAB0OtmNCincnK5RoB+z3W0UKPdDfCxijVjgmPNYD7PeNv8ghy/Dtak1YHqG4=
Last-Modified: Mon, 07 Feb 2022 19:27:28 GMT
Server: cloudflare
ETag: W/"b4b7608191a0c5813dda0494c552bb8b"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
CF-RAY: 7d0ea20518916299-ORD

GET
H/1.1 200
OK c087065b-a725-013d-3dad-abde1f9c0b15.js Show response
create.lidstatic.com/campaign/ 122 KB
39 KB 418ms
377ms Script
text/javascript 2606:4700:10::6816:26b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://create.lidstatic.com/campaign/c087065b-a725-013d-3dad-abde1f9c0b15.js?snippet_version=2
Requested by: Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/
Protocol: HTTP/1.1
Server: 2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bd99b67a9972ff5eaa2f0b38046cae6a67bc525a9a23d2162c5086d6b0a02c0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:37 GMT
x-amz-version-id: oZMXeWqiqGXql8Mo6cM8e.efuNSOmVXq
Content-Encoding: gzip
CF-Cache-Status: MISS
x-amz-request-id: 65DTGK4S3YFS5V5J
Transfer-Encoding: chunked
x-amz-replication-status: COMPLETED
Connection: keep-alive
x-amz-id-2: QYxbq+TBrx6PplWyayoAUIP9SAgv7b7J7bo4NvyRVz/o/hgURf3zLN4F3pEYhd9d38n198u/jcE=
Last-Modified: Mon, 07 Feb 2022 19:27:28 GMT
Server: cloudflare
ETag: W/"b4b7608191a0c5813dda0494c552bb8b"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
CF-RAY: 7d0ea2051d582970-ORD

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 92ms
89ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FVJ1N6E2P4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVMQBCS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

635352ada6c669ed79dfd81f81d33d008e2c39645fc9b99af6e2ecd737968622

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 09:22:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80461
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 02 Jun 2023 09:22:37 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 22 KB
7 KB 174ms
49ms Script
application/x-javascript 23.54.69.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVMQBCS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.54.69.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-69-74.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 May 2023 06:28:22 GMT
Server: AkamaiNetStorage
ETag: "5eb6cb81dec36b8e936c154fb603efbb:1683181931.360368"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: NA
Cache-Control: max-age=1200
X-CC: US
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6835
Expires: Fri, 02 Jun 2023 09:42:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 163ms
52ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVMQBCS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Jun 2023 09:22:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27497
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: oXXOuYkoBCfctxNsUVXHxiyszBNNn7ieFrxMo5/eVfGKq4RPzy03Z6A6IjDA2Mux44nKD85RKZNnwBqZuS/DNA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK CAf90ab5edb3f143149b59cf13c6f130ce Show response
b-js.ringba.com/ 14 KB
14 KB 205ms
94ms Script
text/html 2600:9000:202c:ca00:4:1957:6500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://b-js.ringba.com/CAf90ab5edb3f143149b59cf13c6f130ce
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVMQBCS
Protocol: HTTP/1.1
Server: 2600:9000:202c:ca00:4:1957:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 74614b17092d316073e286beb14d69db4b5756ccb9091ebb787fde252ab70160

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:37 GMT
Via: 1.1 c9b8615e0529e4075f3b458a6fe96d44.cloudfront.net (CloudFront)
X-AspNet-Version: 4.0.30319
X-Amz-Cf-Pop: EWR52-C2
X-Powered-By: ASP.NET
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 13856
X-Runtime: 21.0000
Server: Microsoft-IIS/10.0
Access-Control-Max-Age: 300
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
X-Amz-Cf-Id: en_f6E_ArDdMO_TbFYhInD9WHHiuqRKy8lM6rAFibWevDxENDc5PlQ==
Expires: Fri, 02 Jun 2023 09:27:37 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 184ms
86ms XHR
application/json 2607:f8b0:4020:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyB0kuNi9HL0KIUaRg7lf0RHWsyxP7l8yXw&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 09:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://office365-securetransfer.serveuser.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.11/ 36 B
661 B 256ms
116ms XHR
text/plain 54.86.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.11/GenerateToken?msn=1&pid=6d212a59-64da-40a9-a465-a7228059784b&_=760609012

