urlscan.io logo urlscan.io
SecurityTrails logo

pkscpa.suralink.com Open in urlscan Pro
18.207.53.228  Public Scan

Go To Rescan Add Verdict Report
URL: https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474
Submission: On October 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 6 domains to perform 17 HTTP transactions. The main IP is 18.207.53.228, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is pkscpa.suralink.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 9th 2024. Valid for: a year.
This is the only time pkscpa.suralink.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 18.207.53.228 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.18.72.113 13335 (CLOUDFLAR...)
1 108.138.7.111 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.18.70.113 13335 (CLOUDFLAR...)
1 108.138.7.72 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 52.71.63.92 14618 (AMAZON-AES)
1 34.195.97.101 14618 (AMAZON-AES)
17 10
4    18.207.53.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-53-228.compute-1.amazonaws.com
pkscpa.suralink.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
1    108.138.7.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-111.fra56.r.cloudfront.net
pmdhm29jnlq8.statuspage.io
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
1    108.138.7.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-72.fra56.r.cloudfront.net
pmdhm29jnlq8.statuspage.io
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    52.71.63.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-63-92.compute-1.amazonaws.com
fileshare.suralink.com
1    34.195.97.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-97-101.compute-1.amazonaws.com
app.suralink.com
Apex Domain
Subdomains		 Transfer
8 suralink.com
pkscpa.suralink.com
fileshare.suralink.com — Cisco Umbrella Rank: 900709
app.suralink.com — Cisco Umbrella Rank: 149510
2 MB
3 gstatic.com
fonts.gstatic.com
54 KB
2 statuspage.io
pmdhm29jnlq8.statuspage.io — Cisco Umbrella Rank: 61782
1 KB
2 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2625
ekr.zdassets.com — Cisco Umbrella Rank: 2970
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
98 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
17 6
Domain Requested by
4 pkscpa.suralink.com pkscpa.suralink.com
3 fileshare.suralink.com pkscpa.suralink.com
3 fonts.gstatic.com fonts.googleapis.com
2 pmdhm29jnlq8.statuspage.io pkscpa.suralink.com
pmdhm29jnlq8.statuspage.io
1 app.suralink.com
1 ekr.zdassets.com static.zdassets.com
1 www.googletagmanager.com pkscpa.suralink.com
1 static.zdassets.com pkscpa.suralink.com
1 fonts.googleapis.com pkscpa.suralink.com
17 9

This site contains links to these domains. Also see Links.

Domain
www.suralink.com
Subject Issuer Validity Valid
suralink.com
Amazon RSA 2048 M02		 2024-06-09 -
2025-07-09		 a year crt.sh
upload.video.google.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
zdassets.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh
*.statuspage.io
Amazon RSA 2048 M02		 2024-09-18 -
2025-10-18		 a year crt.sh
*.google-analytics.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474
Frame ID: 505F501051E817D3729B1C77D0B651F6
Requests: 15 HTTP requests in this frame

Frame: https://pmdhm29jnlq8.statuspage.io/embed/frame
Frame ID: 1A61564688F8257EC3B9648FF5801171
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Secure File Sharing

