urlscan.io logo urlscan.io
SecurityTrails logo

promotions.privy.com Open in urlscan Pro
52.1.117.85  Public Scan

Go To Rescan Add Verdict Report
URL: https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db...
Submission: On June 22 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 24 HTTP transactions. The main IP is 52.1.117.85, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is promotions.privy.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on September 23rd 2016. Valid for: 3 years.
This is the only time promotions.privy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.1.117.85 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
5 2400:cb00:204... 13335 (CLOUDFLAR...)
3 2400:cb00:204... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2400:cb00:204... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 184.31.82.197 20940 (AKAMAI-ASN1)
1 52.22.89.101 14618 (AMAZON-AES)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 3 35.157.215.255 16509 (AMAZON-02)
24 13
1    52.1.117.85 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-1-117-85.compute-1.amazonaws.com
promotions.privy.com
1    2a00:1450:4001:81f::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
5    2400:cb00:2048:1::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
3    2400:cb00:2048:1::6819:6111 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
assets.privy.com
events.privy.com
3    2a00:1450:4001:820::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com
2    2a00:1450:4001:820::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2400:cb00:2048:1::681c:1640 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
privymktg.com
1    2a00:1450:4001:820::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
google-analytics.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
1    184.31.82.197 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-82-197.deploy.static.akamaitechnologies.com
platform-api.sharethis.com
1    52.22.89.101 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-22-89-101.compute-1.amazonaws.com
c.sharethis.mgr.consensu.org
1    2a03:2880:f12d:86:face:b00c:0:50fb (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
3    35.157.215.255 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-215-255.eu-central-1.compute.amazonaws.com
l.sharethis.com
Domain Requested by
5 cdnjs.cloudflare.com promotions.privy.com
3 l.sharethis.com 1 redirects
3 fonts.googleapis.com promotions.privy.com
assets.privy.com
2 fonts.gstatic.com ajax.googleapis.com
2 assets.privy.com promotions.privy.com
1 www.facebook.com connect.facebook.net
1 c.sharethis.mgr.consensu.org platform-api.sharethis.com
1 staticxx.facebook.com connect.facebook.net
1 platform-api.sharethis.com assets.privy.com
1 connect.facebook.net promotions.privy.com
1 events.privy.com promotions.privy.com
1 google-analytics.com promotions.privy.com
1 privymktg.com 1 redirects
1 maxcdn.bootstrapcdn.com promotions.privy.com
1 ajax.googleapis.com promotions.privy.com
1 promotions.privy.com
24 16

This site contains no links.

Subject Issuer Validity Valid
*.privy.com
COMODO RSA Domain Validation Secure Server CA		 2016-09-23 -
2019-11-22		 3 years crt.sh
ssl380397.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-06-21 -
2018-12-28		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year crt.sh

This page contains 3 frames:

Primary Page: https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
Frame ID: DCCC5122D94C4EAA10789CD6F22FE7CB
Requests: 22 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/xaOI6zd9HW9.js?version=42
Frame ID: 396784EEF5E13C899C0FD8FEFD907F9A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/connect/ping?client_id=320395701677362&domain=promotions.privy.com&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FxaOI6zd9HW9.js%3Fversion%3D42%23cb%3Df10fe4f757282f4%26domain%3Dpromotions.privy.com%26origin%3Dhttps%253A%252F%252Fpromotions.privy.com%252Ff3aa3728505a77c%26relation%3Dparent&response_type=token%2Csigned_request%2Ccode&sdk=joey&version
Frame ID: C530CAB8661B0B1180E667171086A46B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Cowboy/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /authenticity_token/i
Overall confidence: 100%
Detected patterns
  • headers server /Cowboy/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /authenticity_token/i
Overall confidence: 100%
Detected patterns
  • script /backbone.*\.js/i
  • env /^Backbone$/i
Overall confidence: 100%
Detected patterns
  • script /handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js/i
  • env /^Handlebars$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /underscore.*\.js/i
  • script /backbone.*\.js/i
  • env /^Backbone$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

