talc.injurysurvey.com Open in urlscan Pro
107.178.254.45 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pye.thickyear.xyz/NI-IjB3RCSLaa-K24ICdimndGm_LUMJ0SGaIhMtlb2OTYy-thjSCEBIIzHt6t9gAJAgQ8dOz0-BswrmEad3RR4SP7RXUHPPH...
Effective URL:
https://talc.injurysurvey.com/?request_id=13657876
Submission: On December 18 via api (December 18th 2019, 5:13:08 am UTC) from BE

Summary HTTP 45 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 23 IPs in 7 countries across 25 domains to perform 45 HTTP transactions. The main IP is 107.178.254.45, located in United States and belongs to GOOGLE - Google LLC, US. The main domain is talc.injurysurvey.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 22nd 2019. Valid for: 3 months.

This is the only time talc.injurysurvey.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.141.153.254 45.141.153.254	9009 (M247) (M247)
1	89.46.100.124 89.46.100.124	9009 (M247) (M247)
1 1	52.86.50.138 52.86.50.138	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	107.178.254.45 107.178.254.45	15169 (GOOGLE) (GOOGLE - Google LLC)
12	192.229.133.208 192.229.133.208	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE - Google LLC)
2	130.211.30.60 130.211.30.60	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f0f... 2a03:2880:f0ff:1a:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.12.65 151.101.12.65	54113 (FASTLY) (FASTLY - Fastly)
1 2	23.111.9.38 23.111.9.38	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:818::2010	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	143.204.98.128 143.204.98.128	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	35.186.205.120 35.186.205.120	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
6 9	52.19.228.230 52.19.228.230	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER - Twitter Inc.)
1 1	2a00:1288:110... 2a00:1288:110:c305::9000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	52.71.210.204 52.71.210.204	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1 1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	185.33.223.100 185.33.223.100	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
45	23

1 45.141.153.254 (New York, United States) 1 redirects

ASN9009 (M247, GB)

pye.thickyear.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.46.100.124 (Romania)

ASN9009 (M247, GB)
PTR: hxy.newself-improvement.pw

www.elliornic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.50.138 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-86-50-138.compute-1.amazonaws.com

trk.injury-survey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.45 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 45.254.178.107.bc.googleusercontent.com

talc.injurysurvey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.229.133.208 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

v.fastcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.34 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.30.60 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 60.30.211.130.bc.googleusercontent.com

heatmap.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f0ff:1a:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.65 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

tag.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.38 (Phoenix, United States) 1 redirects

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.128 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-128.fra50.r.cloudfront.net

d3mwhxgzltpnyp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.205.120 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 120.205.186.35.bc.googleusercontent.com

anthill.instapage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.19.228.230 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-228-230.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::9000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.210.204 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-71-210-204.compute-1.amazonaws.com

pixel.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.100 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	fastcdn.co v.fastcdn.co	2 MB
10	prfct.co 6 redirects pixel-geo.prfct.co pixel.prfct.co	4 KB
4	facebook.com www.facebook.com	551 B
3	gstatic.com fonts.gstatic.com	29 KB
3	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
3	facebook.net connect.facebook.net	255 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	openx.net 1 redirects us-u.openx.net	337 B
2	google.de www.google.de	219 B
2	google.com 1 redirects www.google.com	311 B
2	mouseflow.com 1 redirects cdn.mouseflow.com	623 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	heatmap.services heatmap.services	4 KB
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	yahoo.com 1 redirects ads.yahoo.com	648 B
1	twitter.com analytics.twitter.com	274 B
1	instapage.com anthill.instapage.com	192 B
1	cloudfront.net d3mwhxgzltpnyp.cloudfront.net
1	googleapis.com storage.googleapis.com	452 B
1	marinsm.com tag.marinsm.com	4 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	injurysurvey.com talc.injurysurvey.com	20 KB
1	injury-survey.com 1 redirects trk.injury-survey.com	737 B
1	elliornic.com www.elliornic.com	487 B
1	thickyear.xyz 1 redirects pye.thickyear.xyz	459 B
45	25

	Domain	Requested by
12	v.fastcdn.co	talc.injurysurvey.com
9	pixel-geo.prfct.co	6 redirects talc.injurysurvey.com
4	www.facebook.com	talc.injurysurvey.com
3	fonts.gstatic.com	talc.injurysurvey.com
3	connect.facebook.net	talc.injurysurvey.com connect.facebook.net
2	secure.adnxs.com	1 redirects talc.injurysurvey.com
2	us-u.openx.net	1 redirects talc.injurysurvey.com
2	www.google.de	talc.injurysurvey.com
2	www.google.com	1 redirects talc.injurysurvey.com
2	cdn.mouseflow.com	1 redirects talc.injurysurvey.com
2	www.google-analytics.com	1 redirects talc.injurysurvey.com
2	heatmap.services	talc.injurysurvey.com heatmap.services
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com	talc.injurysurvey.com
1	pixel.prfct.co	talc.injurysurvey.com
1	ads.yahoo.com	1 redirects
1	analytics.twitter.com	talc.injurysurvey.com
1	stats.g.doubleclick.net	1 redirects
1	anthill.instapage.com	talc.injurysurvey.com
1	d3mwhxgzltpnyp.cloudfront.net	talc.injurysurvey.com
1	storage.googleapis.com	talc.injurysurvey.com
1	tag.marinsm.com	talc.injurysurvey.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	talc.injurysurvey.com
1	talc.injurysurvey.com	www.elliornic.com
1	trk.injury-survey.com	1 redirects
1	www.elliornic.com
1	pye.thickyear.xyz	1 redirects
45	28

This site contains links to these domains. Also see Links.

Domain
injurysurvey.com
terms.injurysurvey.com
privacy.injurysurvey.com
digitizeiq.com
www.injurysurvey.com

Subject Issuer	Validity	Valid
www.elliornic.com Let's Encrypt Authority X3	`2019-11-11` - `2020-02-09`	3 months	crt.sh
talc.injurysurvey.com Let's Encrypt Authority X3	`2019-11-22` - `2020-02-20`	3 months	crt.sh
v.fastcdn.co DigiCert SHA2 Secure Server CA	`2017-10-24` - `2020-06-09`	3 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
heatmap.services COMODO RSA Domain Validation Secure Server CA	`2018-04-20` - `2020-04-19`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-12-06` - `2020-03-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
g.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2019-09-23` - `2020-09-23`	a year	crt.sh
*.mouseflow.com COMODO RSA Domain Validation Secure Server CA	`2017-04-25` - `2020-05-09`	3 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.instapage.com DigiCert SHA2 Secure Server CA	`2019-10-01` - `2021-12-28`	2 years	crt.sh
www.google.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.prfct.co DigiCert SHA2 Secure Server CA	`2019-09-03` - `2021-10-27`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://talc.injurysurvey.com/?request_id=13657876
Frame ID: 444EA22F454B39C6715CEBED499DC91D
Requests: 44 HTTP requests in this frame

