www.avera.org Open in urlscan Pro
157.55.86.227 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Submission: On November 16 via manual (November 16th 2022, 5:42:39 pm UTC) from US — Scanned from DE

Summary HTTP 112 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 41 IPs in 6 countries across 36 domains to perform 112 HTTP transactions. The main IP is 157.55.86.227, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.avera.org. The Cisco Umbrella rank of the primary domain is 436953.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 14th 2021. Valid for: a year.

This is the only time www.avera.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 57	157.55.86.227 157.55.86.227	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:237... 2600:9000:237d:f000:12:de4a:40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e2:... 2606:4700:e2::ac40:8f22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:4800:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2 5	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
2	143.204.89.18 143.204.89.18	16509 (AMAZON-02) (AMAZON-02)
1	18.158.237.5 18.158.237.5	16509 (AMAZON-02) (AMAZON-02)
1	2.19.100.4 2.19.100.4	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 2	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.51.250.251 52.51.250.251	16509 (AMAZON-02) (AMAZON-02)
1	3.127.178.105 3.127.178.105	16509 (AMAZON-02) (AMAZON-02)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.127.96.241 3.127.96.241	16509 (AMAZON-02) (AMAZON-02)
1 1	13.32.27.83 13.32.27.83	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	34.232.208.82 34.232.208.82	14618 (AMAZON-AES) (AMAZON-AES)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4232:9a5c:3bc3:f2af:d7e9	14618 (AMAZON-AES) (AMAZON-AES)
1	3.248.145.65 3.248.145.65	16509 (AMAZON-02) (AMAZON-02)
1	52.49.35.210 52.49.35.210	16509 (AMAZON-02) (AMAZON-02)
1 2	35.157.180.193 35.157.180.193	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2	18.208.125.13 18.208.125.13	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.27.24 13.32.27.24	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.31 99.86.4.31	16509 (AMAZON-02) (AMAZON-02)
1	52.50.139.125 52.50.139.125	16509 (AMAZON-02) (AMAZON-02)
112	41

57 157.55.86.227 (San Antonio, United States) 3 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.avera.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:f000:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

30531.tctm.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8f22 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:4800:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20770730p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.89.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-18.fra50.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.237.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-237-5.eu-central-1.compute.amazonaws.com

69057.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.100.4 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-100-4.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.12 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.250.251 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-250-251.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.96.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-96-241.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.83 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-83.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.208.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-208-82.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:9a5c:3bc3:f2af:d7e9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.145.65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-145-65.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.35.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-35-210.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.180.193 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-180-193.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.208.125.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-24.fra56.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-31.fra6.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.139.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-139-125.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	avera.org 3 redirects www.avera.org — Cisco Umbrella Rank: 436953	571 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1662 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3504 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3503 tracking.crazyegg.com — Cisco Umbrella Rank: 3406	35 KB
5	rfihub.com 2 redirects 20770730p.rfihub.com — Cisco Umbrella Rank: 813256 a.rfihub.com — Cisco Umbrella Rank: 2999 p.rfihub.com — Cisco Umbrella Rank: 695	7 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 2536	20 KB
3	teads.tv p.teads.tv — Cisco Umbrella Rank: 5650 cm.teads.tv — Cisco Umbrella Rank: 6160 t.teads.tv — Cisco Umbrella Rank: 2533	8 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 376	12 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 203	3 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 3529	3 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 533	607 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	863 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 557	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 321	107 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 197	2 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 209	2 KB
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 6784	41 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5922	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	611 B
2	gstatic.com fonts.gstatic.com	32 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	179 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 530	339 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 434	377 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1057	183 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1192	191 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1668	109 B
1	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 1800	780 B
1	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1181	105 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 535
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 926	344 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 307	239 B
1	siteimproveanalytics.io 69057.global.siteimproveanalytics.io — Cisco Umbrella Rank: 742896	474 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5148	6 KB
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3205	6 KB
1	tctm.co 30531.tctm.co — Cisco Umbrella Rank: 661331	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 976	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	2 KB
112	36

	Domain	Requested by
57	www.avera.org	3 redirects www.avera.org
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
3	p.rfihub.com	2 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.avera.org
2	pi.pardot.com	www.avera.org pi.pardot.com
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects www.avera.org
2	idsync.rlcdn.com	www.avera.org
2	dpm.demdex.net	1 redirects
2	ib.adnxs.com	1 redirects www.avera.org
2	solutions.invocacdn.com	www.avera.org solutions.invocacdn.com
2	www.google.de	www.avera.org
2	www.google.com	www.avera.org
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	www.avera.org www.googletagmanager.com
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	beacon.krxd.net	www.avera.org
1	aa.agkn.com	www.avera.org
1	partners.tremorhub.com	www.avera.org
1	x.dlx.addthis.com	www.avera.org
1	bpi.rtactivate.com	www.avera.org
1	live.rezync.com	1 redirects
1	bs.serving-sys.com	www.avera.org
1	contextual.media.net	www.avera.org
1	ps.eyeota.net	www.avera.org
1	pixel.rubiconproject.com	www.avera.org
1	a.rfihub.com	www.avera.org
1	cm.g.doubleclick.net	1 redirects
1	t.teads.tv	www.avera.org
1	69057.global.siteimproveanalytics.io	www.avera.org
1	cm.teads.tv	p.teads.tv
1	stats.g.doubleclick.net	www.google-analytics.com
1	20770730p.rfihub.com	c1.rfihub.net
1	p.teads.tv	www.googletagmanager.com
1	c1.rfihub.net	www.avera.org
1	siteimproveanalytics.com	www.avera.org
1	30531.tctm.co	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	fonts.googleapis.com	www.avera.org
112	46

This site contains links to these domains. Also see Links.

Domain
www.averahealthplans.com

Subject Issuer	Validity	Valid
www.avera.org DigiCert TLS RSA SHA256 2020 CA1	`2021-12-14` - `2023-01-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-08` - `2023-04-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.tctm.co Amazon	`2022-09-08` - `2023-10-06`	a year	crt.sh
*.rfihub.net Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-05-24`	a year	crt.sh
invocacdn.com Amazon	`2022-10-24` - `2023-11-22`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.global.r1.siteimproveanalytics.io Amazon	`2022-09-09` - `2023-10-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
rtactivate.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-13` - `2023-09-12`	a year	crt.sh
crazyegg.com Amazon	`2022-06-27` - `2023-07-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Frame ID: B11ED44352208A78582134D49A8B7C9B
Requests: 93 HTTP requests in this frame

Frame: https://20770730p.rfihub.com/ca.html?ver=9&rb=26159&ca=20770730&_o=26159&_t=20770730&pe=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DjR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%252fnXLloqDM%253d&pf=&ra=20685852766646473
Frame ID: EA4ED6C95AC4AAC4071BAFB4AD9761E3
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Verify Your Email Address

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

112
Requests

88 %
HTTPS

37 %
IPv6

36
Domains

46
Subdomains

41
IPs

6
Countries

986 kB
Transfer

2527 kB
Size

43
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.averahealthplans.com/
Title: Find a Health Plan

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyMzgyNDYyMDAxNw==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOvKjy7S7FFdrn39nxG5Zjg&google_cver=1

Request Chain 62

https://ib.adnxs.com/setuid?entity=18&code=5124322323824620017 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5124322323824620017

Request Chain 64

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5124322323824620017&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322323824620017&redir=

Request Chain 65

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5124322323824620017&bid=omt9pi0

Request Chain 68

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322323824620017&referrer=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DjR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%252fnXLloqDM%253d HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=640e943d-8912-4245-8c6d-77f66ca7582b%3A1668620553.7144272&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D640e943d-8912-4245-8c6d-77f66ca7582b%253A1668620553.7144272 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=640e943d-8912-4245-8c6d-77f66ca7582b%3A1668620553.7144272

Request Chain 70

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322323824620017&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322323824620017&forward=&C=1

Request Chain 73

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322323824620017&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322323824620017&img=1&__user_check__=1&sync_id=0d1efc73-65d6-11ed-8b7a-1a377c5d0506

Request Chain 77

https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322323824620017&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322323824620017&expires=30

Request Chain 78

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y3UhCQAAAC6__AA7 HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y3UhCQAAAC6__AA7&_test=Y3UhCQAAAC6__AA7

Request Chain 90

https://www.avera.org/app/files/public/72701/Homepage-.jpg HTTP 302
https://www.avera.org/app/files/public/13ac65ca-609f-4fc6-975d-462eb35c1467/Homepage-.jpg

Request Chain 101

https://www.avera.org/app/files/public/83541/ask-the-question-suicide-prevention-home-page-panel-image.jpg HTTP 302
https://www.avera.org/app/files/public/186b461d-aada-4414-89a1-707f44edea47/ask-the-question-suicide-prevention-home-page-panel-image.jpg

Request Chain 102

https://www.avera.org/app/files/public/82030/movinghealthforward_tagline_72.png HTTP 302
https://www.avera.org/app/files/public/96c0f818-a17d-40a3-928c-2f93137b97d5/movinghealthforward_tagline_72.png