24
Requests

25 %
HTTPS

71 %
IPv6

11
Domains

16
Subdomains

13
IPs

4
Countries

389 kB
Transfer

1381 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://privymktg.com/collect?v=1&cid=4eb106bb-83d8-4cde-81d8-0e2ce619e0a6&cd1=C16F86E0486EA5D421F6C36C&cd2=501976&cd5=signup&cd6=embedded&tid=UA-20331028-1&t=event&ni=true&ea=viewed-campaign&ec=standalone&dl=https%3A%2F%2Fpromotions.privy.com%2Fcampaigns%2F501976%2Fform%3Fviewport_type%3Dembedded%26isBuilder%3Dfalse%26uuid%3De57e6022-d554-49a4-a0ac-5b17db69aadd&dt=Directline%20Flights&ul=en-US&z=14518900611841623 HTTP 302
  • https://google-analytics.com/collect?v=1&cid=4eb106bb-83d8-4cde-81d8-0e2ce619e0a6&cd1=C16F86E0486EA5D421F6C36C&cd2=501976&cd5=signup&cd6=embedded&tid=UA-20331028-1&t=event&ni=true&ea=viewed-campaign&ec=standalone&dl=https%3A%2F%2Fpromotions.privy.com%2Fcampaigns%2F501976%2Fform%3Fviewport_type%3Dembedded%26isBuilder%3Dfalse%26uuid%3De57e6022-d554-49a4-a0ac-5b17db69aadd&dt=Directline%20Flights&ul=en-US&z=14518900611841623
Request Chain 21
  • https://l.sharethis.com/pview?event=pview&version=st_sop.js&lang=en&fpc=6977279-16426edd235-127a53df-1&sessionID=1529661477430.19290&hostname=promotions.privy.com&location=%2Fcampaigns%2F501976%2Fform&product=privy-share-buttons&url=https%3A%2F%2Fpromotions.privy.com%2Fcampaigns%2F501976%2Fform%3Fviewport_type%3Dembedded%26isBuilder%3Dfalse%26uuid%3De57e6022-d554-49a4-a0ac-5b17db69aadd&sharURL=&buttonType=ERROR&destination=ERROR&source=ERROR&st_optout=false&title=Directline%20Flights&publisher=anonymous&ts1529661477430=&sop=true HTTP 301
  • https://l.sharethis.com/sc?cm=ZGAB2FssyCUAAAAUEiMNAw%3D%3D&uid=true&url=https%3A%2F%2Fpromotions.privy.com%2Fcampaigns%2F501976%2Fform%3Fviewport_type%3Dembedded%26isBuilder%3Dfalse%26uuid%3De57e6022-d554-49a4-a0ac-5b17db69aadd

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request form
promotions.privy.com/campaigns/501976/ 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.117.85 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-117-85.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
a939e5fb10ed95a7f645b02c6b81d59e9e49f5c9bd6643a23056cc1eea0f8637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
promotions.privy.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
DCCC5122D94C4EAA10789CD6F22FE7CB