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

17
Requests

100 %
HTTPS

30 %
IPv6

6
Domains

9
Subdomains

10
IPs

3
Countries

2034 kB
Transfer

2214 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
pkscpa.suralink.com/sfs/fileview/ 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.53.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-53-228.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7dcc5d68664e6f23ee52aebebd7f17b57e9f68ef781c5ff37b2642c30de123a1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.zdassets.com https://*.suralink.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.statuspage.io https://www.googletagmanager.com https://*.userpilot.io https://*.cloudflare.com https://*.hs-sites.com/ https://ok1static.oktacdn.com https://*.suralink.com https://*.pingdom.net; img-src 'self' blob: data: https://*.s3.us-west-2.amazonaws.com https://*.s3.us-west-1.amazonaws.com https://*.s3.us-east-1.amazonaws.com https://ok1static.oktacdn.com https://appcdn.scdn1.secure.raxcdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.suralink.com https://*.fonts.com https://fonts.googleapis.com https://ok1static.oktacdn.com https://*.fonts.net https://appcdn.scdn1.secure.raxcdn.com; font-src 'self' https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://*.statuspage.io https://*.oktapreview.com https://chart.googleapis.com https://*.suralink.com https://*.zopim.com https://player.vimeo.com https://bam.nr-data.net; connect-src 'self' https://*.userpilot.io wss://*.userpilot.io wss://*.zdassets.com wss://static.zdassets.com https://static.zdassets.com wss://*.zopim.com https://*.zendesk.com https://*.zdassets.com https://*.suralink.com https://www.google-analytics.com; child-src 'self' blob: https://*.suralink.com https://bam.nr-data.net; object-src 'self' blob: data:; frame-ancestors 'self' https://*.suralink.com; script-src-elem 'unsafe-inline' 'self' https://*.userpilot.io wss://*.userpilot.io https://cdnjs.cloudflare.com/ajax/libs/ wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' https://static.zdassets.com https://*.suralink.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.statuspage.io https://www.googletagmanager.com https://*.userpilot.io https://*.cloudflare.com https://*.hs-sites.com/ https://ok1static.oktacdn.com https://*.suralink.com https://*.pingdom.net; img-src 'self' blob: data: https://*.s3.us-west-2.amazonaws.com https://*.s3.us-west-1.amazonaws.com https://*.s3.us-east-1.amazonaws.com https://ok1static.oktacdn.com https://appcdn.scdn1.secure.raxcdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.suralink.com https://*.fonts.com https://fonts.googleapis.com https://ok1static.oktacdn.com https://*.fonts.net https://appcdn.scdn1.secure.raxcdn.com; font-src 'self' https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://*.statuspage.io https://*.oktapreview.com https://chart.googleapis.com https://*.suralink.com https://*.zopim.com https://player.vimeo.com https://bam.nr-data.net; connect-src 'self' https://*.userpilot.io wss://*.userpilot.io wss://*.zdassets.com wss://static.zdassets.com https://static.zdassets.com wss://*.zopim.com https://*.zendesk.com https://*.zdassets.com https://*.suralink.com https://www.google-analytics.com; child-src 'self' blob: https://*.suralink.com https://bam.nr-data.net; object-src 'self' blob: data:; frame-ancestors 'self' https://*.suralink.com; script-src-elem 'unsafe-inline' 'self' https://*.userpilot.io wss://*.userpilot.io https://cdnjs.cloudflare.com/ajax/libs/ wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io;
Content-Type
text/html
Date
Wed, 02 Oct 2024 14:22:17 GMT
ETag
W/"66d0f707-5c3"
Last-Modified
Thu, 29 Aug 2024 22:32:39 GMT
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block 1; mode=block
env.js
pkscpa.suralink.com/sfs/fileview/ 		388 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pkscpa.suralink.com/sfs/fileview/env.js?v=7702264614
Requested by
Host: pkscpa.suralink.com
URL: https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.53.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-53-228.compute-1.amazonaws.com
Software
nginx /
Resource Hash
76559c2bacb886534056a305bb3c97ff654fb5f6b251eb4ea8ea86e2dabd22b3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.zdassets.com https://*.suralink.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.statuspage.io https://www.googletagmanager.com https://*.userpilot.io https://*.cloudflare.com https://*.hs-sites.com/ https://ok1static.oktacdn.com https://*.suralink.com https://*.pingdom.net; img-src 'self' blob: data: https://*.s3.us-west-2.amazonaws.com https://*.s3.us-west-1.amazonaws.com https://*.s3.us-east-1.amazonaws.com https://ok1static.oktacdn.com https://appcdn.scdn1.secure.raxcdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.suralink.com https://*.fonts.com https://fonts.googleapis.com https://ok1static.oktacdn.com https://*.fonts.net https://appcdn.scdn1.secure.raxcdn.com; font-src 'self' https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://*.statuspage.io https://*.oktapreview.com https://chart.googleapis.com https://*.suralink.com https://*.zopim.com https://player.vimeo.com https://bam.nr-data.net; connect-src 'self' https://*.userpilot.io wss://*.userpilot.io wss://*.zdassets.com wss://static.zdassets.com https://static.zdassets.com wss://*.zopim.com https://*.zendesk.com https://*.zdassets.com https://*.suralink.com https://www.google-analytics.com; child-src 'self' blob: https://*.suralink.com https://bam.nr-data.net; object-src 'self' blob: data:; frame-ancestors 'self' https://*.suralink.com; script-src-elem 'unsafe-inline' 'self' https://*.userpilot.io wss://*.userpilot.io https://cdnjs.cloudflare.com/ajax/libs/ wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self' https://static.zdassets.com https://*.suralink.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.statuspage.io https://www.googletagmanager.com https://*.userpilot.io https://*.cloudflare.com https://*.hs-sites.com/ https://ok1static.oktacdn.com https://*.suralink.com https://*.pingdom.net; img-src 'self' blob: data: https://*.s3.us-west-2.amazonaws.com https://*.s3.us-west-1.amazonaws.com https://*.s3.us-east-1.amazonaws.com https://ok1static.oktacdn.com https://appcdn.scdn1.secure.raxcdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.suralink.com https://*.fonts.com https://fonts.googleapis.com https://ok1static.oktacdn.com https://*.fonts.net https://appcdn.scdn1.secure.raxcdn.com; font-src 'self' https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://*.statuspage.io https://*.oktapreview.com https://chart.googleapis.com https://*.suralink.com https://*.zopim.com https://player.vimeo.com https://bam.nr-data.net; connect-src 'self' https://*.userpilot.io wss://*.userpilot.io wss://*.zdassets.com wss://static.zdassets.com https://static.zdassets.com wss://*.zopim.com https://*.zendesk.com https://*.zdassets.com https://*.suralink.com https://www.google-analytics.com; child-src 'self' blob: https://*.suralink.com https://bam.nr-data.net; object-src 'self' blob: data:; frame-ancestors 'self' https://*.suralink.com; script-src-elem 'unsafe-inline' 'self' https://*.userpilot.io wss://*.userpilot.io https://cdnjs.cloudflare.com/ajax/libs/ wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io;