Frame: https://d3mwhxgzltpnyp.cloudfront.net/local-storage/index.html
Frame ID: D73938DF135C7D81426D86BEFDE164F1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://pye.thickyear.xyz/NI-IjB3RCSLaa-K24ICdimndGm_LUMJ0SGaIhMtlb2OTYy-thjSCEBIIzHt6t9gAJAgQ8dOz0-Bs... HTTP 302
https://www.elliornic.com/xGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQ... Page URL
https://trk.injury-survey.com/?a=68&c=1128&s1=160838&s2=520510436&s3=686f746d61696c343532355f33395f3135373... HTTP 302
https://talc.injurysurvey.com/?request_id=13657876 Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

45
Requests

100 %
HTTPS

36 %
IPv6

25
Domains

28
Subdomains

23
IPs

7
Countries

2327 kB
Transfer

3777 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://injurysurvey.com/
Title: M

Search URL Search Domain Scan URL

URL: http://terms.injurysurvey.com/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: http://privacy.injurysurvey.com/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://digitizeiq.com/clients.php
Title: our clients

Search URL Search Domain Scan URL

URL: http://www.injurysurvey.com/terms
Title: Terms

Search URL Search Domain Scan URL

URL: http://injurysurvey.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pye.thickyear.xyz/NI-IjB3RCSLaa-K24ICdimndGm_LUMJ0SGaIhMtlb2OTYy-thjSCEBIIzHt6t9gAJAgQ8dOz0-BswrmEad3RR4SP7RXUHPPHbr0F3Ty88e7rBiH-Rts HTTP 302
https://www.elliornic.com/xGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~/686f746d61696c343532355f33395f313537363333333037322e3633/17016c42d8c4b51543a9b0d4ba24184b/30303a3132 Page URL
https://trk.injury-survey.com/?a=68&c=1128&s1=160838&s2=520510436&s3=686f746d61696c343532355f33395f313537363333333037322e3633 HTTP 302
https://talc.injurysurvey.com/?request_id=13657876 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://pye.thickyear.xyz/NI-IjB3RCSLaa-K24ICdimndGm_LUMJ0SGaIhMtlb2OTYy-thjSCEBIIzHt6t9gAJAgQ8dOz0-BswrmEad3RR4SP7RXUHPPHbr0F3Ty88e7rBiH-Rts HTTP 302
https://www.elliornic.com/xGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~/686f746d61696c343532355f33395f313537363333333037322e3633/17016c42d8c4b51543a9b0d4ba24184b/30303a3132

Request Chain 17

https://cdn.mouseflow.com/projects/3e3bf545-a65d-4771-9078-5f2ea10c07df.js HTTP 301
https://cdn.mouseflow.com/projects/3e3bf545-a65d-4771-9078-5f2ea10c07df_eu.js

Request Chain 27

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=673665737&t=pageview&_s=1&dl=https%3A%2F%2Ftalc.injurysurvey.com%2F%3Frequest_id%3D13657876&dr=https%3A%2F%2Fwww.elliornic.com%2FxGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~%2F686f746d61696c343532355f33395f313537363333333037322e3633%2F17016c42d8c4b51543a9b0d4ba24184b%2F30303a3132&ul=en-us&de=UTF-8&dt=Talcum%20Powder%20Injury%20Settlement&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1310372843&gjid=958973374&cid=1533475937.1576645971&tid=UA-55036971-7&_gid=395380486.1576645971&_r=1&z=196237864 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-55036971-7&cid=1533475937.1576645971&jid=1310372843&_gid=395380486.1576645971&gjid=958973374&_v=j79&z=196237864 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-55036971-7&cid=1533475937.1576645971&jid=1310372843&_v=j79&z=196237864 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-55036971-7&cid=1533475937.1576645971&jid=1310372843&_v=j79&z=196237864&slf_rd=1&random=2905942386

Request Chain 31

https://pixel-geo.prfct.co/tagjs?a_id=54750&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=54750&source=js_tag

Request Chain 33

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_JqxLm5L98HzKDvYWE

Request Chain 34

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_JqxLm5L98HzKDvYWE&sigv=1&esig=2~29b279c8d7dfdcb00e21d7c28da6d4228dc8fd4f HTTP 302
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_JqxLm5L98HzKDvYWE

Request Chain 35

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_JqxLm5L98HzKDvYWE HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_JqxLm5L98HzKDvYWE

Request Chain 36

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_JqxLm5L98HzKDvYWE

Request Chain 37

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfSnF4TG01TDk4SHpLRHZZV0U HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 39

https://secure.adnxs.com/seg?t=2&add=4216025 HTTP 302
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D4216025

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set 30303a3132 Show response
www.elliornic.com/xGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~/686f746d61696c343532355f33395f313537363333333037322e3633/17016c42d8c4b51543a9b0d4ba24184b/
Redirect Chain

http://pye.thickyear.xyz/NI-IjB3RCSLaa-K24ICdimndGm_LUMJ0SGaIhMtlb2OTYy-thjSCEBIIzHt6t9gAJAgQ8dOz0-BswrmEad3RR4SP7RXUHPPHbr0F3Ty88e7rBiH-Rts
https://www.elliornic.com/xGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~/686f746d61696c343532355f33395f313537363333333037322e3633/17016c42d8c4b51543a9b0d4b...

188 B
487 B

694ms
507ms

Document
text/html

89.46.100.124
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elliornic.com/xGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~/686f746d61696c343532355f33395f313537363333333037322e3633/17016c42d8c4b51543a9b0d4ba24184b/30303a3132
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.46.100.124 , Romania, ASN9009 (M247, GB),
Reverse DNS: hxy.newself-improvement.pw
Software: Apache /
Resource Hash: 523f929f38b3178bb8ab2385f6e039e8c5d789e51a04f6a558985219a6561a64

Request headers

Host: www.elliornic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 18 Dec 2019 05:12:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 188
Server: Apache
Set-Cookie: uid4525=520510436-20191218001249-44d3def81b7f81f69bf8adb622ccebdf-; expires=Fri, 17-Jan-2020 05:12:49 GMT; Max-Age=2592000; path=/; domain=elliornic.com

Redirect headers

Server: nginx
Date: Wed, 18 Dec 2019 05:12:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Location: https://www.elliornic.com/xGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~/686f746d61696c343532355f33395f313537363333333037322e3633/17016c42d8c4b51543a9b0d4ba24184b/30303a3132
Expires: Wed, 25 Dec 2019 05:12:48 GMT
Cache-Control: max-age=604800

GET
H2

200

Primary Request / Show response
talc.injurysurvey.com/
Redirect Chain

https://trk.injury-survey.com/?a=68&c=1128&s1=160838&s2=520510436&s3=686f746d61696c343532355f33395f313537363333333037322e3633
https://talc.injurysurvey.com/?request_id=13657876

85 KB
20 KB

702ms
47ms

Document
text/html

107.178.254.45
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://talc.injurysurvey.com/?request_id=13657876

Requested by

Host: www.elliornic.com
URL: https://www.elliornic.com/xGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~/686f746d61696c343532355f33395f313537363333333037322e3633/17016c42d8c4b51543a9b0d4ba24184b/30303a3132

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.178.254.45 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