112 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request verifyEmail.aspx Show response
www.avera.org/app/security/ 30 KB
11 KB 1092ms
501ms Document
text/html 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

e9999352d323b1c9d8d95aa9f0cf45dbea612757a41594d9b383d2f996467b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 10461
Content-Type: text/html; charset=utf-8
Date: Wed, 16 Nov 2022 17:42:29 GMT
Expect-CT: max-age=86400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/8.5
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Robots-Tag: noindex
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK default.css
www.avera.org/css-min/ 24 KB
9 KB 139ms
138ms Stylesheet
text/css 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css-min/default.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

abe2cac72ed872f31e123a48df71a53174cc36dbefc4164e526e456d1482f159

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:29 GMT
Content-Length: 7937
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 16 Nov 2022 16:48:24 GMT
Server: Microsoft-IIS/8.5
ETag: "03cf43ddbf9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK client.css
www.avera.org/css-min/ 87 KB
26 KB 279ms
139ms Stylesheet
text/css 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css-min/client.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

5bd1509337ed0340671fe3a20fd38f2bb22718239f709014cdf99f251bd7808c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:29 GMT
Content-Length: 26216
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 16 Nov 2022 16:48:24 GMT
Server: Microsoft-IIS/8.5
ETag: "03cf43ddbf9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
www.avera.org/scripts/ 93 KB
47 KB 411ms
151ms Script
application/javascript 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/scripts/jquery-1.11.3.min.js

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

67f31bf65c22382c6fad74dd5d556deaf4e108f270ac95f87d89df69c8ed1a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:30 GMT
Content-Length: 47758
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:54:58 GMT
Server: Microsoft-IIS/8.5
ETag: "0bd738534f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-migrate-1.2.1.min.js Show response
www.avera.org/scripts/ 7 KB
5 KB 415ms
149ms Script
application/javascript 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/scripts/jquery-migrate-1.2.1.min.js

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:30 GMT
Content-Length: 4079
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:32 GMT
Server: Microsoft-IIS/8.5
ETag: "02c145576c4d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 150 KB
68 KB 855ms
587ms Script
text/javascript 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/WebResource.axd?d=omLPgGeJNC_y7GFjEXlaQLIldGYw4Oh0081evCARb1Vx57lXLky5915CjeJ3UaW_3OsKvY-dAw-Dv65cngerRr9kzoF3A21xGotcr16GwuOx7j8jCH8necdHDcHhESMzWiNRu0QOoeV8XdkNYcTbHQ2&t=637983253360000000

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

6882d51943dfbefd6a3ef4b957c7a4bc06976e071b00d497dedebb75cbc6bc55

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:30 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 68417
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:16 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 16 Nov 2023 17:31:10 GMT

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 14 KB
4 KB 540ms
132ms Script
text/javascript 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/WebResource.axd?d=4UFlqIq8P5vCqX7mGiiCoiYajF5qqMK4eXrfRm20qRSmjebHCDxmFewFviNSce0tRLIuJS8RSusI_V43dzNNKzWIBV23GD5pxiL50mxZJVIHbHBn6SXcLqCdWDlEnf7PywP3dXMjABZgtsUusZ6PuK72JMpSzefIlMJlG4L0vVjzwWdnlHyyW3iTA8hgjj1q0&t=637983253360000000

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

822204d7b5e456b3004a8bfcc237a11291dd0368b70c7d1031c3185fa9f552be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:30 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 3308
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:16 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 16 Nov 2023 17:31:10 GMT

GET
H/1.1 200
OK jquery.searchIdPrintResults.js Show response
www.avera.org/scripts/ 1 KB
1 KB 551ms
137ms Script
application/javascript 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/scripts/jquery.searchIdPrintResults.js

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

05b777f92a6b004deaa5d081f1d44f3a90f50410d7882ca76d475936d9a17e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:30 GMT
Content-Length: 621
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:54:58 GMT
Server: Microsoft-IIS/8.5
ETag: "0bd738534f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H2 200 css2
fonts.googleapis.com/ 26 KB
2 KB 66ms
27ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Nov 2022 17:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 17:14:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Nov 2022 17:42:30 GMT

GET
H/1.1 200
OK avera.css
www.avera.org/css/ 261 KB
62 KB 806ms
549ms Stylesheet
text/css 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css/avera.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ee72aea709bfd36b9e2d858574e054ac44bb68f469cb539974f413a4f6d8f2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:30 GMT
Content-Length: 62604
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK no-cols.css
www.avera.org/css/templates/ 524 B
1 KB 406ms
149ms Stylesheet
text/css 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css/templates/no-cols.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

b7325ac83bd101ce91be8abfbd07b130e5f37a3485d85c72d80c149b31ae2798

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:30 GMT
Content-Length: 269
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK avera-logo.png
www.avera.org/imgs/ 8 KB
8 KB 139ms
138ms Image
image/png 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/avera-logo.png

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

eb22874fc8e8d2e5494f421e1b336fd90a6b026cfc539a33b3acfaee33ea2f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:31 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 7774
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK search-icon2x.png
www.avera.org/imgs/icons/ 2 KB
3 KB 211ms
134ms Image
image/png 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/icons/search-icon2x.png

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

972cc181c11ea10492a1cdbdc45d375b47791bd682e31f4fa783a969050075fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:31 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:52 GMT
Server: Microsoft-IIS/8.5
ETag: "0f01c5e34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 2084
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 23 KB
7 KB 133ms
133ms Script
application/x-javascript 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/WebResource.axd?d=jYr4BoKVcrfRFg4D2UDxHtVjNMwp56ezP2GkmXW49ia4Sqv1UQQFNu40QJ-liMfAwKUTPvfvs0bRzz2tA8ruXgf9vDoZm7611lzjWsP0C181&t=637814437746327080

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:30 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 6768
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sat, 26 Feb 2022 09:42:54 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 16 Nov 2023 17:31:10 GMT

GET
H/1.1 200
OK client.js Show response
www.avera.org/scripts/ 34 KB
15 KB 139ms
139ms Script
application/javascript 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/scripts/client.js

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

37dddab995ec8c715249818a1883df536fe47693ece7f7af46a9cafb3c276199

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:30 GMT
Content-Length: 14288
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:54:58 GMT
Server: Microsoft-IIS/8.5
ETag: "0bd738534f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 2 KB
2 KB 139ms
138ms Script
text/javascript 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/WebResource.axd?d=WrTag9d4pW-qwXkXXDGOYjucA0352jufQuCp1nf1i1GujjEShl4acpF69_kCNDrRYBMgBOhV4Roi2f4ryQHMQfZTb9GiXsRFv8KZJWgTOmQ2noY8t8qaOhXcXbN-7JUEoKswTLNa3kSTuIJsmdMnhl1zgNAQ6Vnv2Q3mX_i-AwF8URb1zTJemxq9NNpdXmAhiK3RXYFYNv51mhXk1niiwg2&t=637983253360000000

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

411d6092d1c4c1448905b119e2f2504fa02dae98ab253f79e2699e4ecec95d77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:31 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 758
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:16 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 16 Nov 2023 17:31:10 GMT

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 766 B
1 KB 132ms
132ms Script
text/javascript 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/WebResource.axd?d=kFmSMQddctvMHxqq9EtHX-INICGPmjxzqB1DSBr-Hg8O_zoKagnUiHhN207gpBMFG8_YAX42criy-72nogtSVP-RCdkjxc-pJjQGYx4FwILPcFObNEPkQAjZNUmgti78TF4MI8DNoc4axigQEEagqgEI_X6uCdc75TPrngGGf8s1&t=637983253360000000

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

b0e90e848170144310bc41087314c1505d23ed447a1002039c2db35563e082fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:31 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 414
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:16 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 16 Nov 2023 17:31:33 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.avera.org/ 26 KB
9 KB 132ms
132ms Script
application/x-javascript 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/ScriptResource.axd?d=nJ_VPT9-PS37Jz93ffSRjBCwtFAiDgllbYyKQvyMuJYJqiAEAw4hSYcZUQ2Ai6I9JgvWdz8ObhaoaQGCAql9opPyMv-sbEpY66a59kQxdALWe0fy7C8Ar5AZR5ASEpvmwlegRAHFaS9hmDV12YIWgh5MRYy482TvIDp1xUy6QsY1&t=14d69f50

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:31 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 8327
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 16 Nov 2022 17:31:33 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 16 Nov 2023 17:31:33 GMT

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 897 B
1 KB 133ms
133ms Script
text/javascript 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/WebResource.axd?d=VVSdmAqtynhM5rn5UEA03Qa3A0uc8xLvNmEwARmLQYUuE_m1mu4c7Ilf5JP8unFKXLMj7fPT1uN_5dp6Zgr_rNNM90vvJah7Kz4_tlhPUJNZREnwoe62j9Su5NLCDRmKb1qKFrhCWDHKBMzAnX0dPMBl9_noZyK2kBsN0JFQxCzOTzzGnt-3WSRmsWiumfSM41HSyiQITV91_v5bCERufA2&t=637983253360000000

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

0aade28df809068b9b4da9877621fe3ecc0fa3234161f23552c61dc884c12954

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:31 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 525
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:16 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 16 Nov 2023 17:31:33 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.avera.org/ 100 KB
37 KB 143ms
143ms Script
application/x-javascript 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/ScriptResource.axd?d=wYUnArtQrNPyvM7wYYZvMGcFuWb0b8YZD_JczWHOCf4UuZLV03v7D4tfOm3isce564hDtb_-Q6O_6cOUra9FC25usqadIzlCK20zlvmVr46qhtRn3cgt57vCzkN6323dPGuVxXrBxMIUw44ClwGUE6xGpsakvlIUkRJRbe6AE_ggG5PF7HZKXZoz7I1BN07i0&t=49337fe8