Response headers

Server
Cowboy
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Request-Method
*
Content-Type
text/html; charset=utf-8
Etag
W/"a939e5fb10ed95a7f645b02c6b81d59e"
Cache-Control
max-age=0, private, must-revalidate
X-Request-Id
b7df99bf-9cca-425b-b4b9-042459fdf976
Date
Fri, 22 Jun 2018 09:57:57 GMT
X-Rack-Cache
miss
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Via
1.1 vegur
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: promotions.privy.com
URL: https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
Protocol
SPDY
Server
2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 12 Jun 2018 01:43:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
893689
status
200
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
33495
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jun 2019 01:43:08 GMT
underscore-min.js
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.4.4/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.4.4/underscore-min.js
Requested by
Host: promotions.privy.com
URL: https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
Protocol
SPDY
Server
2400:cb00:2048:1::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
27829b1d29e3fb532d761987d4057275d1e9ecdd3eaf4b4c40a29382590b820e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 22 Jun 2018 09:57:57 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.002
last-modified
Thu, 17 May 2018 09:27:26 GMT
server
cloudflare
etag
W/"5afd4afe-348a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
42edda888b192756-FRA
expires
Wed, 12 Jun 2019 09:57:57 GMT
backbone-min.js
cdnjs.cloudflare.com/ajax/libs/backbone.js/1.0.0/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/backbone.js/1.0.0/backbone-min.js
Requested by
Host: promotions.privy.com
URL: https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
Protocol
SPDY
Server
2400:cb00:2048:1::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
28a9331bc688278e0088c64f906feeaf2a7eafeca2831c97f8a79399ff697a3b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 22 Jun 2018 09:57:57 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.032
last-modified
Thu, 17 May 2018 09:16:02 GMT
server
cloudflare
etag
W/"5afd4852-4c01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
42edda888b1a2756-FRA
expires
Wed, 12 Jun 2019 09:57:57 GMT
placeholders.min.js
cdnjs.cloudflare.com/ajax/libs/placeholders/4.0.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/placeholders/4.0.1/placeholders.min.js
Requested by
Host: promotions.privy.com
URL: https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
Protocol
SPDY
Server
2400:cb00:2048:1::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c141f368da1152af24808794c501b65be66f1550e1b0b2f6c10578fb945eaf2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 22 Jun 2018 09:57:57 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.001
last-modified
Thu, 17 May 2018 09:24:36 GMT
server
cloudflare
etag
W/"5afd4a54-13d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
42edda888b1b2756-FRA
expires
Wed, 12 Jun 2019 09:57:57 GMT
postscribe.min.js
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Requested by
Host: promotions.privy.com
URL: https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
Protocol
SPDY
Server
2400:cb00:2048:1::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 22 Jun 2018 09:57:57 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.001
last-modified
Thu, 17 May 2018 09:26:22 GMT
server
cloudflare
etag
W/"5afd4abe-45f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
42edda888b1c2756-FRA
expires
Wed, 12 Jun 2019 09:57:57 GMT
handlebars.runtime.min.js
cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.8/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.8/handlebars.runtime.min.js
Requested by
Host: promotions.privy.com
URL: https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
Protocol
SPDY
Server
2400:cb00:2048:1::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ba1858de4c42f5f0362dee34e0582937cb9869bef62e69fb8e46f6ba7aa11d5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 22 Jun 2018 09:57:57 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.006
last-modified
Thu, 17 May 2018 09:20:11 GMT
server
cloudflare
etag
W/"5afd494b-40c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
42edda888b1d2756-FRA
expires
Wed, 12 Jun 2019 09:57:57 GMT
standalone-64e6745408a76b84394105905ec6462d5810134abd1bfc8bb834336cd195aeb9.css
assets.privy.com/assets/ 		342 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.privy.com/assets/standalone-64e6745408a76b84394105905ec6462d5810134abd1bfc8bb834336cd195aeb9.css
Requested by
Host: promotions.privy.com
URL: https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6819:6111 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bd560ba47822bbaa5fb9cc465a257cec52c68b513c95b184d163053c540e09f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/assets/standalone-64e6745408a76b84394105905ec6462d5810134abd1bfc8bb834336cd195aeb9.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
