www.necformulahelp.com Open in urlscan Pro
2606:4700:3037::ac43:bb91 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://7vdtigtzdy.tophaceousrelighting.org/tzoia-NRpzoUqPYjihxHOkE9dJ/8564819214927977926989758899uwiicpyy1kz8z/ullhazcr-79997nn9999999hsbm...
Effective URL:
https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
Submission: On July 30 via api (July 30th 2022, 4:48:57 pm UTC) from BE — Scanned from CA

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 17 domains to perform 50 HTTP transactions. The main IP is 2606:4700:3037::ac43:bb91, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.necformulahelp.com.
TLS certificate: Issued by E1 on July 23rd 2022. Valid for: 3 months.

This is the only time www.necformulahelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.84.81.45 216.84.81.45	3549 (LVLT-3549) (LVLT-3549)
1	173.44.49.139 173.44.49.139	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
1 1	54.201.239.115 54.201.239.115	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3037::ac43:bb91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.230.163.115 54.230.163.115	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	138.197.100.36 138.197.100.36	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2600:9000:210... 2600:9000:210b:ee00:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
1 6	52.71.132.63 52.71.132.63	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:21d... 2600:9000:21dd:0:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
11	13.226.36.109 13.226.36.109	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
1	18.211.25.140 18.211.25.140	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::6816:27b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	54.161.75.10 54.161.75.10	14618 (AMAZON-AES) (AMAZON-AES)
1	54.192.100.158 54.192.100.158	16509 (AMAZON-02) (AMAZON-02)
1	23.23.142.3 23.23.142.3	14618 (AMAZON-AES) (AMAZON-AES)
50	19

1 216.84.81.45 (Milton, Canada) 1 redirects

ASN3549 (LVLT-3549, US)
PTR: ns1.wizkidhosting.com

7vdtigtzdy.tophaceousrelighting.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.44.49.139 (Miami, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 173.44.49.139.static.quadranet.com

www.colipedat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.201.239.115 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-239-115.us-west-2.compute.amazonaws.com

tortexperts.leadspediatrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:bb91 (United States)

ASN13335 (CLOUDFLARENET, US)

www.necformulahelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.163.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-115.ewr53.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.197.100.36 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

devops.tortexperts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:210b:ee00:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.71.132.63 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-132-63.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21dd:0:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.226.36.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-36-109.ewr53.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.25.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-25-140.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:824::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.161.75.10 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-75-10.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.100.158 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-100-158.ewr53.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.142.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-142-3.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net d2m2wsoho8qq12.cloudfront.net	124 KB
8	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 19210 cdn.trustedform.com — Cisco Umbrella Rank: 21073	41 KB
5	leadid.com create.leadid.com — Cisco Umbrella Rank: 12130	3 KB
5	gstatic.com fonts.gstatic.com	45 KB
3	tortexperts.com devops.tortexperts.com — Cisco Umbrella Rank: 650721	6 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	55 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	499 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	111 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 16990	36 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 2378	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 19423	39 KB
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 24414	245 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	1 KB
1	necformulahelp.com www.necformulahelp.com	11 KB
1	leadspediatrack.com 1 redirects tortexperts.leadspediatrack.com — Cisco Umbrella Rank: 700972	317 B
1	colipedat.com www.colipedat.com — Cisco Umbrella Rank: 928609	454 B
1	tophaceousrelighting.org 1 redirects 7vdtigtzdy.tophaceousrelighting.org	389 B
50	17

	Domain	Requested by
11	d9hhrg4mnvzow.cloudfront.net	www.necformulahelp.com cdn.trustedform.com
6	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
5	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
5	fonts.gstatic.com	fonts.googleapis.com
3	devops.tortexperts.com	www.necformulahelp.com cdnjs.cloudflare.com devops.tortexperts.com
3	cdnjs.cloudflare.com	www.necformulahelp.com
2	www.facebook.com	www.necformulahelp.com
2	connect.facebook.net	www.necformulahelp.com connect.facebook.net
2	cdn.trustedform.com	www.necformulahelp.com api.trustedform.com
2	d34qb8suadcc4g.cloudfront.net	www.necformulahelp.com d34qb8suadcc4g.cloudfront.net
2	builder-assets.unbounce.com	www.necformulahelp.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	devops.tortexperts.com
1	events.ub-analytics.com	www.necformulahelp.com
1	fonts.googleapis.com	builder-assets.unbounce.com
1	www.necformulahelp.com	www.colipedat.com
1	tortexperts.leadspediatrack.com	1 redirects
1	www.colipedat.com
1	7vdtigtzdy.tophaceousrelighting.org	1 redirects
50	20

This site contains no links.

Subject Issuer	Validity	Valid
www.colipedat.com R3	`2022-05-16` - `2022-08-14`	3 months	crt.sh
*.necformulahelp.com E1	`2022-07-23` - `2022-10-21`	3 months	crt.sh
*.unbounce.com Amazon	`2022-02-08` - `2023-03-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
devops.tortexperts.com R3	`2022-07-30` - `2022-10-28`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-09` - `2022-08-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.ub-analytics.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2022-03-30` - `2023-03-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
create.leadid.com Amazon	`2021-10-22` - `2022-11-19`	a year	crt.sh
*.trustedform.com Amazon	`2021-10-12` - `2022-11-09`	a year	crt.sh
cdn.trustedform.com Amazon	`2022-04-14` - `2023-05-13`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2022-01-07` - `2023-02-05`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
Frame ID: 4AECFF01A0DF7B0F4E9B03F27607CD6F
Requests: 49 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=160A2761-FEB6-D094-23BC-53D15236FE65&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=F5876A28-2106-9849-F85B-32830E25E7A3&lac=43280F24-DA2D-8B48-A2BC-8CCB47265652
Frame ID: 1A03D98C790CDCF330AAEFC73E280BFA
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=160A2761-FEB6-D094-23BC-53D15236FE65&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=F5876A28-2106-9849-F85B-32830E25E7A3&lac=43280F24-DA2D-8B48-A2BC-8CCB47265652
Frame ID: 85A9EEC3431FCA356B42F6455BC43466
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NEC Baby Formula