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:31 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 37031
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 16 Nov 2022 17:31:10 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 16 Nov 2023 17:31:10 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.avera.org/ 39 KB
15 KB 136ms
136ms Script
application/x-javascript 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/ScriptResource.axd?d=MQB67sxauURHKIbBby0IauFkaTI8LOX0bxcsg78R-V4AFsUrZJv3SvekcyqbS6K_7DpmRHlZpNwxWjBj2cFBrePbJlSNtJNsVsCnCFMJzG17vN_I5Rs2KKfAD-oVVqYBJhNuJGNu7ysJvZxNBVNBGsqVCmaTGtJqFrfnXTazPKwVLJ71tf8yJl_3lBK-XDwK0&t=49337fe8

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:31 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 14430
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 16 Nov 2022 17:31:10 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 16 Nov 2023 17:31:10 GMT

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 3 KB
2 KB 181ms
180ms Script
application/x-javascript 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/WebResource.axd?d=FlY_XPMdkB9X0IuEX_uoRCdO3KiH_D98Ph1dqhkZMRB1Z_uyeEN_CgvFOtTwFN8PjKisKp5KQdLlVgtxc7t78f9Bm1_vGNI8sho5W7x9T741&t=637814437746327080

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:31 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 1062
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sat, 26 Feb 2022 09:42:54 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 16 Nov 2023 17:42:31 GMT

GET
H/1.1 200
OK avera.js Show response
www.avera.org/scripts/ 102 KB
37 KB 501ms
500ms Script
application/javascript 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/scripts/avera.js

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

64d6669a5e1fb2b01be947d4a5f7f0ddfa85ee174483248acf473edbc193fc04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:31 GMT
Content-Length: 37470
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:54:58 GMT
Server: Microsoft-IIS/8.5
ETag: "0bd738534f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK public.css
www.avera.org/css/tiny-mce/ 42 KB
12 KB 216ms
216ms Stylesheet
text/css 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css/tiny-mce/public.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/css/avera.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

f08006fbc97f17f1cd26a30fc3e046622207953b7e8d4182c51d81e252e34747

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:31 GMT
Content-Length: 11755
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK forms.css
www.avera.org/css/ 9 KB
4 KB 173ms
172ms Stylesheet
text/css 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css/forms.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/css/avera.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

359277ca3321cae12dcb73545a3abb94ec64e0e595f99557e64e437fcd711023

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:31 GMT
Content-Length: 2783
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK datepicker.css
www.avera.org/css/ 4 KB
2 KB 148ms
147ms Stylesheet
text/css 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css/datepicker.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/css/avera.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

6ee1a78db9127677fc0e343c8b2ae01bcb616b3ef194dd207ae6fe00e002414c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:30 GMT
Content-Length: 1658
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:20 GMT
Server: Microsoft-IIS/8.5
ETag: "01eed4d76c4d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK forms-core.css
www.avera.org/css/ 23 KB
8 KB 181ms
180ms Stylesheet
text/css 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css/forms-core.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/css/forms.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ce2967a02b012efe560e49eff4241f81955a3d8f9ca4e75102238e14f3e12c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css/forms.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:31 GMT
Content-Length: 7222
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:20 GMT
Server: Microsoft-IIS/8.5
ETag: "01eed4d76c4d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK tableSort.css
www.avera.org/css/tiny-mce/ 32 B
856 B 139ms
138ms Stylesheet
text/css 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css/tiny-mce/tableSort.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/css/tiny-mce/public.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

59e09d0093da63c9aa75b13efaa4451aeebd3534fa9cb31d1e81dba674711ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css/tiny-mce/public.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:31 GMT
Content-Length: 52
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:26 GMT
Server: Microsoft-IIS/8.5
ETag: "0a5805176c4d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK tableSort-core.css
www.avera.org/css/tiny-mce/ 14 KB
6 KB 175ms
175ms Stylesheet
text/css 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css/tiny-mce/tableSort-core.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/css/tiny-mce/tableSort.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

40dcb619490d3995b3b00c44cbc7a23cc431910971734c2ed725ecc504545eb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css/tiny-mce/tableSort.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:31 GMT
Content-Length: 4985
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:26 GMT
Server: Microsoft-IIS/8.5
ETag: "0a5805176c4d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 402 KB
103 KB 313ms
49ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8cfe2e294039a57a4ce4ba685af0b6f49b630c5108c44a65b2178b4906f1a1fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:42:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105447
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Nov 2022 17:42:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 57ms
15ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avera.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 422411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 20:22:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 59ms
19ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avera.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 477182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 05:09:29 GMT

GET
H/1.1 200
OK light-pattern.png
www.avera.org/imgs/ 2 KB
3 KB 139ms
138ms Image
image/png 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/light-pattern.png

Requested by

Host: www.avera.org
URL: https://www.avera.org/css/avera.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ed88f9f4ddc6d33339fb4d88e0495ef8d039a1330ac634a8a88d61e0d396606d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:31 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:50 GMT
Server: Microsoft-IIS/8.5
ETag: "0c3eb5c34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 2194
X-UA-Compatible: chrome=1

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 113 KB
44 KB 83ms
30ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-MXB48L7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb484ee3c856bd665d018257ca0468899286a10fee23b10a07fe85d2ed0961cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:42:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44646
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Nov 2022 17:42:32 GMT

GET
H2 200 0056.js Show response
script.crazyegg.com/pages/scripts/0031/ 6 KB
2 KB 527ms
472ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6903d519be5345a82db42d44ff8f2b9b93b5ab1a2973008c2443abe037d50eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:42:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 16 Nov 2022 17:42:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
ce-version: 11.4.40
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76b206136e6d9b3d-FRA
content-length: 2198

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1060691714/ 2 KB
2 KB 102ms
63ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1060691714/?random=1668620552162&cv=11&fst=1668620552162&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DjR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%252fnXLloqDM%253d&tiba=Verify%20Your%20Email%20Address&auid=2038387605.1668620552&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bee4a2562df3f900ba0f984a137904280896d72d5df1fb9b2d3c68b5277e2719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 17:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 931
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 121ms
40ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 16 Nov 2022 17:42:32 GMT
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6355313931E043D68AC08309DEA36F9C Ref B: FRAEDGE1309 Ref C: 2022-11-16T17:42:32Z
etag: "077538f81f4d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11421

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
14ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 17:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1063
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 16 Nov 2022 19:24:49 GMT

GET
H2 200 t.js Show response
30531.tctm.co/ 46 KB
15 KB 218ms
88ms Script
application/x-javascript 2600:9000:237d:f000:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://30531.tctm.co/t.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:f000:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 2905682e46919579a8de7f01fcc31e85992fc933ade0cd73a8c3b5b689d365e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:42:32 GMT
content-encoding: gzip
via: 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
last-modified: Wed, 16 Nov 2022 17:42:32 GMT
server: ctm
x-amz-cf-pop: MUC50-P2
etag: W/6375210800007743e0011c7c-30531
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: 4OvjAzGBL6WOlpFLYwh8v-a39dEPKERAnS5sIwvpP_8ShNxX_2SbIw==

GET
H2 200 siteanalyze_69057.js Show response
siteimproveanalytics.com/js/ 14 KB
6 KB 117ms
62ms Script
application/javascript 2606:4700:e2::ac40:8f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_69057.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b5b48b9621e7af2d0783f2aa0e7a26734476499e6756710794583d864c95b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:42:32 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RRP7GA0PKAHN4527
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5127
x-amz-id-2: P90GGhh3hXmT8nYn6gqOf2h3Ryg36UwEhx37D65YCRtfWa4bVxpVdH+JZaauHx+xUvaM2AfFgd0=
last-modified: Mon, 16 May 2022 09:44:16 GMT
server: cloudflare
etag: "0db568765387ecbf4ebab6b1396d61c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aq%2B2zf0F3oto8rRRanxpeUa2BT5Cv0bnxCYnsCI7cpd6V6tWedERha3LH0mEGW7tDc29GZ%2FSJPmXwIYtOXgOhPUE5JbfgHWxN4UrRQxrSs9%2BqzPsBQhbmy4CsFz%2F3SNov%2B20lVMzeGJCjlONe0kUGcSEGsHhziY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 76b206138e2bb7e8-AMS

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 116ms
16ms Script
application/x-javascript 2600:9000:223c:4800:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:05:39 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Wed, 16 Nov 2022 17:05:29 GMT
server: Jetty(9.3.29.v20201019)
x-amz-cf-pop: FRA56-P2
age: 2213
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: RCc1FanxirYef6FwpwFLrbjbN7qB53LDsrxv59RrrOyT6Df2WqN3eg==
expires: Wed, 16 Nov 2022 18:05:39 GMT