45.254.178.107.bc.googleusercontent.com

Software

openresty / Express

Resource Hash

d8ca5229496e58a66dfb8e60e6eb78b219df4e5ce98d0d8234119b5e456e210f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: talc.injurysurvey.com
:scheme: https
:path: /?request_id=13657876
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.elliornic.com/xGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~/686f746d61696c343532355f33395f313537363333333037322e3633/17016c42d8c4b51543a9b0d4ba24184b/30303a3132
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.elliornic.com/xGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~/686f746d61696c343532355f33395f313537363333333037322e3633/17016c42d8c4b51543a9b0d4ba24184b/30303a3132

Response headers

status: 200
server: openresty
date: Wed, 18 Dec 2019 05:12:50 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
set-cookie: instapage-variant-3252308=A; Path=/; Expires=Wed, 18 Dec 2019 13:58:26 GMT
etag: W/"15274-IHUttUYqjVlHtD/Yvsx6472dyZA"
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

Cache-Control: private
Content-Length: 167
Content-Type: text/html; charset=utf-8
Date: Wed, 18 Dec 2019 05:12:49 GMT
Location: https://talc.injurysurvey.com/?request_id=13657876
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=NVxmS9mCBqkfpPd8bNn8Ci8144MkXQJfvPbsHFgHSYSOA5sMCYieSQ==; domain=.trk.injury-survey.com; path=/; HttpOnly trk=jy9UlnZQxJUfpPd8bNn8Ci8144MkXQJfvPbsHFgHSYSOA5sMCYieSQ==; domain=.trk.injury-survey.com; expires=Tue, 17-Dec-2024 21:12:49 GMT; path=/; HttpOnly c569=NVxmS9mCBqleQVewUsIE3nXRqlQ42VTpe/z/M9tpvFM=; domain=.trk.injury-survey.com; expires=Fri, 17-Jan-2020 05:12:49 GMT; path=/; HttpOnly
Connection: close

GET
H2 200 css
v.fastcdn.co/f/ 24 KB
1 KB 165ms
84ms Stylesheet
text/css 192.229.133.208
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://v.fastcdn.co/f/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.133.208 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ESF /

Resource Hash

0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:50 GMT
content-encoding: br
last-modified: Wed, 18 Dec 2019 05:12:50 GMT
server: ESF
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
cache-control: private, max-age=86400, stale-while-revalidate=604800
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 18 Dec 2019 05:12:50 GMT

GET
H2 200 css
v.fastcdn.co/f/ 28 KB
1 KB 166ms
85ms Stylesheet
text/css 192.229.133.208
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://v.fastcdn.co/f/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.133.208 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ESF /

Resource Hash

4575a25af8345837dd1a37196f64353b7048950ec75026329aedcb3afd5c0775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:50 GMT
content-encoding: br
last-modified: Wed, 18 Dec 2019 05:12:50 GMT
server: ESF
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
cache-control: private, max-age=86400, stale-while-revalidate=604800
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 18 Dec 2019 05:12:50 GMT

GET
H2 200 pageserver.page2.9ba2350f8660286c7446e8f17121f326.css
v.fastcdn.co/a/f0785b8efeb2ccb6147135aca20c797c527b7329/ 216 KB
35 KB 107ms
26ms Stylesheet
text/css 192.229.133.208
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.fastcdn.co/a/f0785b8efeb2ccb6147135aca20c797c527b7329/pageserver.page2.9ba2350f8660286c7446e8f17121f326.css
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (lcy/1D53) /
Resource Hash: 5057cbdb9242ecf47b6397913c5d6dbef092b3e9cf440f790ccadbc786351a1a

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:50 GMT
content-encoding: gzip
x-guploader-uploadid: AEnB2Up4Hgw4p9lQREgC93LjvQsUwaoZR3msK--XHQIsH05jHBZ_Rogvw7I_tVueiadnxUQ822Z0l8wnmpWMnfXHMMKshfuj2A
x-cache: HIT
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35662
last-modified: Mon, 16 Dec 2019 07:55:29 GMT
server: ECS (lcy/1D53)
etag: "f72793af744aa4acabd5dadc5932f078"
vary: Accept-Encoding
x-goog-hash: crc32c=ehgv1g==, md5=9yeTr3RKpKyr1drcWTLweA==
x-goog-generation: 1576482929374791
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 35662
accept-ranges: bytes
content-type: text/css
expires: Wed, 18 Dec 2019 06:12:50 GMT

GET
H2 200 pageserver.page2.es5.4ce33bff27273ac477d6.bundle.js Show response
v.fastcdn.co/a/f0785b8efeb2ccb6147135aca20c797c527b7329/ 488 KB
143 KB 130ms
49ms Script
application/javascript 192.229.133.208
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.fastcdn.co/a/f0785b8efeb2ccb6147135aca20c797c527b7329/pageserver.page2.es5.4ce33bff27273ac477d6.bundle.js
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (lcy/1D67) /
Resource Hash: f67b7db80d10d058a9699149621487cc6445df57783bfe60968be4c703b1c0fc

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:50 GMT
content-encoding: gzip
x-guploader-uploadid: AEnB2UqCziXK8gNNveX-Z7uOr1_-K684rSQR4rbtUdLnw37tvHbx5GXhqjz_2h_Q4Zyey0Mj2m9bPD41474XvdC5YxV-WfkVhQ
x-cache: HIT
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 145643
last-modified: Mon, 16 Dec 2019 07:55:39 GMT
server: ECS (lcy/1D67)
etag: "1858e5cb9589642967935c2a688a6f2d"
vary: Accept-Encoding
x-goog-hash: crc32c=5aFKmQ==, md5=GFjly5WJZClnk1wqaIpvLQ==
x-goog-generation: 1576482939098176
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 145643
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 18 Dec 2019 06:12:50 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 25 KB
10 KB 87ms
34ms Script
text/javascript 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

1e7f38ad3228c18e42d333db1c37196568540a54143a158af008393e2a7a5217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9872
x-xss-protection: 0
server: cafe
etag: 10799607792090409869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 18 Dec 2019 05:12:50 GMT

GET
H2 200 1575573004-1763534-204x63-injury-survey-logo.png
v.fastcdn.co/t/aa0bc9de/748c6909/ 11 KB
11 KB 163ms
83ms Image
image/png 192.229.133.208
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/t/aa0bc9de/748c6909/1575573004-1763534-204x63-injury-survey-logo.png
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (lcy/1D57) /
Resource Hash: f47a7d4bc3384fa59bedc0a77d7fc61ddaa8b11ce7167703fd2b875dc7664f19

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:50 GMT
x-goog-stored-content-length: 11158
x-guploader-uploadid: AEnB2UrmEKd0PGv81GUiCMGJgiUTuSzrjqrXbbtEvhYYQ6uQnbcZ07cHh_BcVcscY1LQhXkC-RySSvljrK2ZOTf-4gTSQ2HHYw
x-cache: HIT
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Mon, 25 Jan 2021 11:10:04 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11158
last-modified: Thu, 05 Dec 2019 19:10:04 GMT
server: ECS (lcy/1D57)
etag: "2f17d225892847918022b46266c1ffb6"
x-goog-hash: crc32c=IUiCJQ==, md5=LxfSJYkoR5GAIrRiZsH/tg==
content-type: image/png
x-goog-generation: 1575573004649411
cache-control: max-age=315360000, public
x-goog-meta-content-length: 11158
accept-ranges: bytes
expires: Thu, 17 Dec 2020 05:12:50 GMT