Requested by

Host: create.lidstatic.com
URL: http://create.lidstatic.com/campaign/c087065b-a725-013d-3dad-abde1f9c0b15.js?snippet_version=2&f=reset

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-8-109.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d1cba457973f278839541a66a84fa5f3777888ff48718876338019af0b30c5d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://office365-securetransfer.serveuser.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Jun 2023 09:22:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
269 B 186ms
69ms Ping
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FVJ1N6E2P4&gtm=45je35v0&_p=42967160&cid=603984933.1685697757&ul=en-us&sr=1600x1200&_s=1&sid=1685697757&sct=1&seg=0&dl=http%3A%2F%2Foffice365-securetransfer.serveuser.com%2F&dt=MedicareCoverage&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FVJ1N6E2P4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 09:22:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://office365-securetransfer.serveuser.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 117ms
71ms Ping
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FVJ1N6E2P4&gtm=45je35v0&_p=42967160&cid=603984933.1685697757&ul=en-us&sr=1600x1200&_eu=AAAC&sid=1685697757&sct=1&seg=1&dl=http%3A%2F%2Foffice365-securetransfer.serveuser.com%2F&dt=MedicareCoverage&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FVJ1N6E2P4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://office365-securetransfer.serveuser.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 09:22:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://office365-securetransfer.serveuser.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 128ms
81ms Script
application/javascript 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://tr.outbrain.com/cachedClickId?marketerId=00c02bddd8c7f73733a38779f6b7c4f71b
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:37 GMT
X-TraceId: ae30887275230c08c75853a627a10c85
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 91ms
46ms Image
image/gif 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tr.outbrain.com/unifiedPixel?optOut=false&bust=06797983511788597&referrer=&cht=gtm&marketerId=00c02bddd8c7f73733a38779f6b7c4f71b&name=PAGE_VIEW&dl=http%3A%2F%2Foffice365-securetransfer.serveuser.com%2F&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/
Protocol: HTTP/1.1
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:37 GMT
Cache-Control: no-cache
X-TraceId: c51b0da316b33710905b7449e80897e3
Content-Length: 53
Content-Type: image/gif;

POST
H/1.1 200
OK gnbulk Show response
display.ringba.com/v2/nis/ 392 B
800 B 185ms
80ms XHR
application/json 54.210.26.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://display.ringba.com/v2/nis/gnbulk
Requested by: Host: b-js.ringba.com
URL: http://b-js.ringba.com/CAf90ab5edb3f143149b59cf13c6f130ce
Protocol: HTTP/1.1
Server: 54.210.26.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-26-4.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 80f46bd9caf8f5e639c72783f480c009ec9e2de111e73255bb564780b87e3182

Request headers

Referer: http://office365-securetransfer.serveuser.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Jun 2023 09:22:37 GMT
X-Runtime: 0.0260
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Max-Age: 300
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://office365-securetransfer.serveuser.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 392
Expires: -1

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 53ms
51ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Jun 2023 09:22:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: pMBpGaqCuL746lo50RevDEq3vwYy7EpZVQvPy1yUsQR6wMcwhr81EOElaqgRiqoVZfuq9beopfScWtX9SQOtIw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 999014673964422 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 172ms
171ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/999014673964422?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a6cfa2bd6ddf18d107053502f7726c3e48d6af6ad2ab7f6dd1d03cbe7b1c093b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Jun 2023 09:22:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: MN4Pgy9t6nwdgsnJI3s25hLko+QceQRReYn20c60XMBaQ4Nc5bwiAymwl+ZEAXViquY5NgHR0A44PXAx2ckeIg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame AFD2 3 KB
2 KB 126ms
47ms Document
text/html 108.138.125.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=74B36B73-EF26-E2F8-670D-4A92FDF4D252&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=C087065B-A725-013D-3DAD-ABDE1F9C0B15&lac=57A8BA09-86C6-6A42-5157-455C09952706

Requested by

Host: create.lidstatic.com
URL: http://create.lidstatic.com/campaign/c087065b-a725-013d-3dad-abde1f9c0b15.js?snippet_version=2&f=reset