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 19 KB
7 KB 114ms
25ms Script
application/javascript 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f01b74473980387f484da3f2b2325ea530d0c39f702ecda52d91b7df4fd218ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 17:42:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Nov 2022 08:25:25 GMT
Server: AmazonS3
x-amz-request-id: MS7J3HHKR39BDWRW
ETag: "23ddf298c81231f0639cc34c5be08f60"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=348
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6341
x-amz-id-2: OKYB4NfZQ3HTRW2/H7jWKIM1ndRozjkEhD5RLLiZuDUELn4DnyH7xDFnWuK3S5V4hCt6+JkWjYo=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6KMB13EQJ9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20d613fe1d282bdc294ab0ab4fc5931e746d9e3f464f630be7ad97fe02a0f9f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:42:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77219
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Nov 2022 17:42:32 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 64ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6KMB13EQJ9&gtm=2oeb90&_p=473340646&cid=605180578.1668620552&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668620552&sct=1&seg=0&dl=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DjR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%252fnXLloqDM%253d&dt=Verify%20Your%20Email%20Address&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6KMB13EQJ9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 17:42:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avera.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 55ms
22ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=473340646&t=pageview&_s=1&dl=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DjR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%252fnXLloqDM%253d&ul=en-us&de=UTF-8&dt=Verify%20Your%20Email%20Address&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDAAEADQAAAACAAI~&jid=1306055790&gjid=1462738497&cid=605180578.1668620552&tid=UA-2450492-1&_gid=914311550.1668620552&_r=1&gtm=2wgb905WJDLK&z=468573841

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avera.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 17:42:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avera.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1060691714/ 42 B
548 B 68ms
27ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1060691714/?random=1668620552162&cv=11&fst=1668618000000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DjR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%252fnXLloqDM%253d&tiba=Verify%20Your%20Email%20Address&fmt=3&is_vtc=1&random=2386656126&rmt_tld=0&ipr=y

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 17:42:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1060691714/ 42 B
548 B 230ms
28ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1060691714/?random=1668620552162&cv=11&fst=1668618000000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DjR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%252fnXLloqDM%253d&tiba=Verify%20Your%20Email%20Address&fmt=3&is_vtc=1&random=2386656126&rmt_tld=1&ipr=y

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 17:42:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 13006411.js Show response
bat.bing.com/p/action/ 0
136 B 139ms
139ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13006411.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 16 Nov 2022 17:42:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 368EDEB2712A46C08195AC5FB938A274 Ref B: FRAEDGE1309 Ref C: 2022-11-16T17:42:32Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800

GET
H/1.1 200
OK ca.html Show response
20770730p.rfihub.com/ Frame EA4E 3 KB
3 KB 458ms
28ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20770730p.rfihub.com/ca.html?ver=9&rb=26159&ca=20770730&_o=26159&_t=20770730&pe=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DjR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%252fnXLloqDM%253d&pf=&ra=20685852766646473
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ba71e08963e995d99860fb0060b684da813c58eb2b14ea76840d39da3ce66d9

Request headers

Referer: https://www.avera.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2705
Content-Type: text/html;charset=utf-8
Date: Wed, 16 Nov 2022 17:42:32 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.3.29.v20201019)

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 83ms
27ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2450492-1&cid=605180578.1668620552&jid=1306055790&gjid=1462738497&_gid=914311550.1668620552&_u=aDDAAEACQAAAACAAI~&z=1748967141

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avera.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Nov 2022 17:42:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avera.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 132 B
846 B 182ms
73ms Fetch
application/json 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DjR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%252fnXLloqDM%253d&buyer_pixel_id=4963
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1ae078b1bf54d0226299745f50111ade6f39a46b6166d39a026f7d9860587f71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 17:42:32 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.avera.org
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Origin-Trial: A9jSBs0DOsjz9/WX9Wd0ZjB1r7PJRE/iw6kr2deG9/tKPmVWiJbNETWxDSd2bIBY5sroZAJQjz56T0zCPJm14QAAAAB+eyJvcmlnaW4iOiJodHRwczovL3RlYWRzLnR2OjQ0MyIsImZlYXR1cmUiOiJQcml2YWN5U2FuZGJveEFkc0FQSXMiLCJleHBpcnkiOjE2Njk3NjYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
Connection: keep-alive
Content-Length: 132
Expires: Wed, 16 Nov 2022 17:42:32 GMT

GET
H/1.1 200
OK / Show response
www.avera.org/ 46 KB
17 KB 1299ms
1299ms XHR
text/html 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/

Requested by

Host: www.avera.org
URL: https://www.avera.org/scripts/jquery-1.11.3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

deba980af35eb44c1d88f437d0cc2e89795d481c86fa4fc3af418da64f07e1c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Date: Wed, 16 Nov 2022 17:42:33 GMT
Cache-Control: private
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Content-Length: 16648
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK arrow-up-circle.png
www.avera.org/imgs/ 1 KB
2 KB 519ms
518ms Image
image/png 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/arrow-up-circle.png

Requested by

Host: www.avera.org
URL: https://www.avera.org/css/avera.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

309046ca3d1b480cb6e22ded574cccefdc6554cf40aa4fdfaf77d1acbe9f2a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:32 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 1326
X-UA-Compatible: chrome=1

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 124 KB
40 KB 118ms
18ms Script
text/javascript 143.204.89.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-18.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dcba9eabd6a7b2bd8fe0e055111f29dd4d7d547f83761f2fd5319c6ef5694aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: nafYdifE25HIJ7E5_xPq2bg19QQXpqjq
content-encoding: gzip
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 17:09:32 GMT
last-modified: Wed, 05 Oct 2022 20:29:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 1980
etag: W/"4636ba1892918feeed6b191a409be199"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
x-amz-replication-status: COMPLETED
x-amz-cf-id: qsNwu6WRoITh9oCVmZusYNWGAT1RCmKaQtCYKIdb7eFIQb9_VOFjuw==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 84ms
51ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2450492-1&cid=605180578.1668620552&jid=1306055790&_u=aDDAAEACQAAAACAAI~&z=510520899

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 17:42:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 89ms
52ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2450492-1&cid=605180578.1668620552&jid=1306055790&_u=aDDAAEACQAAAACAAI~&z=510520899

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 17:42:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
176 B 43ms
43ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13006411&tm=gtm002&Ver=2&mid=cdd934e9-89a2-49e2-81c1-25c2c8377140&sid=0c7386f065d611eda158cbbcaaaa89d2&vid=0c73e39065d611ed87754b2cef5cea8e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Verify%20Your%20Email%20Address&p=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DjR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%252fnXLloqDM%253d&r=&lt=3444&evt=pageLoad&sv=1&rn=727980

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 16 Nov 2022 17:42:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CDF9764AEC3D49A2AC07E75B5B14CCF8 Ref B: FRAEDGE1309 Ref C: 2022-11-16T17:42:32Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK slick.js Show response
www.avera.org/scripts/ 42 KB
16 KB 134ms
134ms Script
application/javascript 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/scripts/slick.js

Requested by

Host: www.avera.org
URL: https://www.avera.org/WebResource.axd?d=omLPgGeJNC_y7GFjEXlaQLIldGYw4Oh0081evCARb1Vx57lXLky5915CjeJ3UaW_3OsKvY-dAw-Dv65cngerRr9kzoF3A21xGotcr16GwuOx7j8jCH8necdHDcHhESMzWiNRu0QOoeV8XdkNYcTbHQ2&t=637983253360000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

13db9535837b68ad951f79fc71e9344b71a600d397a1bc0032f005ac260ded16

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 16 Nov 2022 17:42:32 GMT
Content-Length: 15758
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:54:58 GMT
Server: Microsoft-IIS/8.5
ETag: "0bd738534f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H2 200 image.aspx
69057.global.siteimproveanalytics.io/ 34 B
474 B 129ms
15ms Image
image/gif 18.158.237.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://69057.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DjR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%252fnXLloqDM%253d&title=Verify%20Your%20Email%20Address&res=1600x1200&accountid=69057&rt=3463&prev=1ebdeec5-b646-aaac-9ed6-203457f023ce&luid=286ea663-3ccd-bfa5-3839-3b5e00f86364&rnd=75288
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.237.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-237-5.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 16 Nov 2022 17:42:32 GMT
cache-control: max-age=0
content-length: 34
expires: Wed, 16 Nov 2022 17:42:32 UTC

GET
H2 200 track
t.teads.tv/ 23 B
143 B 208ms
71ms Image
image/gif 2.19.100.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.8.0_65b85f3&buyer_pixel_id=4963&referer=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DXXXXXXXX&user_session_id=aec28d73-8b02-4db2-8b3e-8adc4c716ec4
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.100.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-100-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Wed, 16 Nov 2022 17:42:32 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/1842/1248633193/ 3 KB
1 KB 416ms
416ms Script
text/javascript 143.204.89.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/1842/1248633193/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-18.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1e2d5c67db7e75218040da891cefbef4b6f4d7190cbb7233b775daf24c81dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: og8LYy4F7wYsj7xWF5dblQTTolj4Jr4r
content-encoding: br
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 17:42:33 GMT
last-modified: Fri, 03 Jun 2022 20:39:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"91458637d9d9d3064f357ca4faab79db"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: max-age=300
x-amz-replication-status: COMPLETED
x-amz-cf-id: 1O8PxR7Da4pvil5Wsm0vFPL3ujuxc-xBFZ9ZOE8I02X72DDEqVW3tg==