Page URL History Show full URLs

http://7vdtigtzdy.tophaceousrelighting.org/tzoia-NRpzoUqPYjihxHOkE9dJ/8564819214927977926989758899uwiicpyy1kz8z/ullhazc... HTTP 302
https://www.colipedat.com/NTW9L5wUh1F39ftDHzbQDdr17znti5QnXstzHJ5n5X9WAKRn11wXDAvLoNUaroh5e0T4WwyAPAEL... Page URL
https://tortexperts.leadspediatrack.com/?c=476&lp=35&s1=160584&s2=667963409&s3=pass-zh HTTP 302
https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr= Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

96 %
HTTPS

45 %
IPv6

17
Domains

20
Subdomains

19
IPs

2
Countries

486 kB
Transfer

1254 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://7vdtigtzdy.tophaceousrelighting.org/tzoia-NRpzoUqPYjihxHOkE9dJ/8564819214927977926989758899uwiicpyy1kz8z/ullhazcr-79997nn9999999hsbmoaixebpshntjgqdo88/lzmazcaczslhlllshrmulh-grl HTTP 302
https://www.colipedat.com/NTW9L5wUh1F39ftDHzbQDdr17znti5QnXstzHJ5n5X9WAKRn11wXDAvLoNUaroh5e0T4WwyAPAELhaSKo-fYsw~~/pass-zh/koo2222222eizn4469jqfghftbje84g7450ed2de4/60089732 Page URL
https://tortexperts.leadspediatrack.com/?c=476&lp=35&s1=160584&s2=667963409&s3=pass-zh HTTP 302
https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://7vdtigtzdy.tophaceousrelighting.org/tzoia-NRpzoUqPYjihxHOkE9dJ/8564819214927977926989758899uwiicpyy1kz8z/ullhazcr-79997nn9999999hsbmoaixebpshntjgqdo88/lzmazcaczslhlllshrmulh-grl HTTP 302
https://www.colipedat.com/NTW9L5wUh1F39ftDHzbQDdr17znti5QnXstzHJ5n5X9WAKRn11wXDAvLoNUaroh5e0T4WwyAPAELhaSKo-fYsw~~/pass-zh/koo2222222eizn4469jqfghftbje84g7450ed2de4/60089732

Request Chain 9

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16591997316350.001286251106769054&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16591997316350.001286251106769054&invert_field_sensitivity=false

50 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

60089732
www.colipedat.com/NTW9L5wUh1F39ftDHzbQDdr17znti5QnXstzHJ5n5X9WAKRn11wXDAvLoNUaroh5e0T4WwyAPAELhaSKo-fYsw~~/pass-zh/koo2222222eizn4469jqfghftbje84g7450ed2de4/
Redirect Chain

http://7vdtigtzdy.tophaceousrelighting.org/tzoia-NRpzoUqPYjihxHOkE9dJ/8564819214927977926989758899uwiicpyy1kz8z/ullhazcr-79997nn9999999hsbmoaixebpshntjgqdo88/lzmazcaczslhlllshrmulh-grl
https://www.colipedat.com/NTW9L5wUh1F39ftDHzbQDdr17znti5QnXstzHJ5n5X9WAKRn11wXDAvLoNUaroh5e0T4WwyAPAELhaSKo-fYsw~~/pass-zh/koo2222222eizn4469jqfghftbje84g7450ed2de4/60089732

149 B
454 B

368ms
215ms

Document
text/html

173.44.49.139
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.colipedat.com/NTW9L5wUh1F39ftDHzbQDdr17znti5QnXstzHJ5n5X9WAKRn11wXDAvLoNUaroh5e0T4WwyAPAELhaSKo-fYsw~~/pass-zh/koo2222222eizn4469jqfghftbje84g7450ed2de4/60089732
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.44.49.139 Miami, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 173.44.49.139.static.quadranet.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Content-Length: 149
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Jul 2022 16:48:50 GMT
Server: Apache

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Jul 2022 16:48:50 GMT
Location: https://www.colipedat.com/NTW9L5wUh1F39ftDHzbQDdr17znti5QnXstzHJ5n5X9WAKRn11wXDAvLoNUaroh5e0T4WwyAPAELhaSKo-fYsw~~/pass-zh/koo2222222eizn4469jqfghftbje84g7450ed2de4/60089732
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40

GET
H2

200

Primary Request / Show response
www.necformulahelp.com/
Redirect Chain

https://tortexperts.leadspediatrack.com/?c=476&lp=35&s1=160584&s2=667963409&s3=pass-zh
https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=

65 KB
11 KB

139ms
92ms

Document
text/html

2606:4700:3037::ac43:bb91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
Requested by: Host: www.colipedat.com
URL: https://www.colipedat.com/NTW9L5wUh1F39ftDHzbQDdr17znti5QnXstzHJ5n5X9WAKRn11wXDAvLoNUaroh5e0T4WwyAPAELhaSKo-fYsw~~/pass-zh/koo2222222eizn4469jqfghftbje84g7450ed2de4/60089732
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36ab36d5499a6f012aa0a995b799e61af47f7c3010609c287cb9bd29be790bca