ETag
"66e8b482-184"
Connection
keep-alive
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Accept-Ranges
bytes
Content-Length
388
Date
Wed, 02 Oct 2024 14:22:18 GMT
X-Xss-Protection
1; mode=block, 1; mode=block
Content-Type
application/javascript
Last-Modified
Mon, 16 Sep 2024 22:43:14 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: pkscpa.suralink.com
URL: https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f6c7e21a033ba788d3c4ab39fd8a313607ecc2e60118e127970e47d45a97228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 02 Oct 2024 14:22:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 14:22:18 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 02 Oct 2024 13:40:30 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=234d63f5-a0e7-4e48-a8e4-e51f0c49e842
Requested by
Host: pkscpa.suralink.com
URL: https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5e73ae42ed4f068014f2ac26f036966e4997aa1fd32c2182859e3163dd1f71a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"d90dbb2a9f98c3c53cd0f1d480381e2e"
x-amz-version-id
FkgGJxeVVNjmEhoAGFYT4yGKQLf728f6
age
6
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OxAFP5ODzf8P60wW2w09KW92mZq1BgUtM2BxxagJNep95g82LQp%2BEyJIzoH16kGYiNlVE3p3rksmnHXgW1Bo65YQwiazomwxmmp%2FftMpMW09XRb1W%2BBVkIsfqU73FxvORv8PGD8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
date
Wed, 02 Oct 2024 14:22:18 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 11:42:28 GMT
vary
Accept-Encoding
x-amz-id-2
zeboalxgjwRYhxibZJbGFYvODdu4eNoV9pa6C8eEDVa6Bkr0BU7T50frb6jI9keEj8fvjx3CHxWqAEeMxBT4IA==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=3600, s-maxage=60
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
J790Q9Y90P9K12GZ
cf-ray
8cc558035aa5dbde-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
index.js
pkscpa.suralink.com/sfs/fileview/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://pkscpa.suralink.com/sfs/fileview/index.js?v=assetVersion
Requested by
Host: pkscpa.suralink.com
URL: https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.53.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-53-228.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a6dc9801f4281082656e2ada91e4b6d7b98d4006008624debe428dbba104af1d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.zdassets.com https://*.suralink.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.statuspage.io https://www.googletagmanager.com https://*.userpilot.io https://*.cloudflare.com https://*.hs-sites.com/ https://ok1static.oktacdn.com https://*.suralink.com https://*.pingdom.net; img-src 'self' blob: data: https://*.s3.us-west-2.amazonaws.com https://*.s3.us-west-1.amazonaws.com https://*.s3.us-east-1.amazonaws.com https://ok1static.oktacdn.com https://appcdn.scdn1.secure.raxcdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.suralink.com https://*.fonts.com https://fonts.googleapis.com https://ok1static.oktacdn.com https://*.fonts.net https://appcdn.scdn1.secure.raxcdn.com; font-src 'self' https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://*.statuspage.io https://*.oktapreview.com https://chart.googleapis.com https://*.suralink.com https://*.zopim.com https://player.vimeo.com https://bam.nr-data.net; connect-src 'self' https://*.userpilot.io wss://*.userpilot.io wss://*.zdassets.com wss://static.zdassets.com https://static.zdassets.com wss://*.zopim.com https://*.zendesk.com https://*.zdassets.com https://*.suralink.com https://www.google-analytics.com; child-src 'self' blob: https://*.suralink.com https://bam.nr-data.net; object-src 'self' blob: data:; frame-ancestors 'self' https://*.suralink.com; script-src-elem 'unsafe-inline' 'self' https://*.userpilot.io wss://*.userpilot.io https://cdnjs.cloudflare.com/ajax/libs/ wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self' https://static.zdassets.com https://*.suralink.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.statuspage.io https://www.googletagmanager.com https://*.userpilot.io https://*.cloudflare.com https://*.hs-sites.com/ https://ok1static.oktacdn.com https://*.suralink.com https://*.pingdom.net; img-src 'self' blob: data: https://*.s3.us-west-2.amazonaws.com https://*.s3.us-west-1.amazonaws.com https://*.s3.us-east-1.amazonaws.com https://ok1static.oktacdn.com https://appcdn.scdn1.secure.raxcdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.suralink.com https://*.fonts.com https://fonts.googleapis.com https://ok1static.oktacdn.com https://*.fonts.net https://appcdn.scdn1.secure.raxcdn.com; font-src 'self' https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://*.statuspage.io https://*.oktapreview.com https://chart.googleapis.com https://*.suralink.com https://*.zopim.com https://player.vimeo.com https://bam.nr-data.net; connect-src 'self' https://*.userpilot.io wss://*.userpilot.io wss://*.zdassets.com wss://static.zdassets.com https://static.zdassets.com wss://*.zopim.com https://*.zendesk.com https://*.zdassets.com https://*.suralink.com https://www.google-analytics.com; child-src 'self' blob: https://*.suralink.com https://bam.nr-data.net; object-src 'self' blob: data:; frame-ancestors 'self' https://*.suralink.com; script-src-elem 'unsafe-inline' 'self' https://*.userpilot.io wss://*.userpilot.io https://cdnjs.cloudflare.com/ajax/libs/ wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io;
ETag
"66d0f707-1c0201"
Connection
keep-alive
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Accept-Ranges
bytes
Content-Length
1835521
Date
Wed, 02 Oct 2024 14:22:18 GMT
X-Xss-Protection
1; mode=block, 1; mode=block
Content-Type
application/javascript
Last-Modified
Thu, 29 Aug 2024 22:32:39 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
script.js
pmdhm29jnlq8.statuspage.io/embed/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pmdhm29jnlq8.statuspage.io/embed/script.js
Requested by
Host: pkscpa.suralink.com
URL: https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-111.fra56.r.cloudfront.net
Software
AtlassianEdge /
Resource Hash
61d2e06733cee39537c3dd808ef2f7f4a9053b70cd36098c8f086b1a67f78dfe
Security Headers
Name Value
Strict-Transport-Security max-age=259200
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474