GET
H2 200 www.avera.org.json Show response
script.crazyegg.com/pages/data-scripts/0031/0056/site/ 9 KB
2 KB 200ms
157ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0031/0056/site/www.avera.org.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a52108abc80383fbecff2009afb124bfac181cd1e2be06fc45eb863171af9d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:42:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 16 Nov 2022 17:42:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.4.40
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76b20616aa626969-FRA
content-length: 2103

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame EA4E
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyMzgyNDYyMDAxNw==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOvKjy7S7FFdrn39nxG5Zjg&google_cver=1

42 B
1006 B

103ms
30ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOvKjy7S7FFdrn39nxG5Zjg&google_cver=1
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 16 Nov 2022 17:42:32 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 16 Nov 2022 17:42:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOvKjy7S7FFdrn39nxG5Zjg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame EA4E
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5124322323824620017
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5124322323824620017

43 B
1 KB

26ms
26ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5124322323824620017

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 17:42:32 GMT
AN-X-Request-Uuid: 697a51db-e71a-48bb-ad0a-ab199e37835b
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.68; 217.64.151.68; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 17:42:32 GMT
AN-X-Request-Uuid: e0e65624-fbf0-4f13-8cdf-fbe146e63416
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5124322323824620017
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.68; 217.64.151.68; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame EA4E 0
239 B 92ms
17ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5124322323824620017&
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame EA4E
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5124322323824620017&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322323824620017&redir=

42 B
942 B

158ms
158ms

Image
image/gif

52.51.250.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322323824620017&redir=

Protocol

HTTP/1.1

Server

52.51.250.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-250-251.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-02fc48b13.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: GICsXMA1Tmg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v045-06452629d.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: P4pM6BNRS2U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322323824620017&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame EA4E
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5124322323824620017&bid=omt9pi0

0
344 B

80ms
16ms

Image
text/plain

3.127.178.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5124322323824620017&bid=omt9pi0
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: HTTP/1.1
Server: 3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 17:42:32 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5124322323824620017&bid=omt9pi0
Date: Wed, 16 Nov 2022 17:42:32 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 503 cksync.php
contextual.media.net/ Frame EA4E 0
0 4817ms
4708ms Image
text/html 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5124322323824620017
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 serving
bs.serving-sys.com/ Frame EA4E 0
105 B 102ms
16ms Image
text/plain 3.127.96.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.96.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-96-241.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:42:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame EA4E
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322323824620017&referrer=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DjR9MDZKP6aTEBzHsL0aLNmP19...
https://p.rfihub.com/cm?pub=39342&in=0&userid=640e943d-8912-4245-8c6d-77f66ca7582b%3A1668620553.7144272&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D640e943d-8912-4245-8c6d-77f66ca...
https://idsync.rlcdn.com/501709.gif?partner_uid=640e943d-8912-4245-8c6d-77f66ca7582b%3A1668620553.7144272

0
9 B

58ms
25ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=640e943d-8912-4245-8c6d-77f66ca7582b%3A1668620553.7144272
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:42:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

Location: https://idsync.rlcdn.com/501709.gif?partner_uid=640e943d-8912-4245-8c6d-77f66ca7582b%3A1668620553.7144272
Date: Wed, 16 Nov 2022 17:42:33 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame EA4E 43 B
109 B 437ms
135ms Image
image/gif 34.232.208.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5124322323824620017
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.208.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-208-82.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:42:33 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EA4E
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322323824620017&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322323824620017&forward=&C=1

43 B
766 B

20ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322323824620017&forward=&C=1
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 17:42:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 17:42:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=57&external_user_id=5124322323824620017&forward=&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame EA4E 0
98 B 76ms
26ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5124322323824620017
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:42:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame EA4E 43 B
191 B 827ms
187ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5124322323824620017

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Wed, 16 Nov 2022 17:42:33 GMT
pragma: no-cache
date: Wed, 16 Nov 2022 17:42:33 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame EA4E
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322323824620017&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322323824620017&img=1&__user_check__=1&sync_id=0d1efc73-65d6-11ed-8b7a-1a377c5d0506

43 B
549 B

268ms
268ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322323824620017&img=1&__user_check__=1&sync_id=0d1efc73-65d6-11ed-8b7a-1a377c5d0506
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 17:42:33 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 138
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 16 Nov 2022 17:42:33 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7180&uid=5124322323824620017&img=1&__user_check__=1&sync_id=0d1efc73-65d6-11ed-8b7a-1a377c5d0506
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 65
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame EA4E 43 B
183 B 739ms
108ms Image
image/gif 2600:1f18:612b:4232:9a5c:3bc3:f2af:d7e9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5124322323824620017&r=Qn0V8RBkUg8s
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:9a5c:3bc3:f2af:d7e9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 16 Nov 2022 17:42:33 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame EA4E 43 B
377 B 196ms
38ms Image
image/gif 3.248.145.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5124322323824620017
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.145.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-145-65.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 17:42:33 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame EA4E 0
339 B 148ms
39ms Image
text/plain 52.49.35.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5124322323824620017
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.35.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-35-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: beacon-n021-dub-prod.krxd.net
date: Wed, 16 Nov 2022 17:42:33 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1668620553
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame EA4E
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322323824620017&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322323824620017&expires=30

43 B
346 B

18ms
18ms

Image
image/gif

35.157.180.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322323824620017&expires=30
Protocol: H2
Server: 35.157.180.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-180-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:42:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322323824620017&expires=30
date: Wed, 16 Nov 2022 17:42:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame EA4E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y3UhCQAAAC6__AA7
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y3UhCQAAAC6__AA7&_test=Y3UhCQAAAC6__AA7

42 B
1 KB

26ms
26ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=Y3UhCQAAAC6__AA7&_test=Y3UhCQAAAC6__AA7
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 16 Nov 2022 17:42:33 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-hhn4066-HHN
pragma: no-cache
date: Wed, 16 Nov 2022 17:42:33 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1668620554.657429,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=Y3UhCQAAAC6__AA7&_test=Y3UhCQAAAC6__AA7
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 dcc9a1fbfa71e970c45301eb49f6db43.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 88 KB
29 KB 33ms
32ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/dcc9a1fbfa71e970c45301eb49f6db43.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86101207df129391876782752e5f1bbe09da6b1468fb91f12901fedf4f0885a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:42:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 04 Nov 2022 10:37:18 GMT
server: cloudflare
age: 80062
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76b20617ae859b3d-FRA
content-length: 29947

GET
H2 200 www.avera.org.json Show response
script.crazyegg.com/pages/data-scripts/0031/0056/sampling/ 155 B
255 B 162ms
160ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0031/0056/sampling/www.avera.org.json?t=463505
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/dcc9a1fbfa71e970c45301eb49f6db43.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c66329ae32ecd734cdfe67c970a1c247bb3bd1f0d1b9eb01361550f08639b32a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 17:42:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 16 Nov 2022 17:42:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.4.40
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76b206184d6c6969-FRA
content-length: 145

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 630ms
118ms Script
application/javascript 18.208.125.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-125-13.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: 3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 17:42:33 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Tue, 15 Nov 2022 20:37:25 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1946
expires: Fri, 15 Nov 2024 17:42:33 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
461 B 299ms
15ms XHR
application/json 13.32.27.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/dcc9a1fbfa71e970c45301eb49f6db43.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 16:18:54 GMT
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 4065820
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: AhnvZTihk1UtWhnEr083IArbAyrMiM2sLifMf_-Jf_OTJKpEUBTW4w==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
460 B 87ms
16ms XHR
application/json 99.86.4.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/dcc9a1fbfa71e970c45301eb49f6db43.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-31.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 11:33:15 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 7452558
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: WOEkDj12Ztbvp4pTEUvQOaRcj6lub1_n5P1FcjTEtvZtJuEzGZsszg==

GET
BLOB 200
OK 49d58b6c-ef0e-4751-aaa3-dcc2fad4e3ee
https://www.avera.org/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.avera.org/49d58b6c-ef0e-4751-aaa3-dcc2fad4e3ee
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 72 B
510 B 155ms
154ms Script
text/html 18.208.125.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=12820&account_id=564662&title=Verify%20Your%20Email%20Address&url=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DjR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%252fnXLloqDM%253d&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-125-13.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 17:42:33 GMT
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
Server: PardotServer
vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
cache-control: max-age=63072000
Connection: keep-alive
Content-Length: 89
expires: Fri, 15 Nov 2024 17:42:33 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ 27 B
134 B 161ms
60ms XHR
text/plain 52.50.139.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1668620553853
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/dcc9a1fbfa71e970c45301eb49f6db43.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.139.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-139-125.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: f53d307cc1342c298adafa5438368154c5510df3d46bf92c96c8efd42fc15da6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Nov 2022 17:42:33 GMT
cache-control: no-store
server: awselb/2.0
content-length: 27
content-type: text/plain

GET
H/1.1 200
OK avera-logo.png
www.avera.org/imgs/ 8 KB
8 KB 132ms
131ms Image
image/png 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/avera-logo.png

Requested by

Host: www.avera.org
URL: https://www.avera.org/scripts/jquery-1.11.3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

eb22874fc8e8d2e5494f421e1b336fd90a6b026cfc539a33b3acfaee33ea2f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:33 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 7774
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK avera-logo-rev-white.png
www.avera.org/imgs/ 6 KB
7 KB 147ms
143ms Image
image/png 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/avera-logo-rev-white.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