Request headers

Referer: https://www.colipedat.com/NTW9L5wUh1F39ftDHzbQDdr17znti5QnXstzHJ5n5X9WAKRn11wXDAvLoNUaroh5e0T4WwyAPAELhaSKo-fYsw~~/pass-zh/koo2222222eizn4469jqfghftbje84g7450ed2de4/60089732
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 732f95918ca47138-YUL
content-encoding: br
content-location: http://www.necformulahelp.com/
content-type: text/html; charset=UTF-8
date: Sat, 30 Jul 2022 16:48:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 31 May 2022 20:40:21 GMT
link: <http://www.necformulahelp.com/>; rel="canonical"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="This is not a privacy policy."
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drG4dvX3yc5bD2z9Hslsmjkmnfb%2FamA0WPQCFAzwCEHoYWTkWU%2F7WxoOfXnsorUAWpVR6EirxhTevgYQap0UF%2Fm7TlR4%2B28GdEgrPdYXmTBjLeKi9Qhv58fBCEr7D6CV7r%2FWyc%2FDVicfqQtHMIRmVqWy0yEf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-proxy-backend: page-server
x-unbounce-pageid: 828c56a8-129c-4464-88b1-7bf8a4e83a79
x-unbounce-variant: a
x-unbounce-visitorid: e4376a42-b799-4ffe-bb84-8a39154ac4ae

Redirect headers

cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 30 Jul 2022 16:48:51 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
pragma: no-cache
server: Apache/2.4.46 (Amazon) PHP/5.6.40
x-powered-by: PHP/5.6.40

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 82ms
18ms Stylesheet
text/css 54.230.163.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-115.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 02:47:21 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 23:24:03 GMT
server: AmazonS3
age: 3679291
etag: "e50d1ee693e25d7a1512f9322cc1259e"
x-cache: Hit from cloudfront
x-amz-version-id: 2AQj3zSW.kdmInzoSdWpR0AQxgxgO5c_
via: 1.1 1391cb3b815aa63859ec0cff5767737c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: text/css
content-length: 2902
x-amz-cf-id: QYwvRTDhWcNTyC7xw2hUtuHoHOsnD8D4pRP5XhDNpIvDdlYqgjLG7g==

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 68ms
42ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.necformulahelp.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1540078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
timing-allow-origin: *
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQZE85XdaHth9YnXMxLANiHkwo4LYWLVZ%2F3glrOaQxnGaRDfqh6bqtoLnes0pqEtE82RIgUwwp%2FW2MwZX7JYf%2BZj6xfaU59nSfVzV22HCRwzxZashp0eCgN0WK4%2F02to55F%2FVDRFlTMrWtzu1aZzrY7g"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 732f95926aab714a-YUL
expires: Thu, 20 Jul 2023 16:48:51 GMT

GET
H2 200 loadjs.min.js Show response
cdnjs.cloudflare.com/ajax/libs/loadjs/4.2.0/ 2 KB
2 KB 65ms
39ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/loadjs/4.2.0/loadjs.min.js

Requested by

Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e706a6f7bc551ddf626c15cd76c1c251c0009871b6977cab0b3bf25391cbd9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.necformulahelp.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15280638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 801
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed2-68a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RE4HqIh9UPDsoFtK19wGw7bHYKaTlOSW%2B9xL27KS2lHpNg7U5sF66AqhCeyvIzi2CYW8Y3wlYLyuii4nY1Msel7hVArT9BfaGMekTPA3oKVBikGjG1GwzruGvtCR35fiCiY1zPzBKkUNRFmPCSg8JbvA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 732f95926aac714a-YUL
expires: Thu, 20 Jul 2023 16:48:51 GMT

GET
H/1.1 200
OK zaplanding.js Show response
devops.tortexperts.com/js/ub/ 3 KB
3 KB 58ms
18ms Script
application/javascript 138.197.100.36
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://devops.tortexperts.com/js/ub/zaplanding.js
Requested by: Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.100.36 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 281bc74f6ca869dba84013f562dc82e749b1112a82e9d8c993e4b2596e76c7d3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 16:48:51 GMT
Last-Modified: Thu, 26 May 2022 15:40:01 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "628f9f51-bc5"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3013
Expires: Sun, 30 Jul 2023 16:48:51 GMT

GET
H2 200 jquery.inputmask.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/5.0.7-beta.29/ 94 KB
26 KB 68ms
43ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/5.0.7-beta.29/jquery.inputmask.min.js

Requested by

Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35de839bf714c1ae5ff01f24453ba7293d36427f10f8c296a9046ba34eded39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.necformulahelp.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1805529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25765
timing-allow-origin: *
last-modified: Wed, 10 Nov 2021 10:00:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "618b984d-64a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BJD94SXdo4bedrkoZLJCbgTXBPfAMQZWmIRyYRvUecLlVmM26NNrryY42NY0H4iK1xEcmzfSxTIciVdSNqBb8JM7AwBKvASszIQ4uFDwYY3xZXyDCUhugHV1aZE%2F%2ByzCu%2F50jeskLNebydV1xV%2FKRN7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 732f95926aad714a-YUL
expires: Thu, 20 Jul 2023 16:48:51 GMT

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 71ms
18ms Script
application/javascript 2600:9000:210b:ee00:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
Requested by: Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:ee00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:53:58 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:15:08 GMT
server: AmazonS3
age: 2098494
etag: "f6420c864830b5860bfaadd47a2bb21b"
x-cache: Hit from cloudfront
x-amz-version-id: bKC28ufbc849z_LglraHgQe9TbPw1SIU
via: 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
content-length: 1856
x-amz-cf-id: oaOoQtAfQt29EO5VUeNNd6lw6dbrH3LSOqK4lMWj0iHEO--Or2wthQ==

GET
H2 200 main.bundle-7a80b17.z.js Show response
builder-assets.unbounce.com/published-js/ 103 KB
33 KB 25ms
25ms Script
application/javascript 54.230.163.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js
Requested by: Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-115.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a80b17346ad96acb74876b1c792e1706cdfdb5e17ce3bc028ee6e832bdfd962

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:25:19 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 15:25:07 GMT
server: AmazonS3
age: 3677013
etag: "115451db447a15fd94ca1eec82178c7c"
x-cache: Hit from cloudfront
x-amz-version-id: hO9WFSZalI7CFVogzNPJaI4zzDMeqqnQ
via: 1.1 1391cb3b815aa63859ec0cff5767737c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
content-length: 33491
x-amz-cf-id: 0wkrBaYT94HGA2v1KRUDbyQPyrSE8K0ttC_BZPrh5NrsPLZjbPFP9Q==