Response headers

content-encoding
br
etag
W/"61d2e06733cee39537c3dd808ef2f7f4"
age
1
x-permitted-cross-domain-policies
none
report-to
{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600}
x-content-type-options
nosniff
x-statuspage-version
4889ab6a875f9111abddb224420f5cd8e0e3dd3e
x-cache
Hit from cloudfront
x-amz-cf-id
ejFUg2suVramCfNPQjjGND35rFmQykW2LPrNM18LNI_OT8r0r0RZhQ==
date
Wed, 02 Oct 2024 14:22:17 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-runtime
0.049243
strict-transport-security
max-age=259200
x-statuspage-skip-logging
true
cache-control
max-age=3, public
nel
{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-pollinator-metadata-service
status-page-web-pages
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P6
atl-traceid
35badec2d3fd416ba9e8d187bee9a888
server
AtlassianEdge
js
www.googletagmanager.com/gtag/ 		284 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0N4DYFSGK9
Requested by
Host: pkscpa.suralink.com
URL: https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62742bede10b657c307d86bcaa4a50003c18bb4971eaa2e9d0d928c2a9526791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 02 Oct 2024 14:22:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 14:22:18 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99796
x-xss-protection
0
server
Google Tag Manager
234d63f5-a0e7-4e48-a8e4-e51f0c49e842
ekr.zdassets.com/compose/ 		15 B
869 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/234d63f5-a0e7-4e48-a8e4-e51f0c49e842
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=234d63f5-a0e7-4e48-a8e4-e51f0c49e842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86d8b086af0fc30d06856e218fcfdb6b803f91b45f50b1b753d8deac627fc054
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474