Protocol

HTTP/1.1

Server

108.138.125.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-125-43.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://office365-securetransfer.serveuser.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Age: 14627
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 02 Jun 2023 05:18:50 GMT
ETag: W/"643ec1f4-dbb"
Last-Modified: Tue, 18 Apr 2023 16:14:44 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 3155a44b32f22cf1d72a9a7b7439a6e2.cloudfront.net (CloudFront)
X-Amz-Cf-Id: XyM3oa5dvK8fRNwM51EyeeqMM1qtPJ-QK2HVAR1CflU_-TJ1YcSOAA==
X-Amz-Cf-Pop: JFK50-P4
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.11/ 0
623 B 53ms
53ms XHR
text/plain 54.86.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.11/SaveDom?msn=2&pid=6d212a59-64da-40a9-a465-a7228059784b&token=74B36B73-EF26-E2F8-670D-4A92FDF4D252&_=760609013

Requested by

Host: create.lidstatic.com
URL: http://create.lidstatic.com/campaign/c087065b-a725-013d-3dad-abde1f9c0b15.js?snippet_version=2&f=reset

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-8-109.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://office365-securetransfer.serveuser.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Jun 2023 09:22:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.11/ 0
623 B 54ms
54ms XHR
text/plain 54.86.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.11/InitFormData?msn=3&pid=6d212a59-64da-40a9-a465-a7228059784b&token=74B36B73-EF26-E2F8-670D-4A92FDF4D252&_=760609014

Requested by

Host: create.lidstatic.com
URL: http://create.lidstatic.com/campaign/c087065b-a725-013d-3dad-abde1f9c0b15.js?snippet_version=2&f=reset

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-8-109.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://office365-securetransfer.serveuser.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Jun 2023 09:22:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame A79A 4 KB
2 KB 597ms
242ms Document
text/html 34.227.181.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=74B36B73-EF26-E2F8-670D-4A92FDF4D252&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=C087065B-A725-013D-3DAD-ABDE1F9C0B15&lac=57A8BA09-86C6-6A42-5157-455C09952706
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: http://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=74B36B73-EF26-E2F8-670D-4A92FDF4D252&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=C087065B-A725-013D-3DAD-ABDE1F9C0B15&lac=57A8BA09-86C6-6A42-5157-455C09952706
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.181.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-181-128.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: http://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Fri, 02 Jun 2023 09:22:38 GMT
etag: W/"646ce712-1049"
expires: Sat, 03 Jun 2023 09:22:38 GMT
last-modified: Tue, 23 May 2023 16:17:22 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 529ms
243ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=999014673964422&ev=PageView&dl=http%3A%2F%2Foffice365-securetransfer.serveuser.com%2F&rl=&if=false&ts=1685697757822&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1685697757811.605489220&it=1685697757512&coo=false&tm=1&rqm=GET

Requested by

Host: office365-securetransfer.serveuser.com
URL: http://office365-securetransfer.serveuser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 02 Jun 2023 09:22:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 Snap Show response
create.leadid.com/2.11.11/ 0
623 B 208ms
104ms XHR
text/plain 54.86.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.11/Snap?msn=4&pid=6d212a59-64da-40a9-a465-a7228059784b&token=74B36B73-EF26-E2F8-670D-4A92FDF4D252&_=760609015

Requested by

Host: create.lidstatic.com
URL: http://create.lidstatic.com/campaign/c087065b-a725-013d-3dad-abde1f9c0b15.js?snippet_version=2&f=reset

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-8-109.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://office365-securetransfer.serveuser.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Jun 2023 09:22:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.11/ Frame A79A 0
627 B 154ms
53ms Script
text/javascript 54.86.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.11/SaveDeviceId.js?lac=57A8BA09-86C6-6A42-5157-455C09952706&lck=C087065B-A725-013D-3DAD-ABDE1F9C0B15&methods=48&token=74B36B73-EF26-E2F8-670D-4A92FDF4D252&uuid=e8be45763d3f4840bb5c83108eb87d53

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=74B36B73-EF26-E2F8-670D-4A92FDF4D252&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=C087065B-A725-013D-3DAD-ABDE1F9C0B15&lac=57A8BA09-86C6-6A42-5157-455C09952706

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-8-109.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 09:22:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 167ms
57ms XHR
application/json 52.4.12.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: http://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16856977569150.3836442602314962&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.4.12.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-12-52.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 21f7d287e60a5151ee828cab5ae5477dcee0359e4d0638231b6b903d33e5b008