3b37fea8c665a9de30e8ef27f1fa30d8da8d992f70c499f31847802df520e9c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:33 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 6225
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK avera-chart.png
www.avera.org/imgs/ 6 KB
7 KB 145ms
141ms Image
image/png 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/avera-chart.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

74eb310e1ac770c9f6b97f2b6f88bbe9cd80297cce8f2c01d9dd3975c7fd4297

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:33 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 6373
X-UA-Compatible: chrome=1

GET
H/1.1

200
OK

Homepage-.jpg
www.avera.org/app/files/public/13ac65ca-609f-4fc6-975d-462eb35c1467/
Redirect Chain

https://www.avera.org/app/files/public/72701/Homepage-.jpg
https://www.avera.org/app/files/public/13ac65ca-609f-4fc6-975d-462eb35c1467/Homepage-.jpg

7 KB
0

184ms
184ms

Image
image/jpeg

157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/app/files/public/13ac65ca-609f-4fc6-975d-462eb35c1467/Homepage-.jpg

Protocol

HTTP/1.1

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:38 GMT
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
content-disposition: inline;filename="Homepage-.jpg"
Content-Length: 121740
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 05 Jan 2022 16:07:00 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Wed, 16 Nov 2022 17:47:38 GMT

Redirect headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:38 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Location: /app/files/public/13ac65ca-609f-4fc6-975d-462eb35c1467/Homepage-.jpg
Cache-Control: private
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Content-Length: 185
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK covid-icon.svg
www.avera.org/imgs/icons/ 9 KB
9 KB 149ms
146ms Image
image/svg+xml 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/icons/covid-icon.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

0091a4ca0b923608c0e866806e00f10a339034cfc2a86fe1af294db5ad53e044

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:33 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:52 GMT
Server: Microsoft-IIS/8.5
ETag: "0f01c5e34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 8848
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK billpay-icon.svg
www.avera.org/imgs/icons/ 5 KB
5 KB 150ms
146ms Image
image/svg+xml 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/icons/billpay-icon.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

5273692f8e093c761495bb61c46b5b3ee8188560cf8e30c9c1e02b403b2dfbbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:33 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:52 GMT
Server: Microsoft-IIS/8.5
ETag: "0f01c5e34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 4772
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK records-icon.svg
www.avera.org/imgs/icons/ 1 KB
2 KB 138ms
138ms Image
image/svg+xml 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/icons/records-icon.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

e5c86574ce0ab3ef7d02190f46d525dbeb1d98ca33d37282a896204db4de83a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:33 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:52 GMT
Server: Microsoft-IIS/8.5
ETag: "0f01c5e34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 1525
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK greeting-icon.svg
www.avera.org/imgs/icons/ 2 KB
3 KB 142ms
142ms Image
image/svg+xml 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/icons/greeting-icon.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

920405a351a356ef3083c5a7dd6cb2cae6378f2b4eecf4f49cd987a5b825a94d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:33 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:52 GMT
Server: Microsoft-IIS/8.5
ETag: "0f01c5e34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 2163
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK prayer-icon.svg
www.avera.org/imgs/icons/ 2 KB
3 KB 146ms
145ms Image
image/svg+xml 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/icons/prayer-icon.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a9247adb2c6e62a9d745f5184f0257a050a7ec3862a17c554724b16f9bdfa7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:33 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:52 GMT
Server: Microsoft-IIS/8.5
ETag: "0f01c5e34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 2418
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK donate-icon.svg
www.avera.org/imgs/icons/ 2 KB
3 KB 141ms
140ms Image
image/svg+xml 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/icons/donate-icon.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

1037f44703c0090726e42a788908a7c95e62fb53c85660f9820cb685ec8d4fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:33 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:52 GMT
Server: Microsoft-IIS/8.5
ETag: "0f01c5e34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 2215
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK employment-icon.svg
www.avera.org/imgs/icons/ 4 KB
5 KB 147ms
147ms Image
image/svg+xml 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/icons/employment-icon.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

15e233606ccd7278e5268598b02b25f48052cc15c7c2789d3fa0c7ab09d55f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:33 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:52 GMT
Server: Microsoft-IIS/8.5
ETag: "0f01c5e34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 4050
X-UA-Compatible: chrome=1

GET
H/1.1 404
Not Found illustration-of-woman-with-imposter-syndrome.jpg
www.avera.org/app/security/app/files/public/ 7 KB
7 KB 706ms
705ms Image
text/html 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/app/security/app/files/public/illustration-of-woman-with-imposter-syndrome.jpg?size=small

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ebef974fe002b07992f128dc13114a797837c6009e93631eba1c44fc39bbb7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:34 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Cache-Control: private
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
X-Robots-Tag: noindex
Content-Length: 14777
X-UA-Compatible: chrome=1

GET
H/1.1 404
Not Found hand-holding-vape-smoke-in-background.jpg
www.avera.org/app/security/app/files/public/ 3 KB
3 KB 611ms
611ms Image
text/html 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/app/security/app/files/public/hand-holding-vape-smoke-in-background.jpg?size=small

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

b1763f9b2335e654fd8e6447591dcb4a68664d66c4cc781ca3feca4640064c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:34 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Cache-Control: private
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
X-Robots-Tag: noindex
Content-Length: 14770
X-UA-Compatible: chrome=1

GET
H/1.1 404
Not Found broken-cigarette-on-wood.jpg
www.avera.org/app/security/app/files/public/ 7 KB
7 KB 710ms
710ms Image
text/html 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/app/security/app/files/public/broken-cigarette-on-wood.jpg?size=small

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ebef974fe002b07992f128dc13114a797837c6009e93631eba1c44fc39bbb7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:34 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Cache-Control: private
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
X-Robots-Tag: noindex
Content-Length: 14757
X-UA-Compatible: chrome=1

GET
H/1.1

200
OK

ask-the-question-suicide-prevention-home-page-panel-image.jpg
www.avera.org/app/files/public/186b461d-aada-4414-89a1-707f44edea47/
Redirect Chain

https://www.avera.org/app/files/public/83541/ask-the-question-suicide-prevention-home-page-panel-image.jpg
https://www.avera.org/app/files/public/186b461d-aada-4414-89a1-707f44edea47/ask-the-question-suicide-prevention-home-page-panel-image.jpg

34 KB
35 KB

170ms
169ms

Image
image/jpeg

157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/app/files/public/186b461d-aada-4414-89a1-707f44edea47/ask-the-question-suicide-prevention-home-page-panel-image.jpg

Protocol

HTTP/1.1

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

743e4b3266284e5b6bc77b8f2518aaed4ac9f990e4dc02ec267a5804fbb378d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:34 GMT
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
content-disposition: inline;filename="ask-the-question-suicide-prevention-home-page-panel-image.jpg"
Content-Length: 35109
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 11 Oct 2022 19:03:00 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Wed, 16 Nov 2022 17:47:34 GMT

Redirect headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:33 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Location: /app/files/public/186b461d-aada-4414-89a1-707f44edea47/ask-the-question-suicide-prevention-home-page-panel-image.jpg
Cache-Control: private
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Content-Length: 233
X-UA-Compatible: chrome=1

GET
H/1.1

200
OK

movinghealthforward_tagline_72.png
www.avera.org/app/files/public/96c0f818-a17d-40a3-928c-2f93137b97d5/
Redirect Chain

https://www.avera.org/app/files/public/82030/movinghealthforward_tagline_72.png
https://www.avera.org/app/files/public/96c0f818-a17d-40a3-928c-2f93137b97d5/movinghealthforward_tagline_72.png

2 KB
3 KB

183ms
173ms

Image
image/png

157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/app/files/public/96c0f818-a17d-40a3-928c-2f93137b97d5/movinghealthforward_tagline_72.png

Protocol

HTTP/1.1

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

703ce5aaa72d165502076c8e999dab1c78183e4e7f17ecd67d09a3e83e95bc8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:34 GMT
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
content-disposition: inline;filename="movinghealthforward_tagline_72.png"
Content-Length: 2147
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sun, 09 Jan 2022 16:59:00 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Wed, 16 Nov 2022 17:47:34 GMT

Redirect headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:33 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Location: /app/files/public/96c0f818-a17d-40a3-928c-2f93137b97d5/movinghealthforward_tagline_72.png
Cache-Control: private
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Content-Length: 206
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK facebook-gray.png
www.avera.org/imgs/ahp/ 797 B
2 KB 136ms
136ms Image
image/png 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/ahp/facebook-gray.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

e08a3844d3464092e8466c67bb3da89969df7706325b881ed3c6d1bf7a29e7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:34 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:50 GMT
Server: Microsoft-IIS/8.5
ETag: "0c3eb5c34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 797
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK twitter-gray.png
www.avera.org/imgs/ahp/ 2 KB
3 KB 133ms
133ms Image
image/png 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/ahp/twitter-gray.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a4a7cb4442f2edc08428b62c3092862c7cab9f712f7e054669691d013a8daed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:34 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:50 GMT
Server: Microsoft-IIS/8.5
ETag: "0c3eb5c34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 2116
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK youtube-gray.png
www.avera.org/imgs/ahp/ 2 KB
2 KB 170ms
169ms Image
image/png 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/ahp/youtube-gray.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