Response headers

access-control-max-age
7200
x-request-id
8cb41f23494009fd-SEA, 8cb41f23494009fd-SEA, 8cb41f23494009fd-SEA
access-control-expose-headers
content-encoding
br
cf-cache-status
HIT
etag
W/"86d8b086af0fc30d06856e218fcfdb6b"
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vNrIn1SB%2Bn75IN69B0rXqqWuRHmxiBaYi6Ow7a3KLDFmqPFVrCAnN89XZAixoZ4nxj7CiwAvkm0V1DfCeew632PYSXIGwAhTyMrabHFDsLS%2BUMF0wu0QQDLAcF%2B%2B4wPtank%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
date
Wed, 02 Oct 2024 14:22:18 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin, Accept-Encoding
x-runtime
0.003725
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
cdn-cache-control
max-age=60
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8cc55804395a8ebb-FRA
access-control-allow-origin
*
x-zendesk-zorg
yes, yes
x-xss-protection
1; mode=block
server
cloudflare
frame
pmdhm29jnlq8.statuspage.io/embed/ Frame 1A61 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pmdhm29jnlq8.statuspage.io/embed/frame
Requested by
Host: pmdhm29jnlq8.statuspage.io
URL: https://pmdhm29jnlq8.statuspage.io/embed/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-72.fra56.r.cloudfront.net
Software
AtlassianEdge /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=259200
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2
atl-traceid
16481f41adf7485f9191391d3f48454a
cache-control
max-age=3, public
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 02 Oct 2024 14:22:16 GMT
etag
W/"c849eaf07aca3113838e5c1d9c34398e"
nel
{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600}
server
AtlassianEdge
strict-transport-security
max-age=259200
vary
Accept-Encoding
via
1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
x-amz-cf-id
rvh8jLoqXJpSP800JoePgebVqfvQYy8fA2z6YyPwBLUxWKmLljv8FQ==
x-amz-cf-pop
FRA56-P6
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-pollinator-metadata-service
status-page-web-pages
x-runtime
0.141498
x-statuspage-skip-logging
true
x-statuspage-version
4889ab6a875f9111abddb224420f5cd8e0e3dd3e
x-xss-protection
1; mode=block
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://pkscpa.suralink.com
Referer
https://fonts.googleapis.com/

Response headers

age
108094
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:20:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:20:58 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://pkscpa.suralink.com
Referer
https://fonts.googleapis.com/

Response headers

age
108959
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:06:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:06:33 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
flags
fileshare.suralink.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fileshare.suralink.com/flags?sessionId=569229028&appName=us&environment=us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.63.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-63-92.compute-1.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.suralink.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.userpilot.io https://*.monitor.azure.com https://*.statuspage.io https://*.hs-sites.com/ https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://ok1static.oktacdn.com https://*.suralink.com https://*.pingdom.net; img-src 'self' blob: data: https://*.s3.us-east-1.amazonaws.com https://*.userpilot.io https://ok1static.oktacdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.userpilot.io https://*.fonts.com https://fonts.googleapis.com https://static2.sharepointonline.com https://ok1static.oktacdn.com https://*.fonts.net; font-src 'self' https://*.office.net https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://appsforoffice.microsoft.com https://static2.sharepointonline.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://outlook.office365.com https://outlook.office.com https://*.statuspage.io https://telemetryservice.firstpartyapps.oaspapps.com https://*.oktapreview.com https://chart.googleapis.com https://*.suralink.com; child-src https://*.suralink.com https://bam.nr-data.net; object-src 'self' blob: data:; frame-ancestors 'self' https://*.cloud.microsoft https://outlook.office365.com https://*.suralink.com https://outlook.office.com; script-src-elem 'self' 'unsafe-inline' https://*.userpilot.io https://cdnjs.cloudflare.com/ajax/libs/ wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com; connect-src 'self' https://*.suralink.com https://*.userpilot.io *.userpilot.io wss:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,if-none-match
Access-Control-Request-Method
GET
Origin
https://pkscpa.suralink.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Overwrite, Destination, Content-Type, Depth, User-Agent, Translate, Range, Content-Range, Timeout, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Location, Lock-Token, If, Authorization, If-None-Match
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD, CONNECT, TRACE
access-control-allow-origin
https://pkscpa.suralink.com
content-length
2
content-security-policy
default-src 'self' https://*.suralink.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.userpilot.io https://*.monitor.azure.com https://*.statuspage.io https://*.hs-sites.com/ https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://ok1static.oktacdn.com https://*.suralink.com https://*.pingdom.net; img-src 'self' blob: data: https://*.s3.us-east-1.amazonaws.com https://*.userpilot.io https://ok1static.oktacdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.userpilot.io https://*.fonts.com https://fonts.googleapis.com https://static2.sharepointonline.com https://ok1static.oktacdn.com https://*.fonts.net; font-src 'self' https://*.office.net https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://appsforoffice.microsoft.com https://static2.sharepointonline.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://outlook.office365.com https://outlook.office.com https://*.statuspage.io https://telemetryservice.firstpartyapps.oaspapps.com https://*.oktapreview.com https://chart.googleapis.com https://*.suralink.com; child-src https://*.suralink.com https://bam.nr-data.net; object-src 'self' blob: data:; frame-ancestors 'self' https://*.cloud.microsoft https://outlook.office365.com https://*.suralink.com https://outlook.office.com; script-src-elem 'self' 'unsafe-inline' https://*.userpilot.io https://cdnjs.cloudflare.com/ajax/libs/ wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com; connect-src 'self' https://*.suralink.com https://*.userpilot.io *.userpilot.io wss:;
content-type
text/plain; charset=utf-8
date
Wed, 02 Oct 2024 14:22:33 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-xss-protection
1; mode=block
flags
fileshare.suralink.com/ 		273 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fileshare.suralink.com/flags?sessionId=569229028&appName=us&environment=us
Requested by
Host: pkscpa.suralink.com
URL: https://pkscpa.suralink.com/sfs/fileview/index.js?v=assetVersion
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.63.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-63-92.compute-1.amazonaws.com
Software
/ Express
Resource Hash
ecaf91bbe0669b8b13fe4935a768a042d3804bd4ed99f11aa183c6ab7e2fc511
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.suralink.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.userpilot.io https://*.monitor.azure.com https://*.statuspage.io https://*.hs-sites.com/ https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://ok1static.oktacdn.com https://*.suralink.com https://*.pingdom.net; img-src 'self' blob: data: https://*.s3.us-east-1.amazonaws.com https://*.userpilot.io https://ok1static.oktacdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.userpilot.io https://*.fonts.com https://fonts.googleapis.com https://static2.sharepointonline.com https://ok1static.oktacdn.com https://*.fonts.net; font-src 'self' https://*.office.net https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://appsforoffice.microsoft.com https://static2.sharepointonline.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://outlook.office365.com https://outlook.office.com https://*.statuspage.io https://telemetryservice.firstpartyapps.oaspapps.com https://*.oktapreview.com https://chart.googleapis.com https://*.suralink.com; child-src https://*.suralink.com https://bam.nr-data.net; object-src 'self' blob: data:; frame-ancestors 'self' https://*.cloud.microsoft https://outlook.office365.com https://*.suralink.com https://outlook.office.com; script-src-elem 'self' 'unsafe-inline' https://*.userpilot.io https://cdnjs.cloudflare.com/ajax/libs/ wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com; connect-src 'self' https://*.suralink.com https://*.userpilot.io *.userpilot.io wss:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