GET
H/1.1 200
OK uuid2.js Show response
devops.tortexperts.com/js/ub/ 1 KB
2 KB 19ms
18ms Script
application/javascript 138.197.100.36
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://devops.tortexperts.com/js/ub/uuid2.js
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/loadjs/4.2.0/loadjs.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.100.36 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3b65fa5f5961f67d447dc1ce6636d7f2a0ffab1f46194076e723d6ce22690d76

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 16:48:51 GMT
Last-Modified: Fri, 12 Nov 2021 20:53:23 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "618ed443-5fd"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1533
Expires: Sun, 30 Jul 2023 16:48:51 GMT

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16591997316350.001286251106769054&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16591997316350.001286251106769054&invert_field_sensitivity=false

8 KB
4 KB

145ms
105ms

Script
application/javascript

2600:9000:21dd:0:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16591997316350.001286251106769054&invert_field_sensitivity=false
Requested by: Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
Protocol: H2
Server: 2600:9000:21dd:0:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c98c65185f0c687986fab5e2b66b56d7f89b896d1aa7dae48ccb466ee58ef46

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 15:11:25 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: W/"af2c721f28d4f08f6dd1e2d1538d6d5e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 c5c79ef7442267e414f3389ffcc2f0fa.cloudfront.net (CloudFront)
x-amz-version-id: M4BYxzuwDsSLMzNpxHSURX978fUhoR5T
x-amz-cf-id: Od8it8sKyVuDRzgigcPYPzOtRnhqQcOzjplw5p3K9BtNhdwyDtAi9g==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16591997316350.001286251106769054&invert_field_sensitivity=false
date: Sat, 30 Jul 2022 16:48:51 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 62ms
20ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dda961c684bb8f6a9e1d37502469bc063b1d90b4966c81ea03f07079a6036a59

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26528
x-xss-protection: 0
pragma: public
x-fb-debug: nui55xBvJB/vLgZclf24LY2kQgaHjZohvUBK4rhyCcYkOIGPgoY/SQD7ck+ZxrGQNvbeDAqoCdsTgMHzSmix0A==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 30 Jul 2022 16:48:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 0da174cc-1bg_10000000w10b300n000028.png
d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/ 24 KB
24 KB 200ms
144ms Image
image/png 13.226.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/0da174cc-1bg_10000000w10b300n000028.png
Requested by: Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-109.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0698e6a8401c824163f9b593279b66ca14df2235f9ffe7e644f905edd0f7c96a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
last-modified: Tue, 31 May 2022 20:40:21 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "03b32aa44a4c92273e1b818b8537366e"
x-cache: Miss from cloudfront
x-amz-version-id: HJHKHNIof7TiONV56tHxuUAKZxEbQ5Zq
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 24658
x-amz-cf-id: NYNQDF6iUfqh_2x-L8w3NPBBxlxcB0UCPUTOxhYKFXpZZPjncm4tRA==

GET
H2 200 e54fb644-bg1_100000000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/ 48 KB
48 KB 169ms
114ms Image
image/jpeg 13.226.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/e54fb644-bg1_100000000000000000001o.jpg
Requested by: Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-109.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ed3c0ff08f448fadb3822001b4100c0b85ab8b05d3584d2177c42411174f255

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
last-modified: Tue, 31 May 2022 20:40:21 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "d959c3f821384a0fe8a9e93c36ecc89e"
x-cache: Miss from cloudfront
x-amz-version-id: Q50FnwCR_o5.0R7bLHtq0AXJdHXYyqqW
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/jpeg
content-length: 49140
x-amz-cf-id: 7iivlFlsUZhkZHY3NXv_mm_3DzsMwOyGMOw3afR8BM36FTjLxkg7xw==

GET
H2 200 79716e8d-3shape-3_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/ 2 KB
3 KB 195ms
140ms Image
image/png 13.226.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/79716e8d-3shape-3_1000000000000000000028.png
Requested by: Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-109.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c5822b76877df96ab1019f5bc7fc33438b9cbd6884d034ea9f29875d92cde0e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
last-modified: Tue, 31 May 2022 20:40:21 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "e5d661d0fe0d67653ab92697b62b445e"
x-cache: Miss from cloudfront
x-amz-version-id: slhQzVuKhHCQC0tZ0za6wuQyJkfAhfJm
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 2351
x-amz-cf-id: Sh8D_jvyssSFyJ52LmJm8xr7Dy2ChKdkBZBfeVpOwkap4fmvEMqopQ==

GET
H/1.1 200
OK landing Show response
devops.tortexperts.com/api/ads/ 367 B
666 B 101ms
63ms Fetch
application/json 138.197.100.36
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://devops.tortexperts.com/api/ads/landing?page_id=https://www.necformulahelp.com/&adv_id=6
Requested by: Host: devops.tortexperts.com
URL: https://devops.tortexperts.com/js/ub/zaplanding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.100.36 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e7201cedbee01bf16e8f73e3be35a12b305ebe5c4c0639cf191d225229c7ca7d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 16:48:51 GMT
Server: nginx/1.18.0 (Ubuntu)
X-RateLimit-Remaining: 56
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Transfer-Encoding: chunked
X-RateLimit-Limit: 60
Connection: keep-alive

GET
BLOB 200
OK 5cbae7d5-5009-42ad-a877-080b7c2a6612
https://www.necformulahelp.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.necformulahelp.com/5cbae7d5-5009-42ad-a877-080b7c2a6612
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 5603
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 87ms
37ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:regular,700,700italic,500%7CSource+Sans+Pro:italic

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d068c377b2806151d4bbf80b8d92e9d2f330f4d1a94a7daacdefca1346d45ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 16:48:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 30 Jul 2022 16:48:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Jul 2022 16:48:51 GMT