GET
H2 200 1575573010-1982611-85x46-Norton.png
v.fastcdn.co/t/aa0bc9de/748c6909/ 5 KB
6 KB 163ms
83ms Image
image/png 192.229.133.208
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/t/aa0bc9de/748c6909/1575573010-1982611-85x46-Norton.png
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (lcy/1D4A) /
Resource Hash: 36d4df4cb9892c3aa83943592810bf568f006b3de3b11c33c3dbecee01baee75

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:50 GMT
x-goog-stored-content-length: 5305
x-guploader-uploadid: AEnB2UpiF3jHCnQ5S-wsnZyz_fRe8bhcF-aqsp4v6i7A4rgWA_d8HE1ml-BMvRDijf4_IjpkZodiMI011hfcS7Z5k-zXJVMmXg
x-cache: HIT
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Mon, 25 Jan 2021 11:10:10 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5305
last-modified: Thu, 05 Dec 2019 19:10:10 GMT
server: ECS (lcy/1D4A)
etag: "f4268b724325868a7b830874b205f5a4"
x-goog-hash: crc32c=pg39Lg==, md5=9CaLckMlhop7gwh0sgX1pA==
content-type: image/png
x-goog-generation: 1575573010536928
cache-control: max-age=315360000, public
x-goog-meta-content-length: 5305
accept-ranges: bytes
expires: Thu, 17 Dec 2020 05:12:50 GMT

GET
H2 200 1575573005-1917687-105x148-Header.png
v.fastcdn.co/t/aa0bc9de/748c6909/ 23 KB
24 KB 27ms
27ms Image
image/png 192.229.133.208
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/t/aa0bc9de/748c6909/1575573005-1917687-105x148-Header.png
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (lcy/1D28) /
Resource Hash: eb40aea40f26e68b6396874177d97c0be22998d5228f064f73e2a62b7edbed94

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:50 GMT
x-goog-stored-content-length: 24004
x-guploader-uploadid: AEnB2UreSKOOxSm_Fv_xMf--ZQqZaYVCdqm2YNmZEa4Dqsiwq74EoQfaPL8aI1bxvoj4Ug-ce95aKksfVydCHxD580ztd9b0ig
x-cache: HIT
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Mon, 25 Jan 2021 11:10:05 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24004
last-modified: Thu, 05 Dec 2019 19:10:05 GMT
server: ECS (lcy/1D28)
etag: "dd9d8b937c8fb92f27bbc0ab44a0eea6"
x-goog-hash: crc32c=XZRyjw==, md5=3Z2Lk3yPuS8nu8CrRKDupg==
content-type: image/png
x-goog-generation: 1575573005657798
cache-control: max-age=315360000, public
x-goog-meta-content-length: 24004
accept-ranges: bytes
expires: Thu, 17 Dec 2020 05:12:50 GMT

GET
H2 200 1575573010-2573180-86x46-Norton.png
v.fastcdn.co/t/aa0bc9de/748c6909/ 5 KB
5 KB 30ms
29ms Image
image/png 192.229.133.208
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/t/aa0bc9de/748c6909/1575573010-2573180-86x46-Norton.png
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (lcy/1D66) /
Resource Hash: b68d24084b6e86d90737343d9589ec051f2fb1c76d56ef6242c5d25bc1268e59

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:50 GMT
x-goog-stored-content-length: 5317
x-guploader-uploadid: AEnB2UpGtnx-YydrN6Lo5TfsQX4OBO3srkcJ2A-GebIwuzrftGJz-XUiDg4YpTKrvFxNrV2aF-gz-no3nXr7Dt8GjQYNh5_fKg
x-cache: HIT
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Mon, 25 Jan 2021 11:10:11 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5317
last-modified: Thu, 05 Dec 2019 19:10:11 GMT
server: ECS (lcy/1D66)
etag: "61a9f8cbe5f8a50f10b565b4542edae6"
x-goog-hash: crc32c=KXWFMA==, md5=Yan4y+X4pQ8QtWW0VC7a5g==
content-type: image/png
x-goog-generation: 1575573011156310
cache-control: max-age=315360000, public
x-goog-meta-content-length: 5317
accept-ranges: bytes
expires: Thu, 17 Dec 2020 05:12:50 GMT

GET
H2 200 1575573011-3687546-34x58-RibbonHeader.png
v.fastcdn.co/t/aa0bc9de/748c6909/ 3 KB
3 KB 28ms
27ms Image
image/png 192.229.133.208
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/t/aa0bc9de/748c6909/1575573011-3687546-34x58-RibbonHeader.png
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (lcy/1D54) /
Resource Hash: 419ba25b4343645f32fde8f86c534f47fd60b42f4632a643944a0fe3e07f2a5c

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:50 GMT
x-goog-stored-content-length: 3037
x-guploader-uploadid: AEnB2UrBP4bQJi2DzPoajN3BG9khEm-QWqMEP95IgEgiwnAYOApneJNaY1_7eNID4FVTlbqt8EcxtFJD6SbzH6i8mnJCbFxa-w
x-cache: HIT
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Mon, 25 Jan 2021 11:10:11 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3037
last-modified: Thu, 05 Dec 2019 19:10:11 GMT
server: ECS (lcy/1D54)
etag: "ad599ee1c35eded2e09b43a96dee7d09"
x-goog-hash: crc32c=fd6Yqg==, md5=rVme4cNe3tLgm0Opbe59CQ==
content-type: image/png
x-goog-generation: 1575573011756105
cache-control: max-age=315360000, public
x-goog-meta-content-length: 3037
accept-ranges: bytes
expires: Thu, 17 Dec 2020 05:12:50 GMT

GET
H2 200 1575573006-1919143-386x380-Clients.png
v.fastcdn.co/t/aa0bc9de/748c6909/ 155 KB
155 KB 29ms
28ms Image
image/png 192.229.133.208
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/t/aa0bc9de/748c6909/1575573006-1919143-386x380-Clients.png
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (lcy/1D4A) /
Resource Hash: edb3ae05f5ad89a579c39f59ada9606e99d15b9c4553cf1d112326b67c34bf6f

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:50 GMT
x-goog-stored-content-length: 158601
x-guploader-uploadid: AEnB2UpYVcuO3uZ4-JbFI2vESi4KIKpoRe43x06Hd159869s2iC2tnnvpuwbXZFviTDlqG4vCgAbgT0eO6rEVYtpoVzefPGb1A
x-cache: HIT
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Mon, 25 Jan 2021 11:10:09 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 158601
last-modified: Thu, 05 Dec 2019 19:10:09 GMT
server: ECS (lcy/1D4A)
etag: "93709e0a87526b204f282e2ccf4872af"
x-goog-hash: crc32c=AUAzxQ==, md5=k3CeCodSayBPKC4sz0hyrw==
content-type: image/png
x-goog-generation: 1575573009665059
cache-control: max-age=315360000, public
x-goog-meta-content-length: 158601
accept-ranges: bytes
expires: Thu, 17 Dec 2020 05:12:50 GMT