assets.privy.com
referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
:scheme
https
:method
GET
Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 22 Jun 2018 09:57:57 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
cf-cache-status
HIT
x-cache
Hit from cloudfront
status
200
content-length
43870
last-modified
Mon, 18 Jun 2018 19:11:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
via
1.1 vegur, 1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
cache-control
public, max-age=1382400
set-cookie
__cfduid=d70a17153b818ee4fcea2cd92d806e13d1529661477; expires=Sat, 22-Jun-19 09:57:57 GMT; path=/; domain=.privy.com; HttpOnly; Secure
cf-ray
42edda88ba582654-FRA
x-amz-cf-id
uc9zvA9CTLdLs2tyZpO3RkCIF7CRTTnGO81aeiGAeczoRn_STlwL0Q==
expires
Sun, 08 Jul 2018 09:57:57 GMT
css
fonts.googleapis.com/ 		2 KB
492 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700|Open+Sans:400italic,400,700,600,300
Requested by
Host: promotions.privy.com
URL: https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
Protocol
SPDY
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
4b5ec97c93ef291050b5d74ac3d2dd03ad415c270ba785b3604d67755264b6ac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 22 Jun 2018 09:57:57 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Fri, 22 Jun 2018 09:57:57 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: promotions.privy.com
URL: https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 22 Jun 2018 09:57:57 GMT
Content-Encoding
gzip
Last-Modified
Sat, 17 Feb 2018 21:46:17 GMT
Connection
Keep-Alive
ETag
"1518903977"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Hello-Human
Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges
bytes
Content-Length
7050
standalone-e25e4e547d902184f0f51ac698e2afbb63a4e9370355fceb2f0e9d703973792a.js
assets.privy.com/assets/ 		406 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.privy.com/assets/standalone-e25e4e547d902184f0f51ac698e2afbb63a4e9370355fceb2f0e9d703973792a.js
Requested by
Host: promotions.privy.com
URL: https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6819:6111 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e25e4e547d902184f0f51ac698e2afbb63a4e9370355fceb2f0e9d703973792a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/assets/standalone-e25e4e547d902184f0f51ac698e2afbb63a4e9370355fceb2f0e9d703973792a.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
assets.privy.com
referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
:scheme
https
:method
GET
Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 22 Jun 2018 09:57:57 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
cf-cache-status
HIT
x-cache
Hit from cloudfront
status
200
content-length
112331
last-modified
Tue, 19 Jun 2018 13:58:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
via
1.1 vegur, 1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
cache-control
public, max-age=1382400
set-cookie
__cfduid=d70a17153b818ee4fcea2cd92d806e13d1529661477; expires=Sat, 22-Jun-19 09:57:57 GMT; path=/; domain=.privy.com; HttpOnly; Secure
cf-ray
42edda88ba592654-FRA
x-amz-cf-id
uGxuo4JnO1yxQAIhxixsgQ-v4IHr_Ra2LX28iccv9Q95goUptRIxCQ==
expires
Sun, 08 Jul 2018 09:57:57 GMT
css
fonts.googleapis.com/ 		218 B
264 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:500,400
Requested by
Host: assets.privy.com
URL: https://assets.privy.com/assets/standalone-e25e4e547d902184f0f51ac698e2afbb63a4e9370355fceb2f0e9d703973792a.js
Protocol
SPDY
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e764c95f535df1ed26f6234e4ecd7a1c9ed2a605441a6a0e2551b093739f067b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 22 Jun 2018 09:57:57 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Fri, 22 Jun 2018 09:57:57 GMT
css
fonts.googleapis.com/ 		652 B
320 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,700,400
Requested by
Host: assets.privy.com
URL: https://assets.privy.com/assets/standalone-e25e4e547d902184f0f51ac698e2afbb63a4e9370355fceb2f0e9d703973792a.js
Protocol
SPDY
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
acca94bf443b7912ed63e3d93910d25a747d3fd97974a7b7762d8a1ca4229659
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 22 Jun 2018 09:57:57 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Fri, 22 Jun 2018 09:57:57 GMT
mem8YaGs126MiZpBA-UFVZ0e.ttf
fonts.gstatic.com/s/opensans/v15/ 		26 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0e.ttf
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Protocol
SPDY
Server
2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
927658fe940c899225567ad7885c40a7871dee09c2b9f00d31f7ca62d1f424fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700|Open+Sans:400italic,400,700,600,300
Origin
https://promotions.privy.com