If-None-Match
Authorization
ibCvj4wsgHijjzjqt1J-
Referer
https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

etag
W/"111-cgemKWlz5DKHv52PBr6Df7Hu8YA"
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD, CONNECT, TRACE
x-content-type-options
nosniff
date
Wed, 02 Oct 2024 14:22:33 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
access-control-allow-headers
Overwrite, Destination, Content-Type, Depth, User-Agent, Translate, Range, Content-Range, Timeout, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Location, Lock-Token, If, Authorization, If-None-Match
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.suralink.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.userpilot.io https://*.monitor.azure.com https://*.statuspage.io https://*.hs-sites.com/ https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://ok1static.oktacdn.com https://*.suralink.com https://*.pingdom.net; img-src 'self' blob: data: https://*.s3.us-east-1.amazonaws.com https://*.userpilot.io https://ok1static.oktacdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.userpilot.io https://*.fonts.com https://fonts.googleapis.com https://static2.sharepointonline.com https://ok1static.oktacdn.com https://*.fonts.net; font-src 'self' https://*.office.net https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://appsforoffice.microsoft.com https://static2.sharepointonline.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://outlook.office365.com https://outlook.office.com https://*.statuspage.io https://telemetryservice.firstpartyapps.oaspapps.com https://*.oktapreview.com https://chart.googleapis.com https://*.suralink.com; child-src https://*.suralink.com https://bam.nr-data.net; object-src 'self' blob: data:; frame-ancestors 'self' https://*.cloud.microsoft https://outlook.office365.com https://*.suralink.com https://outlook.office.com; script-src-elem 'self' 'unsafe-inline' https://*.userpilot.io https://cdnjs.cloudflare.com/ajax/libs/ wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com; connect-src 'self' https://*.suralink.com https://*.userpilot.io *.userpilot.io wss:;
cache-control
no-store
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
https://pkscpa.suralink.com
content-length
273
x-xss-protection
1; mode=block
x-powered-by
Express
eb44a9f1-b96b-4ba0-a720-6d5e08679474
fileshare.suralink.com/message/ 		766 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fileshare.suralink.com/message/eb44a9f1-b96b-4ba0-a720-6d5e08679474
Requested by
Host: pkscpa.suralink.com
URL: https://pkscpa.suralink.com/sfs/fileview/index.js?v=assetVersion
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.63.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-63-92.compute-1.amazonaws.com
Software
/ Express
Resource Hash
99ae0e24e54f6e02c2231fd53e2f3845d1a8b0396f7b3b455411e9fded22b9d6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.suralink.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.userpilot.io https://*.monitor.azure.com https://*.statuspage.io https://*.hs-sites.com/ https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://ok1static.oktacdn.com https://*.suralink.com https://*.pingdom.net; img-src 'self' blob: data: https://*.s3.us-east-1.amazonaws.com https://*.userpilot.io https://ok1static.oktacdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.userpilot.io https://*.fonts.com https://fonts.googleapis.com https://static2.sharepointonline.com https://ok1static.oktacdn.com https://*.fonts.net; font-src 'self' https://*.office.net https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://appsforoffice.microsoft.com https://static2.sharepointonline.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://outlook.office365.com https://outlook.office.com https://*.statuspage.io https://telemetryservice.firstpartyapps.oaspapps.com https://*.oktapreview.com https://chart.googleapis.com https://*.suralink.com; child-src https://*.suralink.com https://bam.nr-data.net; object-src 'self' blob: data:; frame-ancestors 'self' https://*.cloud.microsoft https://outlook.office365.com https://*.suralink.com https://outlook.office.com; script-src-elem 'self' 'unsafe-inline' https://*.userpilot.io https://cdnjs.cloudflare.com/ajax/libs/ wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com; connect-src 'self' https://*.suralink.com https://*.userpilot.io *.userpilot.io wss:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474