Request headers

Referer: http://office365-securetransfer.serveuser.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Jun 2023 09:22:38 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 trustedform-1.8.39.js Show response
cdn.trustedform.com/ 102 KB
37 KB 54ms
53ms Script
application/javascript 2600:9000:21dd:4600:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Requested by: Host: api.trustedform.com
URL: http://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16856977569150.3836442602314962&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:4600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: OadgesbszW_FbzYEqgjtb7SPpT8rHyZy
content-encoding: gzip
via: 1.1 ee623581f95aa65c7c8707871d87b790.cloudfront.net (CloudFront)
date: Fri, 02 Jun 2023 09:22:27 GMT
last-modified: Fri, 12 May 2023 16:55:50 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 14
etag: W/"9c2830f2c2e5b9cb27e0e7f151317cbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: IIX8Cr2cYwDjWv6zJ0mzCrOW-RiIgfwyVD5vgG5FejlODPn3ozsIQw==

POST
H2 200 info Show response
info.leadid.com/ 1 B
146 B 327ms
59ms XHR
text/plain 75.101.228.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://info.leadid.com/info?msn=5&pid=6d212a59-64da-40a9-a465-a7228059784b&token=74B36B73-EF26-E2F8-670D-4A92FDF4D252&_=760609016
Requested by: Host: create.lidstatic.com
URL: http://create.lidstatic.com/campaign/c087065b-a725-013d-3dad-abde1f9c0b15.js?snippet_version=2&f=reset
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.228.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-228-218.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: http://office365-securetransfer.serveuser.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 02 Jun 2023 09:22:39 GMT
content-encoding: gzip
server: nginx
content-type: text/plain;charset=UTF-8

POST
H2 204 snapshot Show response
api.trustedform.com/certs/2ad65d4fe5dd34fb54f8c8b09bbc8559fed90dce/ 0
159 B 109ms
108ms XHR
text/plain 52.4.12.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/2ad65d4fe5dd34fb54f8c8b09bbc8559fed90dce/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.4.12.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-12-52.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://office365-securetransfer.serveuser.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 02 Jun 2023 09:22:39 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H/1.1 200
OK logo.svg
office365-securetransfer.serveuser.com/images/ 10 KB
10 KB 77ms
76ms Image
image/svg+xml 165.232.141.33
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://office365-securetransfer.serveuser.com/images/logo.svg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: HTTP/1.1
Server: 165.232.141.33 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: medicarecoverage.io
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f874e372f91c4718049929a8beba0c63510554461c729013dd9780efd3617cc4

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:39 GMT
Last-Modified: Tue, 08 Feb 2022 17:15:46 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6202a542-2729"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10025

GET
H/1.1 200
OK icon-close.svg
office365-securetransfer.serveuser.com/images/ 1 KB
1 KB 77ms
77ms Image
image/svg+xml 165.232.141.33
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://office365-securetransfer.serveuser.com/images/icon-close.svg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: HTTP/1.1
Server: 165.232.141.33 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: medicarecoverage.io
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d6ca227bf207256e4bbdd3e5e8e04dc9ffecbbad70f3b84aa01cad2224444768

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 09:22:39 GMT
Last-Modified: Mon, 07 Feb 2022 15:56:21 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62014125-4b0"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1200

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/2ad65d4fe5dd34fb54f8c8b09bbc8559fed90dce/ 0
159 B 83ms
83ms XHR
text/plain 52.4.12.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/2ad65d4fe5dd34fb54f8c8b09bbc8559fed90dce/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.4.12.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-12-52.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://office365-securetransfer.serveuser.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 02 Jun 2023 09:22:39 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 52ms
51ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=999014673964422&ev=Microdata&dl=http%3A%2F%2Foffice365-securetransfer.serveuser.com%2F&rl=&if=false&ts=1685697759339&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22MedicareCoverage%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1685697757811.605489220&it=1685697757512&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 02 Jun 2023 09:22:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.11/ 0
623 B 54ms
54ms XHR
text/plain 54.86.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.11/InitFormData?msn=5&pid=6d212a59-64da-40a9-a465-a7228059784b&token=74B36B73-EF26-E2F8-670D-4A92FDF4D252&_=760609017