Response headers

date
Fri, 15 Jun 2018 21:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
564833
status
200
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
17857
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 21:49:44 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jun 2019 21:04:04 GMT
S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v14/ 		59 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wWw.ttf
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Protocol
SPDY
Server
2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9c4590446dbf83edae05be4ca28ef789ee50a01ef2cb8f1b51c5937d029cac76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700|Open+Sans:400italic,400,700,600,300
Origin
https://promotions.privy.com

Response headers

date
Fri, 15 Jun 2018 21:00:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565062
status
200
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
30035
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:23:16 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jun 2019 21:00:15 GMT
collect
google-analytics.com/
Redirect Chain
  • https://privymktg.com/collect?v=1&cid=4eb106bb-83d8-4cde-81d8-0e2ce619e0a6&cd1=C16F86E0486EA5D421F6C36C&cd2=501976&cd5=signup&cd6=embedded&tid=UA-20331028-1&t=event&ni=true&ea=viewed-campaign&ec=st...
  • https://google-analytics.com/collect?v=1&cid=4eb106bb-83d8-4cde-81d8-0e2ce619e0a6&cd1=C16F86E0486EA5D421F6C36C&cd2=501976&cd5=signup&cd6=embedded&tid=UA-20331028-1&t=event&ni=true&ea=viewed-campaig...
35 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://google-analytics.com/collect?v=1&cid=4eb106bb-83d8-4cde-81d8-0e2ce619e0a6&cd1=C16F86E0486EA5D421F6C36C&cd2=501976&cd5=signup&cd6=embedded&tid=UA-20331028-1&t=event&ni=true&ea=viewed-campaign&ec=standalone&dl=https%3A%2F%2Fpromotions.privy.com%2Fcampaigns%2F501976%2Fform%3Fviewport_type%3Dembedded%26isBuilder%3Dfalse%26uuid%3De57e6022-d554-49a4-a0ac-5b17db69aadd&dt=Directline%20Flights&ul=en-US&z=14518900611841623
Requested by
Host: promotions.privy.com
URL: https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
Protocol
SPDY
Server
2a00:1450:4001:820::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 Apr 2018 08:00:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6573464
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Jun 2018 09:57:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
302
location
https://google-analytics.com/collect?v=1&cid=4eb106bb-83d8-4cde-81d8-0e2ce619e0a6&cd1=C16F86E0486EA5D421F6C36C&cd2=501976&cd5=signup&cd6=embedded&tid=UA-20331028-1&t=event&ni=true&ea=viewed-campaign&ec=standalone&dl=https%3A%2F%2Fpromotions.privy.com%2Fcampaigns%2F501976%2Fform%3Fviewport_type%3Dembedded%26isBuilder%3Dfalse%26uuid%3De57e6022-d554-49a4-a0ac-5b17db69aadd&dt=Directline%20Flights&ul=en-US&z=14518900611841623
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
42edda89be1f2762-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
collect
events.privy.com/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.privy.com/collect?campaign_id=501976&campaign_context=embedded&campaign_type=signup&non_interaction=true&business_id=C16F86E0486EA5D421F6C36C&route=%2Fcampaigns%2F501976%2Fform&event=viewed-campaign&user=
Requested by
Host: promotions.privy.com
URL: https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6819:6111 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/collect?campaign_id=501976&campaign_context=embedded&campaign_type=signup&non_interaction=true&business_id=C16F86E0486EA5D421F6C36C&route=%2Fcampaigns%2F501976%2Fform&event=viewed-campaign&user=
pragma
no-cache
cookie
__cfduid=d70a17153b818ee4fcea2cd92d806e13d1529661477; _privy_undefined=%7B%22uuid%22%3A%224eb106bb-83d8-4cde-81d8-0e2ce619e0a6%22%7D
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
events.privy.com
referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
:scheme
https
:method
GET
Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jun 2018 09:57:57 GMT
via
1.1 vegur
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cf-ray
42edda898aa82654-FRA
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all.js
connect.facebook.net/en_US/ 		206 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: promotions.privy.com
URL: https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
Protocol
SPDY
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e225ff630e1ac8e7c5f8eb947d8db82c42faa83c98641102c62ed98056961574
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
YBZnh8Lna+4TI1CihTt+NQ==
status
200
content-length
62807
x-xss-protection
0
x-fb-debug
xGA3ZPKnTF6M+V0hKYD1SJh8E1AxEMp8tpQvkLBSYRniyfmz5owdcmmdZxhPaYiL5BvpCth8fydnQA59OsNj6A==
x-fb-content-md5
aa78ec08920c666156dd1b17bc207d04
x-frame-options
DENY
date
Fri, 22 Jun 2018 09:57:57 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"7eabb914584e2c58c34fc7e0f0b84abc"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin
*
expires
Fri, 22 Jun 2018 10:13:13 GMT
sharethis.js
platform-api.sharethis.com/js/ 		134 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: assets.privy.com
URL: https://assets.privy.com/assets/standalone-e25e4e547d902184f0f51ac698e2afbb63a4e9370355fceb2f0e9d703973792a.js
Protocol
HTTP/1.1
Server
184.31.82.197 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-82-197.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dd47430eebf6bbf0b3404d2a4baf000848a7ac1f76214a2f7c0de0e8fe2cb698

Request headers

Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 22 Jun 2018 09:57:57 GMT
Content-Encoding
gzip
ETag
W/"21842-lxcDccQqjGCNRD4eyJX6SQ"
Vary
Accept-Encoding
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
49386
xaOI6zd9HW9.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 3967 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/xaOI6zd9HW9.js?version=42
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/xaOI6zd9HW9.js?version=42
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
DCCC5122D94C4EAA10789CD6F22FE7CB
Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd

Response headers

status
200
expires
Sat, 22 Jun 2019 08:21:03 GMT
cache-control
public,max-age=31536000,immutable
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-xss-protection
0
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
vary
Accept-Encoding
content-encoding
gzip
x-fb-debug
mVvUj+88kYwO1tTegzVWz+IGwHuJq5rblf8YY3TAR+fxjN5CnRC2/VzLY0tqI8hi+V6SPQLrFCTJgRYRTjOuFA==
content-length
13905
date
Fri, 22 Jun 2018 09:57:57 GMT
get_consent
c.sharethis.mgr.consensu.org/v1.0/cmp/ 		13 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.sharethis.mgr.consensu.org/v1.0/cmp/get_consent
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Server
52.22.89.101 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-22-89-101.compute-1.amazonaws.com
Software
/
Resource Hash
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
Origin
https://promotions.privy.com