Response headers

etag
W/"2fe-biie1PEPssKAwZbJDe7BwOCV1w8"
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD, CONNECT, TRACE
x-content-type-options
nosniff
date
Wed, 02 Oct 2024 14:22:33 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
access-control-allow-headers
Overwrite, Destination, Content-Type, Depth, User-Agent, Translate, Range, Content-Range, Timeout, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Location, Lock-Token, If, Authorization, If-None-Match
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' https://*.suralink.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.userpilot.io https://*.monitor.azure.com https://*.statuspage.io https://*.hs-sites.com/ https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com https://ok1static.oktacdn.com https://*.suralink.com https://*.pingdom.net; img-src 'self' blob: data: https://*.s3.us-east-1.amazonaws.com https://*.userpilot.io https://ok1static.oktacdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.userpilot.io https://*.fonts.com https://fonts.googleapis.com https://static2.sharepointonline.com https://ok1static.oktacdn.com https://*.fonts.net; font-src 'self' https://*.office.net https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://appsforoffice.microsoft.com https://static2.sharepointonline.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://outlook.office365.com https://outlook.office.com https://*.statuspage.io https://telemetryservice.firstpartyapps.oaspapps.com https://*.oktapreview.com https://chart.googleapis.com https://*.suralink.com; child-src https://*.suralink.com https://bam.nr-data.net; object-src 'self' blob: data:; frame-ancestors 'self' https://*.cloud.microsoft https://outlook.office365.com https://*.suralink.com https://outlook.office.com; script-src-elem 'self' 'unsafe-inline' https://*.userpilot.io https://cdnjs.cloudflare.com/ajax/libs/ wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io https://appsforoffice.microsoft.com https://ajax.aspnetcdn.com; connect-src 'self' https://*.suralink.com https://*.userpilot.io *.userpilot.io wss:;
cache-control
no-store
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
https://pkscpa.suralink.com
content-length
766
x-xss-protection
1; mode=block
x-powered-by
Express
favicon.ico
pkscpa.suralink.com/sfs/fileview/ 		1 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pkscpa.suralink.com/sfs/fileview/favicon.ico?v=7702264614
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.53.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-53-228.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ec89d6df9202c89ed25c90da924dd5b6f55931b08195fce6e8c0df74c7baccad
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.zdassets.com https://*.suralink.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.statuspage.io https://www.googletagmanager.com https://*.userpilot.io https://*.cloudflare.com https://*.hs-sites.com/ https://ok1static.oktacdn.com https://*.suralink.com https://*.pingdom.net; img-src 'self' blob: data: https://*.s3.us-west-2.amazonaws.com https://*.s3.us-west-1.amazonaws.com https://*.s3.us-east-1.amazonaws.com https://ok1static.oktacdn.com https://appcdn.scdn1.secure.raxcdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.suralink.com https://*.fonts.com https://fonts.googleapis.com https://ok1static.oktacdn.com https://*.fonts.net https://appcdn.scdn1.secure.raxcdn.com; font-src 'self' https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://*.statuspage.io https://*.oktapreview.com https://chart.googleapis.com https://*.suralink.com https://*.zopim.com https://player.vimeo.com https://bam.nr-data.net; connect-src 'self' https://*.userpilot.io wss://*.userpilot.io wss://*.zdassets.com wss://static.zdassets.com https://static.zdassets.com wss://*.zopim.com https://*.zendesk.com https://*.zdassets.com https://*.suralink.com https://www.google-analytics.com; child-src 'self' blob: https://*.suralink.com https://bam.nr-data.net; object-src 'self' blob: data:; frame-ancestors 'self' https://*.suralink.com; script-src-elem 'unsafe-inline' 'self' https://*.userpilot.io wss://*.userpilot.io https://cdnjs.cloudflare.com/ajax/libs/ wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pkscpa.suralink.com/sfs/fileview/index.html?m=eb44a9f1-b96b-4ba0-a720-6d5e08679474