GET
H2 200 b07d27c3-total-injury-help-final_105g02t000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/ 3 KB
3 KB 156ms
147ms Image
image/png 13.226.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/b07d27c3-total-injury-help-final_105g02t000000000000028.png
Requested by: Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-109.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e679e9ad782f9cd5c892d749e40c6d5344328164df7bd724a55347dd2aaf4b9b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
last-modified: Tue, 31 May 2022 20:40:21 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "d8d236cfa17aa1615a59cb7fc7be32c1"
x-cache: Miss from cloudfront
x-amz-version-id: WK67lHZ6h.Sgp6_R5a9O5WjK1D5s.Bck
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 3182
x-amz-cf-id: P-h3tt7kh7A_-q_MIRdhZtVFBtrTysJFZj-_F_8MLP5BWslZUuRWtw==

GET
H2 200 b1334c80-confidential_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/ 646 B
1 KB 146ms
138ms Image
image/png 13.226.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/b1334c80-confidential_1000000000000000000028.png
Requested by: Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-109.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b86fe39cec1446b53acc1507a7b053205c41e35ebfdcea62c92ebc89b1f13c25

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
last-modified: Tue, 31 May 2022 20:40:21 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "2fd02e6cc681616c35d9a5f985ca373f"
x-cache: Miss from cloudfront
x-amz-version-id: 8m4QbYPHkgpQAp0O_8Kt9E550C46u44j
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 646
x-amz-cf-id: chOOGwIs5t95wgzchtJ8ILOXDPOofwA7MmZ4BWwJfehZUxJE7DsdQw==

GET
H2 200 0f587cfd-secure_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/ 505 B
887 B 147ms
139ms Image
image/png 13.226.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/0f587cfd-secure_1000000000000000000028.png
Requested by: Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-109.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 934889d38610b4eeb4d9159e01fc4bc0dfc3b3f8db0d667692b5d56c13599652

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
last-modified: Tue, 31 May 2022 20:40:21 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "f3a9980b667c7fb0c7aaaa80f53becfd"
x-cache: Miss from cloudfront
x-amz-version-id: Cu8yF_wnE54TGKpdZw9ebvP5NL8qokO_
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 505
x-amz-cf-id: jZpO9LZAINYrG2U8ktpmzLzH6UsdyvD6gT6aXvs0q6axFPleKbRG1A==

GET
H2 200 de28ded4-group_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/ 1 KB
2 KB 149ms
148ms Image
image/png 13.226.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/de28ded4-group_1000000000000000000028.png
Requested by: Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-109.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0e3ad3ace9809e2b2b2472484b33b4280fe606e567e8459a6a924013f02371e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
last-modified: Tue, 31 May 2022 20:40:21 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "d804b75f89dc0db78e41b1f183bfa273"
x-cache: Miss from cloudfront
x-amz-version-id: LMqfaFgunq45rbjXXE7y9geB2Uqm8ogb
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 1522
x-amz-cf-id: ZT_m5_vPjOEknIdVGdzv3kilwKY-Fj2YD9tner-NCOxfsH3FRx_I1w==

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 20ms
20ms Script
application/javascript 2600:9000:210b:ee00:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:ee00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 01:26:09 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
age: 2042563
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
via: 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
content-length: 30399
x-amz-cf-id: QBofYEPjEhcRmRhDv2GWVBTX2-Y-jfjP0ZDpPGd29_Jfo4UmdFtOwA==

GET
H2 200 435294518228747 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 70ms
69ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/435294518228747?v=2.9.69&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec0ea6b7777b3101bffa17516cdbac8da5a79131c8e86bed162309dbbeb7d5ee

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: FwihglPZ/Vpfhry7P5VDFboIkXF7ta6lSDEiJgn+SFpOZTxBYX5KEyeoCux3CjbWEl61II2jz8CeekeThJIYbQ==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 30 Jul 2022 16:48:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1659199731822
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 i
events.ub-analytics.com/ 43 B
245 B 83ms
25ms Image
image/gif 18.211.25.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1659199731788&e=pv&url=https%3A%2F%2Fwww.necformulahelp.com%2F%3Frequestid%3D62e560f34423d%26s1%3D160584%26s2%3D667963409%26s3%3Dpass-zh%26s4%3D%26s5%3D%26affid%3D6%26cr%3D&page=NEC%20Baby%20Formula&refr=https%3A%2F%2Fwww.colipedat.com%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=d912b47d-24ee-48ef-809b-a3a099a2e893&dtm=1659199731787&vp=1600x1200&ds=1600x2292&vid=1&sid=a9edc085-0e97-4b40-810b-0d39ff6e14b1&duid=8b535481-86d3-407e-bd8e-c602f79a8a11&uid=e4376a42-b799-4ffe-bb84-8a39154ac4ae&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiODI4YzU2YTgtMTI5Yy00NDY0LTg4YjEtN2JmOGE0ZTgzYTc5IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by: Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.25.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-25-140.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 30 Jul 2022 16:48:51 GMT
access-control-allow-credentials: true
server: akka-http/10.0.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 43
content-type: image/gif

GET
H2 200 f5876a28-2106-9849-f85b-32830e25e7a3.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 227ms
201ms Script
text/javascript 2606:4700:10::6816:27b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/f5876a28-2106-9849-f85b-32830e25e7a3.js?snippet_version=2&callback=jornayaCallback
Requested by: Host: devops.tortexperts.com
URL: https://devops.tortexperts.com/js/ub/zaplanding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1044f3e770f062d51035f6d001f398d869d5d22073f2390907b2c073eec9639d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 13 Dec 2021 15:18:31 GMT
server: cloudflare
x-amz-request-id: 8HAJ7G02BQYB17EQ
etag: W/"22b1e550f179937d43394240d37aa22c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 732f95940f324bcb-YUL
x-amz-version-id: jM2tDfJXfHnPYJcjU5NG8ikA7kolqIcQ
x-amz-id-2: K41pnX5GfRjOBSi+baSa0sGtgE/jIzoAgAeWWq6qdTadC377L3i1znaV5iLrUY7BR587NPQ0u6s=