Response headers

Date
Fri, 22 Jun 2018 09:57:57 GMT
ETag
W/"d-+DingHfG0CPg0LypXw8zXfS4tGg"
Vary
Accept-Encoding
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://promotions.privy.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
13
ping
www.facebook.com/connect/ Frame C530 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/connect/ping?client_id=320395701677362&domain=promotions.privy.com&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FxaOI6zd9HW9.js%3Fversion%3D42%23cb%3Df10fe4f757282f4%26domain%3Dpromotions.privy.com%26origin%3Dhttps%253A%252F%252Fpromotions.privy.com%252Ff3aa3728505a77c%26relation%3Dparent&response_type=token%2Csigned_request%2Ccode&sdk=joey&version
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:86:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/connect/ping?client_id=320395701677362&domain=promotions.privy.com&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FxaOI6zd9HW9.js%3Fversion%3D42%23cb%3Df10fe4f757282f4%26domain%3Dpromotions.privy.com%26origin%3Dhttps%253A%252F%252Fpromotions.privy.com%252Ff3aa3728505a77c%26relation%3Dparent&response_type=token%2Csigned_request%2Ccode&sdk=joey&version
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
DCCC5122D94C4EAA10789CD6F22FE7CB
Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd

Response headers

status
200
x-xss-protection
0
pragma
no-cache
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control
private, no-cache, no-store, must-revalidate
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html; charset=UTF-8
x-fb-debug
cYjipArS7y9SGelJMlw8TM4Sje5zxabT2c/4lUyD3OCyrmbYsTk01zAD9mn31OREac3YxYn+Ag5hXCy3PDE28w==
date
Fri, 22 Jun 2018 09:57:57 GMT
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&version=st_sop.js&lang=en&fpc=6977279-16426edd235-127a53df-1&sessionID=1529661477430.19290&hostname=promotions.privy.com&location=%2Fcampaigns%2F501976%2Ff...
  • https://l.sharethis.com/sc?cm=ZGAB2FssyCUAAAAUEiMNAw%3D%3D&uid=true&url=https%3A%2F%2Fpromotions.privy.com%2Fcampaigns%2F501976%2Fform%3Fviewport_type%3Dembedded%26isBuilder%3Dfalse%26uuid%3De57e60...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/sc?cm=ZGAB2FssyCUAAAAUEiMNAw%3D%3D&uid=true&url=https%3A%2F%2Fpromotions.privy.com%2Fcampaigns%2F501976%2Fform%3Fviewport_type%3Dembedded%26isBuilder%3Dfalse%26uuid%3De57e6022-d554-49a4-a0ac-5b17db69aadd
Protocol
HTTP/1.1
Server
35.157.215.255 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-215-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 22 Jun 2018 09:57:57 GMT
Access-Control-Allow-Origin
https://promotions.privy.com
Access-Control-Max-Age
1728000
P3p
policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location
/sc?cm=ZGAB2FssyCUAAAAUEiMNAw%3D%3D&uid=true&url=https%3A%2F%2Fpromotions.privy.com%2Fcampaigns%2F501976%2Fform%3Fviewport_type%3Dembedded%26isBuilder%3Dfalse%26uuid%3De57e6022-d554-49a4-a0ac-5b17db69aadd
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
*
Content-Length
247
Stid
ZGAB2FssyCUAAAAUEiMNAw==

Redirect headers

Date
Fri, 22 Jun 2018 09:57:57 GMT
Access-Control-Allow-Origin
https://promotions.privy.com
Access-Control-Max-Age
1728000
P3p
policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location
/sc?cm=ZGAB2FssyCUAAAAUEiMNAw%3D%3D&uid=true&url=https%3A%2F%2Fpromotions.privy.com%2Fcampaigns%2F501976%2Fform%3Fviewport_type%3Dembedded%26isBuilder%3Dfalse%26uuid%3De57e6022-d554-49a4-a0ac-5b17db69aadd
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
*
Content-Length
247
Stid
ZGAB2FssyCUAAAAUEiMNAw==
sc
l.sharethis.com/ 		51 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/sc?cm=ZGAB2FssyCUAAAAUEiMNAw%3D%3D&uid=true&url=https%3A%2F%2Fpromotions.privy.com%2Fcampaigns%2F501976%2Fform%3Fviewport_type%3Dembedded%26isBuilder%3Dfalse%26uuid%3De57e6022-d554-49a4-a0ac-5b17db69aadd
Protocol
HTTP/1.1
Server
35.157.215.255 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-215-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e4e9104b1a08eb479205baa0cd44b1af47fdd37ac1926717fd4a0d11f3cc6b5e