Requested by

Host: create.lidstatic.com
URL: http://create.lidstatic.com/campaign/c087065b-a725-013d-3dad-abde1f9c0b15.js?snippet_version=2&f=reset

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-8-109.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://office365-securetransfer.serveuser.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Jun 2023 09:22:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/2ad65d4fe5dd34fb54f8c8b09bbc8559fed90dce/ 0
159 B 51ms
50ms XHR
text/plain 52.4.12.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/2ad65d4fe5dd34fb54f8c8b09bbc8559fed90dce/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.4.12.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-12-52.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://office365-securetransfer.serveuser.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 02 Jun 2023 09:22:39 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/5/ 272 KB
61 KB 49ms
48ms Script
text/javascript 2607:f8b0:4020:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/5/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyB0kuNi9HL0KIUaRg7lf0RHWsyxP7l8yXw&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18a1893b411b0e046da9a73d2e700c17cb0af83d2befb7f9d9469fb52f6b4431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 01:41:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61829
x-xss-protection: 0
last-modified: Tue, 30 May 2023 19:26:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jun 2024 01:41:11 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/5/ 162 KB
51 KB 79ms
79ms Script
text/javascript 2607:f8b0:4020:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/5/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyB0kuNi9HL0KIUaRg7lf0RHWsyxP7l8yXw&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55816178df5f1e22b4f2fbbe8812eab552ce094b8a00a6b675fd6de815b0859f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 21:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51986
x-xss-protection: 0
last-modified: Tue, 30 May 2023 19:26:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 21:24:49 GMT

POST
H2 204 events
api.trustedform.com/certs/2ad65d4fe5dd34fb54f8c8b09bbc8559fed90dce/ 0
160 B 148ms
51ms Ping
text/plain 52.4.12.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/2ad65d4fe5dd34fb54f8c8b09bbc8559fed90dce/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.4.12.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-12-52.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://office365-securetransfer.serveuser.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Jun 2023 09:22:42 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 70ms
69ms Ping
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FVJ1N6E2P4&gtm=45je35v0&_p=42967160&cid=603984933.1685697757&ul=en-us&sr=1600x1200&_eu=AEA&_s=3&sid=1685697757&sct=1&seg=1&dl=http%3A%2F%2Foffice365-securetransfer.serveuser.com%2F&dt=MedicareCoverage&en=scroll&epn.percent_scrolled=90&_et=30
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FVJ1N6E2P4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://office365-securetransfer.serveuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 09:22:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://office365-securetransfer.serveuser.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK hb Show response
display.ringba.com/v1/nis/ 0
359 B 71ms
70ms XHR
text/plain 54.210.26.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://display.ringba.com/v1/nis/hb
Requested by: Host: b-js.ringba.com
URL: http://b-js.ringba.com/CAf90ab5edb3f143149b59cf13c6f130ce
Protocol: HTTP/1.1
Server: 54.210.26.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-26-4.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://office365-securetransfer.serveuser.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Jun 2023 09:22:41 GMT
X-Runtime: 0.0210
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Max-Age: 300
Access-Control-Allow-Origin: http://office365-securetransfer.serveuser.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: -1

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.serveuser.com/	1970-01-20 21:50:57	Name: _ga Value: GA1.1.603984933.1685697757
.serveuser.com/	1970-01-20 21:50:57	Name: _ga_FVJ1N6E2P4 Value: GS1.1.1685697757.1.1.1685697757.0.0.0
office365-securetransfer.serveuser.com/	1970-01-20 12:14:58	Name: leadid_token-57A8BA09-86C6-6A42-5157-455C09952706-C087065B-A725-013D-3DAD-ABDE1F9C0B15 Value: 74B36B73-EF26-E2F8-670D-4A92FDF4D252
office365-securetransfer.serveuser.com/	1970-01-20 12:14:58	Name: outbrain_cid_fetch Value: true
.serveuser.com/	1970-01-20 14:24:33	Name: _fbp Value: fb.1.1685697757811.605489220
.deviceid.trueleadid.com/	1970-01-20 21:50:57	Name: uuid Value: e8be45763d3f4840bb5c83108eb87d53