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 67ms
20ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,700,700italic,500%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.necformulahelp.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 07:12:27 GMT
x-content-type-options: nosniff
age: 380184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 07:12:27 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
9 KB 68ms
23ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,700,700italic,500%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.necformulahelp.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 02:08:06 GMT
x-content-type-options: nosniff
age: 398445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8596
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 02:08:06 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 70ms
26ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,700,700italic,500%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.necformulahelp.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 05:50:56 GMT
x-content-type-options: nosniff
age: 385075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 05:50:56 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 81ms
40ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,700,700italic,500%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.necformulahelp.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 07:22:38 GMT
x-content-type-options: nosniff
age: 379573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 07:22:38 GMT

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
12 KB 79ms
42ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,700,700italic,500%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.necformulahelp.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 22:56:33 GMT
x-content-type-options: nosniff
age: 409938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12580
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 22:56:33 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 190ms
20ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=435294518228747&ev=PageView&dl=https%3A%2F%2Fwww.necformulahelp.com%2F%3Frequestid%3D62e560f34423d%26s1%3D160584%26s2%3D667963409%26s3%3Dpass-zh%26s4%3D%26s5%3D%26affid%3D6%26cr%3D&rl=https%3A%2F%2Fwww.colipedat.com%2F&if=false&ts=1659199731903&sw=1600&sh=1200&v=2.9.69&r=stable&ec=0&o=30&fbp=fb.1.1659199731901.652596472&it=1659199731759&coo=false&rqm=GET

Requested by

Host: www.necformulahelp.com
URL: https://www.necformulahelp.com/?requestid=62e560f34423d&s1=160584&s2=667963409&s3=pass-zh&s4=&s5=&affid=6&cr=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sat, 30 Jul 2022 16:48:52 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
660 B 155ms
105ms XHR
text/plain 54.161.75.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=c277054b-9ed7-4aa5-a849-da1abb5453e1&_=129912232

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f5876a28-2106-9849-f85b-32830e25e7a3.js?snippet_version=2&callback=jornayaCallback

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.75.10 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-75-10.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7126257c0aeb5d411807eb185d3806680bf380da192bdae4a8e112c931a3b177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.necformulahelp.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 71ms
25ms XHR
application/json 52.71.132.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16591997316350.001286251106769054&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.132.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-132-63.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 7992dd0a1318c1fd24c8c7e2de757f033a64e2b4fe1e29a522453f4ac4a92252

Request headers

Referer: https://www.necformulahelp.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 trustedform-1.8.26.js Show response
cdn.trustedform.com/ 97 KB
36 KB 22ms
22ms Script
application/javascript 2600:9000:21dd:0:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16591997316350.001286251106769054&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:0:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33da22f0d9d8386d0028f02a1f0052807daae08d3d6f14eb47e7262735d9b98b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: YhD1w8vOtRO5jDnJaxxF8bLdiuVEBdVt
content-encoding: gzip
last-modified: Tue, 10 May 2022 15:11:25 GMT
server: AmazonS3
age: 8
etag: W/"d9aa7fe810084b856ea5e1fed26caefa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c5c79ef7442267e414f3389ffcc2f0fa.cloudfront.net (CloudFront)
date: Sat, 30 Jul 2022 16:48:52 GMT
x-amz-cf-pop: EWR53-C2
x-amz-cf-id: nYrUjOSC_QmMqZ-BO0v9IoyZiwuOOhpP7XCx7qAIhgF4QI8Blauu9A==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/f8478fa151aef6e402d836c23c2bf718cb03a1dd/ 0
159 B 47ms
47ms XHR
text/plain 52.71.132.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f8478fa151aef6e402d836c23c2bf718cb03a1dd/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.132.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-132-63.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.necformulahelp.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 30 Jul 2022 16:48:52 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H2 200 b07d27c3-total-injury-help-final_105g02t000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/ 3 KB
3 KB 62ms
61ms Image
image/png 13.226.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/b07d27c3-total-injury-help-final_105g02t000000000000028.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-109.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e679e9ad782f9cd5c892d749e40c6d5344328164df7bd724a55347dd2aaf4b9b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:53 GMT
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
last-modified: Tue, 31 May 2022 20:40:21 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "d8d236cfa17aa1615a59cb7fc7be32c1"
x-cache: Miss from cloudfront
x-amz-version-id: WK67lHZ6h.Sgp6_R5a9O5WjK1D5s.Bck
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 3182
x-amz-cf-id: 0IHRfbGNY8KdnT1ZJuiEIlhSjisAUSpFOKxDkty7t4X881JJXcBKNA==

GET
H2 200 b1334c80-confidential_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/ 646 B
1 KB 20ms
19ms Image
image/png 13.226.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/b1334c80-confidential_1000000000000000000028.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-109.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b86fe39cec1446b53acc1507a7b053205c41e35ebfdcea62c92ebc89b1f13c25

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
last-modified: Tue, 31 May 2022 20:40:21 GMT
server: AmazonS3
age: 1
etag: "2fd02e6cc681616c35d9a5f985ca373f"
x-cache: Hit from cloudfront
x-amz-version-id: 8m4QbYPHkgpQAp0O_8Kt9E550C46u44j
cache-control: max-age=31557600
x-amz-cf-pop: EWR53-C2
accept-ranges: bytes
content-type: image/png
content-length: 646
x-amz-cf-id: YO3iadb-2Q_0HaFC1BAgSmds2i1AhO7NlFJ7UFJggUuVaZ3T9ikS8Q==

GET
H2 200 0f587cfd-secure_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/ 505 B
893 B 20ms
19ms Image
image/png 13.226.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/0f587cfd-secure_1000000000000000000028.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-109.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 934889d38610b4eeb4d9159e01fc4bc0dfc3b3f8db0d667692b5d56c13599652