Request headers

X-DevTools-Emulate-Network-Conditions-Client-Id
DCCC5122D94C4EAA10789CD6F22FE7CB
Origin
https://promotions.privy.com
Referer
https://promotions.privy.com/campaigns/501976/form?viewport_type=embedded&isBuilder=false&uuid=e57e6022-d554-49a4-a0ac-5b17db69aadd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 22 Jun 2018 09:57:57 GMT
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://promotions.privy.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZGAB2FssyCUAAAAUEiMNAw==
Access-Control-Allow-Headers
*
Content-Length
51

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ undefined| jQuery function| _ object| Backbone object| Placeholders function| postscribe object| Handlebars object| Liquid function| hackObjectEach function| split object| JSEncryptExports object| UUID object| jQuery111201657867037372649 object| Jockey function| Vent object| KJUR object| Hex object| Base64 function| ASN1 function| JSEncrypt function| md5 function| jsSHA object| PrivyQueue function| Privy object| PrivyWebFont object| PrivyHandlebarsTemplates object| bootstrapData function| onShareThisLoaded object| FB object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ boolean| opt_out

4 Cookies

Domain/Path Name / Value
.privy.com/ Name: __unam
Value: 6977279-16426edd235-127a53df-1
.privy.com/ Name: _privy_undefined
Value: %7B%22uuid%22%3A%224eb106bb-83d8-4cde-81d8-0e2ce619e0a6%22%7D
.privy.com/ Name: __cfduid
Value: d70a17153b818ee4fcea2cd92d806e13d1529661477
promotions.privy.com/campaigns/501976 Name: __sharethis_cookie_test__
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.privy.com
c.sharethis.mgr.consensu.org
cdnjs.cloudflare.com
connect.facebook.net
events.privy.com
fonts.googleapis.com
fonts.gstatic.com
google-analytics.com
l.sharethis.com
maxcdn.bootstrapcdn.com
platform-api.sharethis.com
privymktg.com
promotions.privy.com
staticxx.facebook.com
www.facebook.com
184.31.82.197
2001:4de0:ac19::1:b:3a
2400:cb00:2048:1::6813:c397
2400:cb00:2048:1::6819:6111
2400:cb00:2048:1::681c:1640
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2003
2a00:1450:4001:820::2004
2a00:1450:4001:820::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:86:face:b00c:0:50fb
35.157.215.255
52.1.117.85
52.22.89.101
27829b1d29e3fb532d761987d4057275d1e9ecdd3eaf4b4c40a29382590b820e
28a9331bc688278e0088c64f906feeaf2a7eafeca2831c97f8a79399ff697a3b
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
4b5ec97c93ef291050b5d74ac3d2dd03ad415c270ba785b3604d67755264b6ac
4bd560ba47822bbaa5fb9cc465a257cec52c68b513c95b184d163053c540e09f
4c141f368da1152af24808794c501b65be66f1550e1b0b2f6c10578fb945eaf2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ba1858de4c42f5f0362dee34e0582937cb9869bef62e69fb8e46f6ba7aa11d5
927658fe940c899225567ad7885c40a7871dee09c2b9f00d31f7ca62d1f424fc
9c4590446dbf83edae05be4ca28ef789ee50a01ef2cb8f1b51c5937d029cac76
a939e5fb10ed95a7f645b02c6b81d59e9e49f5c9bd6643a23056cc1eea0f8637
acca94bf443b7912ed63e3d93910d25a747d3fd97974a7b7762d8a1ca4229659
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
dd47430eebf6bbf0b3404d2a4baf000848a7ac1f76214a2f7c0de0e8fe2cb698
e225ff630e1ac8e7c5f8eb947d8db82c42faa83c98641102c62ed98056961574
e25e4e547d902184f0f51ac698e2afbb63a4e9370355fceb2f0e9d703973792a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e9104b1a08eb479205baa0cd44b1af47fdd37ac1926717fd4a0d11f3cc6b5e
e764c95f535df1ed26f6234e4ecd7a1c9ed2a605441a6a0e2551b093739f067b