906d7656e5f6956255982fc7595b36c8919d00798c9ea49b8de207a041453df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:34 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:50 GMT
Server: Microsoft-IIS/8.5
ETag: "0c3eb5c34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 1569
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK pinterest-gray.png
www.avera.org/imgs/ahp/ 2 KB
3 KB 144ms
137ms Image
image/png 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/ahp/pinterest-gray.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

2648b41158b86120326e2bf0759966f426956c2d068d8f52ae75c7ca977820dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:34 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:50 GMT
Server: Microsoft-IIS/8.5
ETag: "0c3eb5c34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 2338
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK linkedin-gray.png
www.avera.org/imgs/ahp/ 1 KB
2 KB 206ms
137ms Image
image/png 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/ahp/linkedin-gray.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

2f52b9b171b491ff4c5a5d9c5bc7c668d025b4989951aa37afebbe4ebe61c8ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:34 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:50 GMT
Server: Microsoft-IIS/8.5
ETag: "0c3eb5c34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 1265
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK avera-logo-reversed.png
www.avera.org/imgs/ 5 KB
6 KB 207ms
133ms Image
image/png 157.55.86.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/avera-logo-reversed.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.55.86.227 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

05abebf463c3a259ccb353c6142886a9d711878bc197d2ca9b0607679817b4db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=jR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%2fnXLloqDM%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 16 Nov 2022 17:42:34 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 5571
X-UA-Compatible: chrome=1

GET
BLOB 200
OK d45dc3a8-b8c8-4fe9-84ed-0f179bf407f0
https://www.avera.org/ 241 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.avera.org/d45dc3a8-b8c8-4fe9-84ed-0f179bf407f0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc90387670569785f363e87168c1a55b7277bcca52a0633e229881ff1a3d7070

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 241
Content-Type: text/javascript

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 60ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6KMB13EQJ9&gtm=2oeb90&_p=473340646&cid=605180578.1668620552&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1668620552&sct=1&seg=0&dl=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DjR9MDZKP6aTEBzHsL0aLNmP19CNhEjLVMC%252fnXLloqDM%253d&dt=Verify%20Your%20Email%20Address&en=scroll&epn.percent_scrolled=90&_et=9
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6KMB13EQJ9&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 17:42:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avera.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

305 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.avera.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: o1toxqqo0n2kzmb2kyxzqszz
www.avera.org/	1970-01-20 16:15:56	Name: mobileview Value: web
www.avera.org/	1969-12-31 23:59:59	Name: LB_SessionId Value: 141453066.1.2684507760.2793081856
www.avera.org/	1970-01-20 16:15:56	Name: cookiesession1 Value: 678A3E5E9890123EFGHJKLMNOPQR18E4
.avera.org/	1970-01-20 09:39:56	Name: _gcl_au Value: 1.1.2038387605.1668620552
.avera.org/	1970-01-20 17:06:20	Name: _ga_6KMB13EQJ9 Value: GS1.1.1668620552.1.0.1668620552.0.0.0
.avera.org/	1970-01-20 17:06:20	Name: _ga Value: GA1.2.605180578.1668620552
.avera.org/	1970-01-20 07:31:46	Name: _gid Value: GA1.2.914311550.1668620552
.bing.com/	1970-01-20 16:51:56	Name: MUID Value: 206877B6104E6D040E9B65E8119C6CED
.avera.org/	1970-01-20 07:30:20	Name: _gat_UA-2450492-1 Value: 1
30531.tctm.co/	1969-12-31 23:59:59	Name: ct30531 Value: 6375210800007743e0011c7c
.avera.org/	1970-01-20 08:13:32	Name: __ctmid Value: 6375210800007743e0011c7c
www.avera.org/	1970-01-20 08:13:32	Name: __ctmid Value: 6375210800007743e0011c7c
.avera.org/	1970-01-20 07:31:46	Name: _uetsid Value: 0c7386f065d611eda158cbbcaaaa89d2
.avera.org/	1970-01-20 16:51:56	Name: _uetvid Value: 0c73e39065d611ed87754b2cef5cea8e
.avera.org/	1970-01-20 17:06:20	Name: nmstat Value: 1ebdeec5-b646-aaac-9ed6-203457f023ce
.avera.org/	1970-01-20 07:30:22	Name: tfpsi Value: aec28d73-8b02-4db2-8b3e-8adc4c716ec4
69057.global.siteimproveanalytics.io/	1970-01-20 07:40:25	Name: AWSALBCORS Value: nw92fUw+r6Rc+dtMa8SXacG1P2lEaaLqlI37SFKKYdHROayqAPHg1/Y/0glwel+rYuCVktpYGiPVoveLmHkEgJreYfonncpFrt9BcwYfN2vtIRIEsXz9IPQ3BBZ1
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MrYwMjEzMjAwNBfiM9TNCXMzDAzJ8fKuTIkAAFRiTgUlAAAA
.rfihub.com/	1970-01-20 16:51:56	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MrYwMjEzMjAwNBfiM9TNCXMzDAzJ8fKuTIkAAFRiTgUlAAAA
.adnxs.com/	1970-01-20 09:39:56	Name: uuid2 Value: 6656235937597551322
.doubleclick.net/	1970-01-20 16:51:56	Name: IDE Value: AHWqTUkB38OxRq5ASiA1GM1gf8TgpeFWMuw1ivv1Is32S4FWM4sPtdW0WR3AyfkVFzU
.casalemedia.com/	1970-01-20 16:15:56	Name: CMID Value: Y3UhCNsecBe8VYOehtMHpwAA
.casalemedia.com/	1970-01-20 09:39:56	Name: CMPS Value: 3320
.casalemedia.com/	1970-01-20 09:39:56	Name: CMPRO Value: 3320
.adnxs.com/	1970-01-20 09:39:56	Name: anj Value: dTM7k!M4/YErk#WF']wIg2C%1Eea*Z!@wnfH8KAM.xpH^Gmi[tDZkVhGm1CoE:F1bCxr^$hzN=qGh5XW!2>h9/+0J2!?fmOC5xx-
.eyeota.net/	1970-01-20 07:30:21	Name: SERVERID Value: 22170~DM
.avera.org/	1970-01-20 17:06:20	Name: invoca_session Value: %7B%22ttl%22%3A%222022-12-16T17%3A42%3A33.019Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D
.bidswitch.net/	1970-01-20 16:15:56	Name: tuuid Value: 768cd8be-fa43-4669-94c4-82c019e54d67
.bidswitch.net/	1970-01-20 16:15:56	Name: c Value: 1668620553
.bidswitch.net/	1970-01-20 16:15:56	Name: tuuid_lu Value: 1668620553
.krxd.net/	1970-01-20 11:49:32	Name: _kuid_ Value: PM-JDkhD
.avera.org/	1969-12-31 23:59:59	Name: cebs Value: 1
.spotxchange.com/	1970-01-20 08:10:39	Name: audience Value: 0d1efc29-65d6-11ed-8b7a-1a377c5d0506
.everesttech.net/	1970-01-20 16:15:56	Name: everest_g_v2 Value: g_surferid~Y3UhCQAAAC6__AA7
.demdex.net/	1970-01-20 11:49:32	Name: demdex Value: 03077048781530901913729155362871217984
.rezync.com/	1970-01-20 11:49:03	Name: zync-uuid Value: 640e943d-8912-4245-8c6d-77f66ca7582b:1668620553.7144272
live.rezync.com/	1970-01-20 11:49:32	Name: sd-session-id Value: .eJwNy0EOwiAQQNG7zLoYGIYZymWaCmNCtGhK3dj07rL8yfsnLB_dt7VpOyAd-1cnyK86qkM6odffpk9IEBySR_ToIxKjtU7gmqBr7_XdllqGYbI6ky8mzg4NIQUTMxcj8mDOq4SI9-SY4_hD8DdxRCgI1x-KESTY.Y3UhCQ.i5jqxYrEzSPSwwOJmQfAozi4A1M
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129S_zzqo0DzZ3c0spyjO2zKtwN43KSl_FKBBpHJrhHOjo6OhsFh_v6GjexGJuZmKQamlinKJrYWlopGtiZGKqa5FslqJrbp5mZpacaG5qYZRkZWhmZmFmZGBqaqxnbmhiYmRuBAC60gk7awAAAA
.rfihub.com/	1970-01-20 16:51:56	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129S_zzqo0DzZ3c0spyjO2zKtwN43KSg_iNTQzszAzMjA1NbI0s5jFiMQ3N7VYhcY_hcZ_hcb_hcafxITKn4XGX4TGX4XG34TG34WungWVfwuNv4hVINI4NMM50NHR0dksPt7R0XwVK0KJsZm5-SZWNCu40byExp8kbG5mYpBqaWKcomthaWika2JkYqprkWyWomtunmZmlpwIVGSUZIWwRM_c0MTEyNxoljCSzRZmhouEUU1-hMYHALKes0G6AQAA
.dpm.demdex.net/	1970-01-20 11:49:32	Name: dpm Value: 03077048781530901913729155362871217984
.avera.org/	1969-12-31 23:59:59	Name: cebsp Value: 1
.avera.org/	1970-01-20 16:15:56	Name: _ce.s Value: v~f08b820f692066629af88fe5579369977c1296f6~vpv~0~v11.rlc~1668620554019