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
last-modified: Tue, 31 May 2022 20:40:21 GMT
server: AmazonS3
age: 1
etag: "f3a9980b667c7fb0c7aaaa80f53becfd"
x-cache: Hit from cloudfront
x-amz-version-id: Cu8yF_wnE54TGKpdZw9ebvP5NL8qokO_
cache-control: max-age=31557600
x-amz-cf-pop: EWR53-C2
accept-ranges: bytes
content-type: image/png
content-length: 505
x-amz-cf-id: dolPwzkAhLVFZMHRA2EkCy9rFftgFRHQ0rRTrlaKfVZ2AhDw_hQJjw==

GET
H2 200 de28ded4-group_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/ 1 KB
2 KB 39ms
39ms Image
image/png 13.226.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.necformulahelp.com/de28ded4-group_1000000000000000000028.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-109.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0e3ad3ace9809e2b2b2472484b33b4280fe606e567e8459a6a924013f02371e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:53 GMT
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
last-modified: Tue, 31 May 2022 20:40:21 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "d804b75f89dc0db78e41b1f183bfa273"
x-cache: Miss from cloudfront
x-amz-version-id: LMqfaFgunq45rbjXXE7y9geB2Uqm8ogb
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 1522
x-amz-cf-id: z2Zm1OXlx1NxSS95TOaVrKzBnhS8yd_NNvS4uPtw-LaHtid8jl5QtA==

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/f8478fa151aef6e402d836c23c2bf718cb03a1dd/ 0
159 B 37ms
37ms XHR
text/plain 52.71.132.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f8478fa151aef6e402d836c23c2bf718cb03a1dd/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.132.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-132-63.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.necformulahelp.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 30 Jul 2022 16:48:52 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 1A03 3 KB
2 KB 57ms
18ms Document
text/html 54.192.100.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=160A2761-FEB6-D094-23BC-53D15236FE65&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=F5876A28-2106-9849-F85B-32830E25E7A3&lac=43280F24-DA2D-8B48-A2BC-8CCB47265652

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f5876a28-2106-9849-f85b-32830e25e7a3.js?snippet_version=2&callback=jornayaCallback

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.192.100.158 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-100-158.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.necformulahelp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Age: 28418
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 30 Jul 2022 08:55:14 GMT
ETag: W/"6298d697-dbb"
Last-Modified: Thu, 02 Jun 2022 15:26:15 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 48242c037992a87d34be1f3c114efc0a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: FPk3E3lqsT7RI_V3m84Z1fDKv1B3rlmCbtXFwsbbCWSSdFqWwo1UJQ==
X-Amz-Cf-Pop: EWR53-C3
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
623 B 31ms
31ms XHR
text/plain 54.161.75.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=c277054b-9ed7-4aa5-a849-da1abb5453e1&token=160A2761-FEB6-D094-23BC-53D15236FE65&_=129912233

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f5876a28-2106-9849-f85b-32830e25e7a3.js?snippet_version=2&callback=jornayaCallback

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.75.10 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-75-10.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.necformulahelp.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
622 B 330ms
330ms XHR
text/plain 54.161.75.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=c277054b-9ed7-4aa5-a849-da1abb5453e1&token=160A2761-FEB6-D094-23BC-53D15236FE65&_=129912234

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f5876a28-2106-9849-f85b-32830e25e7a3.js?snippet_version=2&callback=jornayaCallback

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.75.10 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-75-10.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.necformulahelp.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 85A9 4 KB
2 KB 76ms
26ms Document
text/html 23.23.142.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=160A2761-FEB6-D094-23BC-53D15236FE65&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=F5876A28-2106-9849-F85B-32830E25E7A3&lac=43280F24-DA2D-8B48-A2BC-8CCB47265652
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=160A2761-FEB6-D094-23BC-53D15236FE65&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=F5876A28-2106-9849-F85B-32830E25E7A3&lac=43280F24-DA2D-8B48-A2BC-8CCB47265652
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.142.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-142-3.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Sat, 30 Jul 2022 16:48:52 GMT
etag: W/"62a74f42-1049"
expires: Sun, 31 Jul 2022 16:48:52 GMT
last-modified: Mon, 13 Jun 2022 14:52:50 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 40ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=435294518228747&ev=Microdata&dl=https%3A%2F%2Fwww.necformulahelp.com%2F%3Frequestid%3D62e560f34423d%26s1%3D160584%26s2%3D667963409%26s3%3Dpass-zh%26s4%3D%26s5%3D%26affid%3D6%26cr%3D&rl=https%3A%2F%2Fwww.colipedat.com%2F&if=false&ts=1659199732406&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NEC%20Baby%20Formula%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22NEC%20Baby%20Formula%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.69&r=stable&ec=1&o=30&fbp=fb.1.1659199731901.652596472&it=1659199731759&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.necformulahelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sat, 30 Jul 2022 16:48:52 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame 85A9 0
627 B 74ms
27ms Script
text/javascript 54.161.75.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=43280F24-DA2D-8B48-A2BC-8CCB47265652&lck=F5876A28-2106-9849-F85B-32830E25E7A3&methods=48&token=160A2761-FEB6-D094-23BC-53D15236FE65&uuid=324384b3bbd74712bac26456efdb4a29

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=160A2761-FEB6-D094-23BC-53D15236FE65&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=F5876A28-2106-9849-F85B-32830E25E7A3&lac=43280F24-DA2D-8B48-A2BC-8CCB47265652

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.75.10 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-75-10.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:48:52 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events
api.trustedform.com/certs/f8478fa151aef6e402d836c23c2bf718cb03a1dd/ 0
159 B 84ms
83ms Ping
text/plain 52.71.132.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f8478fa151aef6e402d836c23c2bf718cb03a1dd/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.132.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-132-63.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.necformulahelp.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 30 Jul 2022 16:48:52 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
623 B 464ms
143ms XHR
text/plain 54.161.75.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=4&pid=c277054b-9ed7-4aa5-a849-da1abb5453e1&token=160A2761-FEB6-D094-23BC-53D15236FE65&_=129912235