GET
H2 200 lib.js Show response
heatmap.services/static/ 10 KB
4 KB 163ms
123ms Script
application/javascript 130.211.30.60
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://heatmap.services/static/lib.js

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.211.30.60 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

60.30.211.130.bc.googleusercontent.com

Software

Resource Hash

c21305dcdd5cb1227ffc14b837757c09741cec5026d6bd5634337f839ca8c64a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
alt-svc: clear
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Nov 2019 14:44:48 GMT
date: Wed, 18 Dec 2019 05:12:50 GMT
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
via: 1.1 google
vary: Accept-Encoding
cache-control: public, must-revalidate, public
access-control-allow-credentials: true
accept-ranges: bytes
expires: Wed, 18 Dec 2019 05:17:50 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f0ff:1a:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f0ff:1a:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30426
x-xss-protection: 0
pragma: public
x-fb-debug: qxcNnE2sZvonj5I9LIXTbJClG94Vm0xIUunO9ygHNkIslsW97WxG4BVr2bN3sh+jNYph6r6hI2rT7+gIC9ZsFg==
date: Wed, 18 Dec 2019 05:12:50 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 2353
date: Wed, 18 Dec 2019 04:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Wed, 18 Dec 2019 06:33:37 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/943799397/ 3 KB
1 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/943799397/?random=1576645970883&cv=9&fst=1576645970883&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ftalc.injurysurvey.com%2F%3Frequest_id%3D13657876&ref=https%3A%2F%2Fwww.elliornic.com%2FxGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~%2F686f746d61696c343532355f33395f313537363333333037322e3633%2F17016c42d8c4b51543a9b0d4ba24184b%2F30303a3132&tiba=Talcum%20Powder%20Injury%20Settlement&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6caa9c8a649242bbfba9fe03ba0ab0a62c4edda3beae8d74cc7cf61b3693dc4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Dec 2019 05:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1184
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 566f2526365bbbeb0f00022c.js Show response
tag.marinsm.com/serve/ 10 KB
4 KB 286ms
222ms Script
text/javascript 151.101.12.65
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.marinsm.com/serve/566f2526365bbbeb0f00022c.js

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.65 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Cowboy /

Resource Hash

9306ce90a14b4ee88d59423ac4f594b9953acb348cec60900670b8b04a8cc31a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 18 Dec 2019 05:12:51 GMT
Via: 1.1 vegur, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3517
X-Served-By: cache-fra19177-FRA
Server: Cowboy
X-Timer: S1576645971.957904,VS0,VE197
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2

200

3e3bf545-a65d-4771-9078-5f2ea10c07df_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/3e3bf545-a65d-4771-9078-5f2ea10c07df.js
https://cdn.mouseflow.com/projects/3e3bf545-a65d-4771-9078-5f2ea10c07df_eu.js

592 B
471 B

34ms
34ms

Script
application/javascript

23.111.9.38
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/3e3bf545-a65d-4771-9078-5f2ea10c07df_eu.js
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.38 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f3887bb20bcf5b3726a491e6fd612a82e44627799daf02df00dbd9de7f4045de

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:50 GMT
content-encoding: gzip
last-modified: Wed, 16 Nov 2016 08:00:13 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"962c075df3fd21:0"
x-cache: MISS
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=86400

Redirect headers

status: 301
date: Wed, 18 Dec 2019 05:12:50 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
location: https://cdn.mouseflow.com/projects/3e3bf545-a65d-4771-9078-5f2ea10c07df_eu.js
content-type: text/html

GET
H2 200 3687846-0-571b8a0740d9f.png
v.fastcdn.co/u/aa0bc9de/ 2 MB
2 MB 30ms
30ms Image
image/png 192.229.133.208
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/aa0bc9de/3687846-0-571b8a0740d9f.png
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (lcy/1D53) /
Resource Hash: c3fc2d6eeadc65dcf0b19c63f941e22e2995510e7edca17d3e4488fb8f808a84

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:50 GMT
x-goog-stored-content-length: 1630791
x-guploader-uploadid: AEnB2UqGdx2wBZCZULWoRiH391pM07grP4AxS5T5cuaOV7MQGNAE-w0IRy0cSCgiMKOo199OxgoWx_U7VYaemksnyPNfllXhow
x-cache: HIT
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Wed, 14 Jun 2017 06:43:45 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1630791
last-modified: Sat, 23 Apr 2016 14:43:45 GMT
server: ECS (lcy/1D53)
etag: "a5748ced149c6d20fc1cdd221f374cc5"
x-goog-hash: crc32c=tKcfNg==, md5=pXSM7RScbSD8HN0iHzdMxQ==
content-type: image/png
x-goog-generation: 1461422625861000
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Thu, 17 Dec 2020 05:12:50 GMT

GET
H2 200 select-arrow-drop-down.png
storage.googleapis.com/instapage-app-assets/img/builder2/ 93 B
452 B 7ms
7ms Image
image/png 2a00:1450:4001:818::2010
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/instapage-app-assets/img/builder2/select-arrow-drop-down.png
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bd2afc4fe78e8b1727261c64a1b1faa1856978113ae5dd7b525fa5dea87d79f7

Request headers

Referer: https://v.fastcdn.co/a/f0785b8efeb2ccb6147135aca20c797c527b7329/pageserver.page2.9ba2350f8660286c7446e8f17121f326.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:09:49 GMT
age: 181
status: 200
x-guploader-uploadid: AEnB2Urk5g6joq2RcxDLIs3IwtMPNK0596ibb43log-ICbTEr-FkItfP03Nv9YA__JohUNnSSy5vHx3b09ENR_sbJp8Z3a8Tlg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 93
last-modified: Mon, 04 Jul 2016 13:52:28 GMT
server: UploadServer
etag: "e057389b79347ab1bd16aa87711f396b"
x-goog-hash: crc32c=v4gmyA==, md5=4Fc4m3k0erG9FqqHcR85aw==
x-goog-generation: 1467640348854000
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 93
accept-ranges: bytes
content-type: image/png
expires: Wed, 18 Dec 2019 06:09:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://v.fastcdn.co/f/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic
Origin: https://talc.injurysurvey.com

Response headers

date: Fri, 13 Dec 2019 18:30:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 384169
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Sat, 12 Dec 2020 18:30:01 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://v.fastcdn.co/f/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
Origin: https://talc.injurysurvey.com

Response headers

date: Thu, 21 Nov 2019 17:13:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 2289563
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Fri, 20 Nov 2020 17:13:27 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://v.fastcdn.co/f/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
Origin: https://talc.injurysurvey.com

Response headers

date: Wed, 20 Nov 2019 08:05:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:53 GMT
server: sffe
age: 2408838
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9192
x-xss-protection: 0
expires: Thu, 19 Nov 2020 08:05:32 GMT