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
api.trustedform.com
b-js.ringba.com
cdn.jsdelivr.net
cdn.trustedform.com
cdnjs.cloudflare.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
display.ringba.com
fonts.googleapis.com
fonts.gstatic.com
info.leadid.com
maps.googleapis.com
office365-securetransfer.serveuser.com
tr.outbrain.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
108.138.125.43
165.232.141.33
23.54.69.74
2600:9000:202c:ca00:4:1957:6500:93a1
2600:9000:21dd:4600:1c:7f1a:6680:93a1
2606:4700:10::6816:26b6
2606:4700::6811:190e
2607:f8b0:4006:807::200a
2607:f8b0:4020:804::200a
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2003
2607:f8b0:4020:806::2008
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42::485
34.194.116.96
34.227.181.128
52.4.12.52
54.210.26.4
54.86.8.109
70.42.32.223
75.101.228.218
04e755021129f8a4ca167f1b83593a7cfda1506fde65d57fcc205f08f283a5fa
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
18a1893b411b0e046da9a73d2e700c17cb0af83d2befb7f9d9469fb52f6b4431
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
21f7d287e60a5151ee828cab5ae5477dcee0359e4d0638231b6b903d33e5b008
356661bf7470a5e8400bedf6acdd68282882c48a1d87136f8f758bfe20ed1ead
478403d575a3bdf10711cfc4295becbad90e08057d6e50833e53c68b1da123ec
4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2
55816178df5f1e22b4f2fbbe8812eab552ce094b8a00a6b675fd6de815b0859f
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
635352ada6c669ed79dfd81f81d33d008e2c39645fc9b99af6e2ecd737968622
6967ee0b8c7461cedca596d41a946e61a474842617a64448b66a6552ec2bd58a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74614b17092d316073e286beb14d69db4b5756ccb9091ebb787fde252ab70160
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
80f46bd9caf8f5e639c72783f480c009ec9e2de111e73255bb564780b87e3182
811a0521f7eab473754e0885dcfca5dfc6885209ad56464aeade94c9b6b857f4
8bd99b67a9972ff5eaa2f0b38046cae6a67bc525a9a23d2162c5086d6b0a02c0
8da03ac3ff1a88867d739227247c8accd8d9fa46b22c937f25fbc2e3e1e812f4
8e78c2c8c012095c0c6c4cc93ac1162823f6e22f6cdc57cfd19f2c4df9783607
8f9353a7ba7d1bfebc599e93f2d53ad94124877adff86c7bc8cdbad2c43c6576
979ce5f113fa4631ed79702b14003c2845ae8950a24286de635352a96503ddaa
9cac14b2ccbf842f8a6d50066744663a1e9cd5dc9d75c2e7c2f6e7411969626b
a6cfa2bd6ddf18d107053502f7726c3e48d6af6ad2ab7f6dd1d03cbe7b1c093b
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b
b1c9563195db9f175816517666b22e7f93b9c7c3128f5af2300a53ae5e786b72
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d1cba457973f278839541a66a84fa5f3777888ff48718876338019af0b30c5d1
d6ca227bf207256e4bbdd3e5e8e04dc9ffecbbad70f3b84aa01cad2224444768
d95166940395c50be562fe538c85311002d62b83da8f68a8500be092f4bf98fd
deb73c89323020e2fbee1b8b12772f8851b866600b357549029664dda62295e9
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48174c26f3c2cae1aaac70c985a9eaf51ab01448c70efa68f2d0188b542d95f
ebd8ed0fa7a20c9b783ab8776505545bfdbd45195efcfbc3cbc3d1f8da71aff6
ee68ee26d5447d3db65e70f508cfb5940f00b0bc2a5072283f3b13d583ade782
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f874e372f91c4718049929a8beba0c63510554461c729013dd9780efd3617cc4
f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a
fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14

office365-securetransfer.serveuser.com Open in urlscan Pro 165.232.141.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

61 %HTTPS

55 %IPv6

16 Domains

21 Subdomains

22 IPs

2 Countries

1259 kBTransfer

2922 kBSize

6 Cookies

0 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

office365-securetransfer.serveuser.com Open in urlscan Pro
165.232.141.33 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

61 %
HTTPS

55 %
IPv6

16
Domains

21
Subdomains

22
IPs

2
Countries

1259 kB
Transfer

2922 kB
Size

6
Cookies

62 HTTP transactions
1 data transactions