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/f5876a28-2106-9849-f85b-32830e25e7a3.js?snippet_version=2&callback=jornayaCallback

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.75.10 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-75-10.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.necformulahelp.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 30 Jul 2022 16:48:53 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/f8478fa151aef6e402d836c23c2bf718cb03a1dd/ 0
159 B 25ms
25ms XHR
text/plain 52.71.132.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f8478fa151aef6e402d836c23c2bf718cb03a1dd/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.132.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-132-63.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.necformulahelp.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 30 Jul 2022 16:48:53 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.colipedat.com/	1970-01-20 05:36:31	Name: uid6598 Value: 667963409-20220730124850-44d3def81b7f81f69bf8adb622ccebdf-
tortexperts.leadspediatrack.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: v8epr7aj1m8po10romk6aod675
www.necformulahelp.com/	1970-01-20 09:18:17	Name: ubpv Value: a%2C828c56a8-129c-4464-88b1-7bf8a4e83a79
www.necformulahelp.com/	1970-01-20 09:12:31	Name: ubvs Value: e4376a42-b799-4ffe-bb84-8a39154ac4ae
.necformulahelp.com/	1970-01-20 04:57:38	Name: ubvt Value: e4376a42-b799-4ffe-bb84-8a39154ac4ae
.necformulahelp.com/	1970-01-20 07:02:55	Name: _fbp Value: fb.1.1659199731901.652596472
.facebook.com/	1970-01-20 07:02:55	Name: fr Value: 0N1Hh52t3jSfjNwT6..Bi5WD0...1.0.Bi5WD0.
www.necformulahelp.com/	1970-01-20 04:53:20	Name: leadid_token-43280F24-DA2D-8B48-A2BC-8CCB47265652-F5876A28-2106-9849-F85B-32830E25E7A3 Value: 160A2761-FEB6-D094-23BC-53D15236FE65
.deviceid.trueleadid.com/	1970-01-25 20:28:19	Name: uuid Value: 324384b3bbd74712bac26456efdb4a29

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7vdtigtzdy.tophaceousrelighting.org
api.trustedform.com
builder-assets.unbounce.com
cdn.trustedform.com
cdnjs.cloudflare.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
deviceid.trueleadid.com
devops.tortexperts.com
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
tortexperts.leadspediatrack.com
www.colipedat.com
www.facebook.com
www.necformulahelp.com
13.226.36.109
138.197.100.36
173.44.49.139
18.211.25.140
216.84.81.45
23.23.142.3
2600:9000:210b:ee00:1d:11cf:5800:93a1
2600:9000:21dd:0:1c:7f1a:6680:93a1
2606:4700:10::6816:27b6
2606:4700:3037::ac43:bb91
2606:4700::6811:180e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:824::2003
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
52.71.132.63
54.161.75.10
54.192.100.158
54.201.239.115
54.230.163.115
0698e6a8401c824163f9b593279b66ca14df2235f9ffe7e644f905edd0f7c96a
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
1044f3e770f062d51035f6d001f398d869d5d22073f2390907b2c073eec9639d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
281bc74f6ca869dba84013f562dc82e749b1112a82e9d8c993e4b2596e76c7d3
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
33da22f0d9d8386d0028f02a1f0052807daae08d3d6f14eb47e7262735d9b98b
36ab36d5499a6f012aa0a995b799e61af47f7c3010609c287cb9bd29be790bca
3b65fa5f5961f67d447dc1ce6636d7f2a0ffab1f46194076e723d6ce22690d76
3c98c65185f0c687986fab5e2b66b56d7f89b896d1aa7dae48ccb466ee58ef46
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
4d068c377b2806151d4bbf80b8d92e9d2f330f4d1a94a7daacdefca1346d45ea
5ed3c0ff08f448fadb3822001b4100c0b85ab8b05d3584d2177c42411174f255
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
7126257c0aeb5d411807eb185d3806680bf380da192bdae4a8e112c931a3b177
7992dd0a1318c1fd24c8c7e2de757f033a64e2b4fe1e29a522453f4ac4a92252
7a80b17346ad96acb74876b1c792e1706cdfdb5e17ce3bc028ee6e832bdfd962
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
934889d38610b4eeb4d9159e01fc4bc0dfc3b3f8db0d667692b5d56c13599652
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
9c5822b76877df96ab1019f5bc7fc33438b9cbd6884d034ea9f29875d92cde0e
9e706a6f7bc551ddf626c15cd76c1c251c0009871b6977cab0b3bf25391cbd9a
b86fe39cec1446b53acc1507a7b053205c41e35ebfdcea62c92ebc89b1f13c25
c35de839bf714c1ae5ff01f24453ba7293d36427f10f8c296a9046ba34eded39
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
dda961c684bb8f6a9e1d37502469bc063b1d90b4966c81ea03f07079a6036a59
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e679e9ad782f9cd5c892d749e40c6d5344328164df7bd724a55347dd2aaf4b9b
e7201cedbee01bf16e8f73e3be35a12b305ebe5c4c0639cf191d225229c7ca7d
ec0ea6b7777b3101bffa17516cdbac8da5a79131c8e86bed162309dbbeb7d5ee
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e3ad3ace9809e2b2b2472484b33b4280fe606e567e8459a6a924013f02371e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.necformulahelp.com Open in urlscan Pro 2606:4700:3037::ac43:bb91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

96 %HTTPS

45 %IPv6

17 Domains

20 Subdomains

19 IPs

2 Countries

486 kBTransfer

1254 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.necformulahelp.com Open in urlscan Pro
2606:4700:3037::ac43:bb91 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

96 %
HTTPS

45 %
IPv6

17
Domains

20
Subdomains

19
IPs

2
Countries

486 kB
Transfer

1254 kB
Size

9
Cookies

50 HTTP transactions
2 data transactions