GET
H/1.1 200
OK index.html
d3mwhxgzltpnyp.cloudfront.net/local-storage/ Frame D739 0
0 156ms
30ms Document
text/html 143.204.98.128
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d3mwhxgzltpnyp.cloudfront.net/local-storage/index.html
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.128 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-128.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: d3mwhxgzltpnyp.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://talc.injurysurvey.com/?request_id=13657876
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://talc.injurysurvey.com/?request_id=13657876

Response headers

Content-Type: text/html
Content-Length: 2011
Connection: keep-alive
Last-Modified: Tue, 16 Jan 2018 10:48:23 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 17 Dec 2019 20:11:04 GMT
ETag: "96fe7591f6e1e7aa545b29cfb881532d"
X-Cache: Hit from cloudfront
Via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: WRo8QYIkyyhTxiz8gs0OrYn8j8k-uJCeyqkfaLfFWNyUa3ziSjpQnQ==
Age: 32508

GET
H2 200 visit
anthill.instapage.com/api/v3/projects/56c2f3d796773d0a7e96a536/events/ 35 B
192 B 190ms
125ms Image
application/octet-stream 35.186.205.120
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anthill.instapage.com/api/v3/projects/56c2f3d796773d0a7e96a536/events/visit?data=eyJvd25lcl9pZCI6MjU2MzYzLCJjdXN0b21lcl9pZCI6MzU5MjgwLCJ1c2VyX2lkIjoyNTYzNjMsInBhZ2VfaWQiOjMyNTIzMDgsInB1Ymxpc2hlZF92ZXJzaW9uIjozOSwicXVhbnRpdHkiOjEsInN0YXRpY19wYWdlIjpmYWxzZSwidmFyaWF0aW9uX25hbWUiOiJBIiwidmFyaWF0aW9uX2lkIjoxLCJsaW5rZWRfdmFyaWF0aW9uX2lkIjoyLCJpbml0aWFsX3Jlc3BvbnNpdmVfbW9kZSI6bnVsbCwidmlzaXRvcl9pcCI6IjM1LjIzOC4yNDkuMTU4IiwidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNiIsImphdmFzY3JpcHQiOnRydWUsInZhcmlhdGlvbiI6IkEiLCJnZW5lcmF0aW9uX3RpbWUiOiIzIiwicmVzcG9uc2l2ZV9tb2RlIjpudWxsLCJ2aXNpdGVkIjowLCJjYW1wYWlnbl9pZCI6ZmFsc2UsImFkX2lkIjpmYWxzZSwiY2FtcGFpZ25fc291cmNlIjpmYWxzZSwicmVmIjoiaHR0cHM6Ly93d3cuZWxsaW9ybmljLmNvbS94R3g4Rng1cHExbURBMGNFNHNDa0pQbHg4elFYczJfajl6X1RER09Wb1hFWFZReHFjZG5WWE5FSjFYZ2MwZmo3VXpmdnpJSUlpMHVRQTdHTEFheW1aQX5-LzY4NmY3NDZkNjE2OTZjMzQzNTMyMzU1ZjMzMzk1ZjMxMzUzNzM2MzMzMzMzMzAzNzMyMmUzNjMzLzE3MDE2YzQyZDhjNGI1MTU0M2E5YjBkNGJhMjQxODRiLzMwMzAzYTMxMzIifQ==&t=1576645970944&jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjEifQ.eyJpc3MiOiJhcHAiLCJzdWIiOiJmcm9udGVuZDphcHA6dHAzMjUyMzA4IiwiYXVkIjpbImFudGhpbGwiXSwiZXhwIjoxNjA4MTM2NzM1fQ.Wu-uzfRDJmIOHIuUgh3GkPvP8lY4v6-ymH0hh2WSMOImZz1uH98v2R69ennbKQeAeQdtpbc9h1crUzBzrfelWfd4BvHWelPv1-rN0vjgug2g36rOXGXrggfjwtvfeGnBV6vc-3ygGenyKu6ejif64rNR7bgvK9vquVdC3fGxv2W_J3QBjICMzANG-xdLf4uEfOyrscnksyAZkCY1Ve_u9YugVvgGrXSP5dW9pZglV82wUt-JVINmxOIRARCzdgmYkOKtk3wu-O_bcIw6ekGzUMYwGq3XFS9sioQiMgCAbkQHYelN8K9LmK8I9lHQgcAcBWSceOIaWboQhBTCxuK_LA
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.205.120 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 120.205.186.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:51 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
vary: Origin
content-type: application/octet-stream
status: 200
alt-svc: clear
content-length: 35

GET
H2 200 /
www.google.com/pagead/1p-user-list/943799397/ 42 B
119 B 21ms
21ms Image
image/gif 2a00:1450:4001:824::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/943799397/?random=1576645970883&cv=9&fst=1576645200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Ftalc.injurysurvey.com%2F%3Frequest_id%3D13657876&ref=https%3A%2F%2Fwww.elliornic.com%2FxGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~%2F686f746d61696c343532355f33395f313537363333333037322e3633%2F17016c42d8c4b51543a9b0d4ba24184b%2F30303a3132&tiba=Talcum%20Powder%20Injury%20Settlement&fmt=3&is_vtc=1&random=2584247516&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Dec 2019 05:12:50 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/943799397/ 42 B
110 B 21ms
20ms Image
image/gif 2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/943799397/?random=1576645970883&cv=9&fst=1576645200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Ftalc.injurysurvey.com%2F%3Frequest_id%3D13657876&ref=https%3A%2F%2Fwww.elliornic.com%2FxGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~%2F686f746d61696c343532355f33395f313537363333333037322e3633%2F17016c42d8c4b51543a9b0d4ba24184b%2F30303a3132&tiba=Talcum%20Powder%20Injury%20Settlement&fmt=3&is_vtc=1&random=2584247516&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Dec 2019 05:12:50 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=673665737&t=pageview&_s=1&dl=https%3A%2F%2Ftalc.injurysurvey.com%2F%3Frequest_id%3D13657876&dr=https%3A%2F%2Fwww.elliornic.com%2FxGx8Fx5pq1mD...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-55036971-7&cid=1533475937.1576645971&jid=1310372843&_gid=395380486.1576645971&gjid=958973374&_v=j79&z=196237864
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-55036971-7&cid=1533475937.1576645971&jid=1310372843&_v=j79&z=196237864
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-55036971-7&cid=1533475937.1576645971&jid=1310372843&_v=j79&z=196237864&slf_rd=1&random=2905942386

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-55036971-7&cid=1533475937.1576645971&jid=1310372843&_v=j79&z=196237864&slf_rd=1&random=2905942386

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Dec 2019 05:12:51 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Dec 2019 05:12:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-55036971-7&cid=1533475937.1576645971&jid=1310372843&_v=j79&z=196237864&slf_rd=1&random=2905942386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 592806698134326 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 97ms
96ms Script
application/x-javascript 2a03:2880:f0ff:1a:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/592806698134326?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f0ff:1a:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b9136bcf3ddd7b4ab9efaf91146ceeb8641562e77990aafe5b6db84ac6ff53da