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5124322323824620017 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=640e943d-8912-4245-8c6d-77f66ca7582b%3A1668620553.7144272 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://www.avera.org/app/security/app/files/public/hand-holding-vape-smoke-in-background.jpg?size=small Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.avera.org/app/security/app/files/public/illustration-of-woman-with-imposter-syndrome.jpg?size=small Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.avera.org/app/security/app/files/public/broken-cigarette-on-wood.jpg?size=small Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5124322323824620017 Message: Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20770730p.rfihub.com
30531.tctm.co
69057.global.siteimproveanalytics.io
a.rfihub.com
aa.agkn.com
assets-tracking.crazyegg.com
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cm.g.doubleclick.net
cm.teads.tv
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
live.rezync.com
p.rfihub.com
p.teads.tv
pagestates-tracking.crazyegg.com
partners.tremorhub.com
pi.pardot.com
pixel.rubiconproject.com
ps.eyeota.net
region1.google-analytics.com
script.crazyegg.com
siteimproveanalytics.com
solutions.invocacdn.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
t.teads.tv
tracking.crazyegg.com
www.avera.org
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
104.75.89.75
13.32.27.24
13.32.27.83
142.250.186.162
143.204.89.18
151.101.66.49
157.55.86.227
18.158.237.5
18.208.125.13
185.80.39.216
185.89.211.12
185.94.180.125
193.0.160.128
2.19.100.4
2001:4860:4802:32::36
23.35.228.23
2600:1f18:612b:4232:9a5c:3bc3:f2af:d7e9
2600:9000:223c:4800:1:76cf:fe80:93a1
2600:9000:237d:f000:12:de4a:40:93a1
2606:4700::6813:9408
2606:4700:e2::ac40:8f22
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:806::2003
2a00:1450:4001:811::2004
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2008
2a00:1450:400c:c0c::9a
3.127.178.105
3.127.96.241
3.248.145.65
34.232.208.82
35.157.180.193
35.244.174.68
52.49.35.210
52.50.139.125
52.51.250.251
69.173.144.139
69.192.160.219
99.86.4.31
0091a4ca0b923608c0e866806e00f10a339034cfc2a86fe1af294db5ad53e044
05abebf463c3a259ccb353c6142886a9d711878bc197d2ca9b0607679817b4db
05b777f92a6b004deaa5d081f1d44f3a90f50410d7882ca76d475936d9a17e19
0a52108abc80383fbecff2009afb124bfac181cd1e2be06fc45eb863171af9d2
0aade28df809068b9b4da9877621fe3ecc0fa3234161f23552c61dc884c12954
1037f44703c0090726e42a788908a7c95e62fb53c85660f9820cb685ec8d4fef
13db9535837b68ad951f79fc71e9344b71a600d397a1bc0032f005ac260ded16
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
15e233606ccd7278e5268598b02b25f48052cc15c7c2789d3fa0c7ab09d55f78
1ae078b1bf54d0226299745f50111ade6f39a46b6166d39a026f7d9860587f71
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
20d613fe1d282bdc294ab0ab4fc5931e746d9e3f464f630be7ad97fe02a0f9f2
2648b41158b86120326e2bf0759966f426956c2d068d8f52ae75c7ca977820dc
2905682e46919579a8de7f01fcc31e85992fc933ade0cd73a8c3b5b689d365e0
2f52b9b171b491ff4c5a5d9c5bc7c668d025b4989951aa37afebbe4ebe61c8ad
309046ca3d1b480cb6e22ded574cccefdc6554cf40aa4fdfaf77d1acbe9f2a13
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
359277ca3321cae12dcb73545a3abb94ec64e0e595f99557e64e437fcd711023
37dddab995ec8c715249818a1883df536fe47693ece7f7af46a9cafb3c276199
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3b37fea8c665a9de30e8ef27f1fa30d8da8d992f70c499f31847802df520e9c1
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
40dcb619490d3995b3b00c44cbc7a23cc431910971734c2ed725ecc504545eb6
411d6092d1c4c1448905b119e2f2504fa02dae98ab253f79e2699e4ecec95d77
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5273692f8e093c761495bb61c46b5b3ee8188560cf8e30c9c1e02b403b2dfbbe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59e09d0093da63c9aa75b13efaa4451aeebd3534fa9cb31d1e81dba674711ef8
5bd1509337ed0340671fe3a20fd38f2bb22718239f709014cdf99f251bd7808c
64d6669a5e1fb2b01be947d4a5f7f0ddfa85ee174483248acf473edbc193fc04
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
67f31bf65c22382c6fad74dd5d556deaf4e108f270ac95f87d89df69c8ed1a12
6882d51943dfbefd6a3ef4b957c7a4bc06976e071b00d497dedebb75cbc6bc55
6ee1a78db9127677fc0e343c8b2ae01bcb616b3ef194dd207ae6fe00e002414c
703ce5aaa72d165502076c8e999dab1c78183e4e7f17ecd67d09a3e83e95bc8c
70b5b48b9621e7af2d0783f2aa0e7a26734476499e6756710794583d864c95b2
743e4b3266284e5b6bc77b8f2518aaed4ac9f990e4dc02ec267a5804fbb378d6
74eb310e1ac770c9f6b97f2b6f88bbe9cd80297cce8f2c01d9dd3975c7fd4297
7ba71e08963e995d99860fb0060b684da813c58eb2b14ea76840d39da3ce66d9
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
822204d7b5e456b3004a8bfcc237a11291dd0368b70c7d1031c3185fa9f552be
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86101207df129391876782752e5f1bbe09da6b1468fb91f12901fedf4f0885a6
8cfe2e294039a57a4ce4ba685af0b6f49b630c5108c44a65b2178b4906f1a1fa
906d7656e5f6956255982fc7595b36c8919d00798c9ea49b8de207a041453df9
920405a351a356ef3083c5a7dd6cb2cae6378f2b4eecf4f49cd987a5b825a94d
972cc181c11ea10492a1cdbdc45d375b47791bd682e31f4fa783a969050075fc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1e2d5c67db7e75218040da891cefbef4b6f4d7190cbb7233b775daf24c81dd4
a4a7cb4442f2edc08428b62c3092862c7cab9f712f7e054669691d013a8daed3
a9247adb2c6e62a9d745f5184f0257a050a7ec3862a17c554724b16f9bdfa7e3
abe2cac72ed872f31e123a48df71a53174cc36dbefc4164e526e456d1482f159
b0e90e848170144310bc41087314c1505d23ed447a1002039c2db35563e082fd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1763f9b2335e654fd8e6447591dcb4a68664d66c4cc781ca3feca4640064c68
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6903d519be5345a82db42d44ff8f2b9b93b5ab1a2973008c2443abe037d50eb
b7325ac83bd101ce91be8abfbd07b130e5f37a3485d85c72d80c149b31ae2798
bc90387670569785f363e87168c1a55b7277bcca52a0633e229881ff1a3d7070
bee4a2562df3f900ba0f984a137904280896d72d5df1fb9b2d3c68b5277e2719
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c66329ae32ecd734cdfe67c970a1c247bb3bd1f0d1b9eb01361550f08639b32a
cb484ee3c856bd665d018257ca0468899286a10fee23b10a07fe85d2ed0961cc
cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204
ce2967a02b012efe560e49eff4241f81955a3d8f9ca4e75102238e14f3e12c46
d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1
dcba9eabd6a7b2bd8fe0e055111f29dd4d7d547f83761f2fd5319c6ef5694aaf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deba980af35eb44c1d88f437d0cc2e89795d481c86fa4fc3af418da64f07e1c9
e08a3844d3464092e8466c67bb3da89969df7706325b881ed3c6d1bf7a29e7a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c86574ce0ab3ef7d02190f46d525dbeb1d98ca33d37282a896204db4de83a1
e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090
e9999352d323b1c9d8d95aa9f0cf45dbea612757a41594d9b383d2f996467b7a
eb22874fc8e8d2e5494f421e1b336fd90a6b026cfc539a33b3acfaee33ea2f48
ebef974fe002b07992f128dc13114a797837c6009e93631eba1c44fc39bbb7cc
ed88f9f4ddc6d33339fb4d88e0495ef8d039a1330ac634a8a88d61e0d396606d
ee72aea709bfd36b9e2d858574e054ac44bb68f469cb539974f413a4f6d8f2db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f01b74473980387f484da3f2b2325ea530d0c39f702ecda52d91b7df4fd218ef
f08006fbc97f17f1cd26a30fc3e046622207953b7e8d4182c51d81e252e34747
f53d307cc1342c298adafa5438368154c5510df3d46bf92c96c8efd42fc15da6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

www.avera.org Open in urlscan Pro 157.55.86.227 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

112 Requests

88 %HTTPS

37 %IPv6

36 Domains

46 Subdomains

41 IPs

6 Countries

986 kBTransfer

2527 kBSize

43 Cookies

1 Outgoing links

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.avera.org Open in urlscan Pro
157.55.86.227 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

88 %
HTTPS

37 %
IPv6

36
Domains

46
Subdomains

41
IPs

6
Countries

986 kB
Transfer

2527 kB
Size

43
Cookies

112 HTTP transactions
0 data transactions