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
x-fb-debug: 1UsZIWojIcci4eSeixbapCMCcM5eLMtVertzsTkLDD4XLLqD0+k5GxAUYAiwmIBj5Dh90tQEwZidWrB2BJMk4A==
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Dec 2019 05:12:51 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
status: 200
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
strict-transport-security: max-age=31536000; preload; includeSubDomains
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 371698066998939 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 111ms
111ms Script
application/x-javascript 2a03:2880:f0ff:1a:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/371698066998939?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f0ff:1a:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b2ceedd244127dc912805cddb96752e078d24c23e5e743903fb618a3535f1252

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
x-fb-debug: X9zcsp6sbJ+twKj609g2FMpaY5qTC6uAfSdAzH5oYJWhqvl55A6GET5CC4S0u5t+652d6xtLONTZ0XBNZAoyqg==
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Dec 2019 05:12:51 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
status: 200
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
strict-transport-security: max-age=31536000; preload; includeSubDomains
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
248 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=592806698134326&ev=PageView&dl=https%3A%2F%2Ftalc.injurysurvey.com%2F%3Frequest_id%3D13657876&rl=https%3A%2F%2Fwww.elliornic.com%2FxGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~%2F686f746d61696c343532355f33395f313537363333333037322e3633%2F17016c42d8c4b51543a9b0d4ba24184b%2F30303a3132&if=false&ts=1576645971125&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1576645971124.435761895&it=1576645970988&coo=false&rqm=GET

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 18 Dec 2019 05:12:51 GMT

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=54750&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=54750&source=js_tag

83 B
411 B

44ms
37ms

Script
text/javascript

52.19.228.230
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=54750&source=js_tag
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.228.230 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-228-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5b91b48f4444cc2818966a82275464cec6ebffa7f881ae699d5fcb019fcae28f

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 83
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=54750&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=371698066998939&ev=PageView&dl=https%3A%2F%2Ftalc.injurysurvey.com%2F%3Frequest_id%3D13657876&rl=https%3A%2F%2Fwww.elliornic.com%2FxGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~%2F686f746d61696c343532355f33395f313537363333333037322e3633%2F17016c42d8c4b51543a9b0d4ba24184b%2F30303a3132&if=false&ts=1576645971260&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1576645971124.435761895&it=1576645970988&coo=false&rqm=GET

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 18 Dec 2019 05:12:51 GMT

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_JqxLm5L98HzKDvYWE

43 B
274 B

136ms
136ms

Image
image/gif

104.244.42.67
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_JqxLm5L98HzKDvYWE

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 110
pragma: no-cache
last-modified: Wed, 18 Dec 2019 05:12:51 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 89610f39bccf2e21f3dac2460a183196
x-transaction: 003881db00f5c0ce
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_JqxLm5L98HzKDvYWE
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_JqxLm5L98HzKDvYWE&sigv=1&esig=2~29b279c8d7dfdcb00e21d7c28da6d4228dc8fd4f
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_JqxLm5L98HzKDvYWE

43 B
460 B

511ms
123ms

Image
image/gif

52.71.210.204
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_JqxLm5L98HzKDvYWE
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.210.204 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-71-210-204.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

Date: Wed, 18 Dec 2019 05:12:51 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_JqxLm5L98HzKDvYWE
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_JqxLm5L98HzKDvYWE
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_JqxLm5L98HzKDvYWE

43 B
109 B

28ms
27ms

Image
image/gif

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_JqxLm5L98HzKDvYWE
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.171.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Dec 2019 05:12:51 GMT
via: 1.1 google
server: OXGW/16.171.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 18 Dec 2019 05:12:51 GMT
via: 1.1 google
server: OXGW/16.171.0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_JqxLm5L98HzKDvYWE
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
alt-svc: clear
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_JqxLm5L98HzKDvYWE

0
239 B

34ms
33ms

Image
image/gif

69.173.144.165
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_JqxLm5L98HzKDvYWE
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_JqxLm5L98HzKDvYWE
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfSnF4TG01TDk4SHpLRHZZV0U
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

36ms
36ms

Image
image/gif

52.19.228.230
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.228.230 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-228-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Wed, 18 Dec 2019 05:12:51 GMT
server: HTTP server (unknown)
location: https://pixel-geo.prfct.co/cb?partnerId=goo
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 192ms
119ms Image
image/gif 52.19.228.230
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=4216025&source=js_tag&a_id=54750
Requested by: Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.228.230 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-228-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=4216025
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D4216025

43 B
1023 B

21ms
20ms

Image
image/gif

185.33.223.100
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D4216025

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Dec 2019 05:12:53 GMT
AN-X-Request-Uuid: e6b11635-fd7c-40d9-95b2-81e7ba20c725
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 109.236.94.25; 109.236.94.25; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.43:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 18 Dec 2019 05:12:53 GMT
AN-X-Request-Uuid: 4a7b7339-8366-464c-ae70-76d2c4f50ac7
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D4216025
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 109.236.94.25; 109.236.94.25; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.44:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=592806698134326&ev=Microdata&dl=https%3A%2F%2Ftalc.injurysurvey.com%2F%3Frequest_id%3D13657876&rl=https%3A%2F%2Fwww.elliornic.com%2FxGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~%2F686f746d61696c343532355f33395f313537363333333037322e3633%2F17016c42d8c4b51543a9b0d4ba24184b%2F30303a3132&if=false&ts=1576645971627&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Talcum%20Powder%20Injury%20Settlement%20%22%2C%22meta%3Adescription%22%3A%22If%20you%20or%20a%20loved%20one%20suffered%20from%20ovarian%20cancer%20after%20using%20talcum%20powder%2C%20you%20may%20be%20entitled%20to%20compensation.%22%2C%22meta%3Akeywords%22%3A%22talcum%20powder%20ovarian%20cancer%20%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Talcum%20Powder%20Injury%20Settlement%20%22%2C%22og%3Adescription%22%3A%22If%20you%20or%20a%20loved%20one%20suffered%20from%20ovarian%20cancer%20after%20using%20talcum%20powder%2C%20you%20may%20be%20entitled%20to%20compensation.%22%2C%22og%3Asite_name%22%3A%22Talcum%20Powder%20Injury%20Settlement%20%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Ftalc.injurysurvey.com%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1576645971124.435761895&it=1576645970988&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 18 Dec 2019 05:12:51 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=371698066998939&ev=Microdata&dl=https%3A%2F%2Ftalc.injurysurvey.com%2F%3Frequest_id%3D13657876&rl=https%3A%2F%2Fwww.elliornic.com%2FxGx8Fx5pq1mDA0cE4sCkJPlx8zQXs2_j9z_TDGOVoXEXVQxqcdnVXNEJ1Xgc0fj7UzfvzIIIi0uQA7GLAaymZA~~%2F686f746d61696c343532355f33395f313537363333333037322e3633%2F17016c42d8c4b51543a9b0d4ba24184b%2F30303a3132&if=false&ts=1576645971761&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Talcum%20Powder%20Injury%20Settlement%20%22%2C%22meta%3Adescription%22%3A%22If%20you%20or%20a%20loved%20one%20suffered%20from%20ovarian%20cancer%20after%20using%20talcum%20powder%2C%20you%20may%20be%20entitled%20to%20compensation.%22%2C%22meta%3Akeywords%22%3A%22talcum%20powder%20ovarian%20cancer%20%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Talcum%20Powder%20Injury%20Settlement%20%22%2C%22og%3Adescription%22%3A%22If%20you%20or%20a%20loved%20one%20suffered%20from%20ovarian%20cancer%20after%20using%20talcum%20powder%2C%20you%20may%20be%20entitled%20to%20compensation.%22%2C%22og%3Asite_name%22%3A%22Talcum%20Powder%20Injury%20Settlement%20%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Ftalc.injurysurvey.com%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1576645971124.435761895&it=1576645970988&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: talc.injurysurvey.com
URL: https://talc.injurysurvey.com/?request_id=13657876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 18 Dec 2019 05:12:51 GMT

GET
H2 200 loading_circle.svg
v.fastcdn.co/a/img/ 694 B
1 KB 26ms
26ms Image
image/svg+xml 192.229.133.208
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/a/img/loading_circle.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (lcy/1D1F) /
Resource Hash: eec2c40d8b1bb98306990239204d8b90ca030f0def0e00dfe3117ae42991e126

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Dec 2019 05:12:52 GMT
x-guploader-uploadid: AEnB2UoJFuZOKIUHRcWVvOTnpAmOvTHFukGclkKPvLp5713jaOswyKiY0f5cAbtqJsW5aeI18xVW69CZFrXamCfQqw5tYaqDtQ
x-cache: HIT
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 694
last-modified: Mon, 04 Jul 2016 13:37:12 GMT
server: ECS (lcy/1D1F)
etag: "be00fc4a29d03016e78b28c9943e3f51"
x-goog-hash: crc32c=Y/o9cg==, md5=vgD8SinQMBbniyjJlD4/UQ==
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-generation: 1467639432842000
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 694
accept-ranges: bytes
expires: Wed, 18 Dec 2019 06:12:52 GMT

POST
H2 201 raw-data Show response
heatmap.services/api/ 33 B
392 B 2601ms
246ms Fetch
application/json 130.211.30.60
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://heatmap.services/api/raw-data

Requested by

Host: heatmap.services
URL: https://heatmap.services/static/lib.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.211.30.60 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

60.30.211.130.bc.googleusercontent.com

Software

Resource Hash

aeae628bb5c58695aeeb38d775b0d3e58f0d3448679f5f2a1c9038cc63ae2156

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://talc.injurysurvey.com/?request_id=13657876
Origin: https://talc.injurysurvey.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 google
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 201
date: Wed, 18 Dec 2019 05:13:02 GMT
alt-svc: clear
content-length: 33
x-xss-protection: 1; mode=block
etag: W/"21-OGHiFV/OrNujBxibS2uM6bqKAHs"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://talc.injurysurvey.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
analytics.twitter.com
anthill.instapage.com
cdn.mouseflow.com
cm.g.doubleclick.net
connect.facebook.net
d3mwhxgzltpnyp.cloudfront.net
fonts.gstatic.com
googleads.g.doubleclick.net
heatmap.services
pixel-geo.prfct.co
pixel.prfct.co
pixel.rubiconproject.com
pye.thickyear.xyz
secure.adnxs.com
stats.g.doubleclick.net
storage.googleapis.com
tag.marinsm.com
talc.injurysurvey.com
trk.injury-survey.com
us-u.openx.net
v.fastcdn.co
www.elliornic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
104.244.42.67
107.178.254.45
130.211.30.60
143.204.98.128
151.101.12.65
172.217.16.194
172.217.22.34
185.33.223.100
192.229.133.208
23.111.9.38
2a00:1288:110:c305::9000
2a00:1450:4001:814::200e
2a00:1450:4001:816::2003
2a00:1450:4001:817::2002
2a00:1450:4001:818::2010
2a00:1450:4001:824::2003
2a00:1450:4001:824::2004
2a00:1450:400c:c00::9c
2a03:2880:f0ff:1a:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.95.120.147
35.186.205.120
45.141.153.254
52.19.228.230
52.71.210.204
52.86.50.138
69.173.144.165
89.46.100.124
0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1e7f38ad3228c18e42d333db1c37196568540a54143a158af008393e2a7a5217
36d4df4cb9892c3aa83943592810bf568f006b3de3b11c33c3dbecee01baee75
419ba25b4343645f32fde8f86c534f47fd60b42f4632a643944a0fe3e07f2a5c
4575a25af8345837dd1a37196f64353b7048950ec75026329aedcb3afd5c0775
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5057cbdb9242ecf47b6397913c5d6dbef092b3e9cf440f790ccadbc786351a1a
523f929f38b3178bb8ab2385f6e039e8c5d789e51a04f6a558985219a6561a64
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5b91b48f4444cc2818966a82275464cec6ebffa7f881ae699d5fcb019fcae28f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6caa9c8a649242bbfba9fe03ba0ab0a62c4edda3beae8d74cc7cf61b3693dc4d
9306ce90a14b4ee88d59423ac4f594b9953acb348cec60900670b8b04a8cc31a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aeae628bb5c58695aeeb38d775b0d3e58f0d3448679f5f2a1c9038cc63ae2156
b2ceedd244127dc912805cddb96752e078d24c23e5e743903fb618a3535f1252
b68d24084b6e86d90737343d9589ec051f2fb1c76d56ef6242c5d25bc1268e59
b9136bcf3ddd7b4ab9efaf91146ceeb8641562e77990aafe5b6db84ac6ff53da
bd2afc4fe78e8b1727261c64a1b1faa1856978113ae5dd7b525fa5dea87d79f7
c21305dcdd5cb1227ffc14b837757c09741cec5026d6bd5634337f839ca8c64a
c3fc2d6eeadc65dcf0b19c63f941e22e2995510e7edca17d3e4488fb8f808a84
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d8ca5229496e58a66dfb8e60e6eb78b219df4e5ce98d0d8234119b5e456e210f
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb40aea40f26e68b6396874177d97c0be22998d5228f064f73e2a62b7edbed94
edb3ae05f5ad89a579c39f59ada9606e99d15b9c4553cf1d112326b67c34bf6f
eec2c40d8b1bb98306990239204d8b90ca030f0def0e00dfe3117ae42991e126
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3887bb20bcf5b3726a491e6fd612a82e44627799daf02df00dbd9de7f4045de
f47a7d4bc3384fa59bedc0a77d7fc61ddaa8b11ce7167703fd2b875dc7664f19
f67b7db80d10d058a9699149621487cc6445df57783bfe60968be4c703b1c0fc

talc.injurysurvey.com Open in urlscan Pro 107.178.254.45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

36 %IPv6

25 Domains

28 Subdomains

23 IPs

7 Countries

2327 kBTransfer

3777 kBSize

0 Cookies

6 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

talc.injurysurvey.com Open in urlscan Pro
107.178.254.45 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

36 %
IPv6

25
Domains

28
Subdomains

23
IPs

7
Countries

2327 kB
Transfer

3777 kB
Size

0
Cookies

45 HTTP transactions
0 data transactions