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self' https://static.zdassets.com https://*.suralink.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.statuspage.io https://www.googletagmanager.com https://*.userpilot.io https://*.cloudflare.com https://*.hs-sites.com/ https://ok1static.oktacdn.com https://*.suralink.com https://*.pingdom.net; img-src 'self' blob: data: https://*.s3.us-west-2.amazonaws.com https://*.s3.us-west-1.amazonaws.com https://*.s3.us-east-1.amazonaws.com https://ok1static.oktacdn.com https://appcdn.scdn1.secure.raxcdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.suralink.com https://*.fonts.com https://fonts.googleapis.com https://ok1static.oktacdn.com https://*.fonts.net https://appcdn.scdn1.secure.raxcdn.com; font-src 'self' https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://*.statuspage.io https://*.oktapreview.com https://chart.googleapis.com https://*.suralink.com https://*.zopim.com https://player.vimeo.com https://bam.nr-data.net; connect-src 'self' https://*.userpilot.io wss://*.userpilot.io wss://*.zdassets.com wss://static.zdassets.com https://static.zdassets.com wss://*.zopim.com https://*.zendesk.com https://*.zdassets.com https://*.suralink.com https://www.google-analytics.com; child-src 'self' blob: https://*.suralink.com https://bam.nr-data.net; object-src 'self' blob: data:; frame-ancestors 'self' https://*.suralink.com; script-src-elem 'unsafe-inline' 'self' https://*.userpilot.io wss://*.userpilot.io https://cdnjs.cloudflare.com/ajax/libs/ wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io;
ETag
"66d0f707-40b"
Connection
keep-alive
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Accept-Ranges
bytes
Content-Length
1035
Date
Wed, 02 Oct 2024 14:22:32 GMT
X-Xss-Protection
1; mode=block, 1; mode=block
Content-Type
image/x-icon
Last-Modified
Thu, 29 Aug 2024 22:32:39 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
PKSCoLogoBlueText20201602682898_crop.png
app.suralink.com//images/usrPhotos/cropped/ 		59 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.suralink.com//images/usrPhotos/cropped/PKSCoLogoBlueText20201602682898_crop.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.97.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-97-101.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2767b2fd8c68dec447151e05ba3aa95daf9caafd9f7f8571428c09bba35a9523
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paragon.so https://*.google-analytics.com https://*.zdassets.com https://*.zendesk.com wss://*.zendesk.com https://*.oktapreview.com https://*.microsoftonline.com https://*.onelogin.com https://*.okta.com https://*.windowsazure.com https://*.windows.net https://rum-collector-2.pingdom.net https://ok1static.oktacdn.com https://chart.googleapis.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://bam.nr-data.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.userpilot.io https://*.zdassets.com https://*.zendesk.com wss://*.zendesk.com wss://*.zopim.com https://*.statuspage.io https://*.matomo.cloud https://*.hs-sites.com/ https://ok1static.oktacdn.com https://cdn.ywxi.net https://fast.fonts.net https://appcdn.scdn1.secure.raxcdn.com https://bam.nr-data.net https://*.google-analytics.com https://*.suralink.com https://*.zopim.com https://*.pingdom.net https://*.newrelic.com; img-src 'self' blob: data: https://*.paragon.so https://v2assets.zopim.io https://*.userpilot.io https://static.zdassets.com https://*.s3.us-west-2.amazonaws.com https://*.s3.us-west-1.amazonaws.com https://*.s3.us-east-1.amazonaws.com https://*.s3.ca-central-1.amazonaws.com https://*.s3.eu-central-1.amazonaws.com https://ok1static.oktacdn.com https://appcdn.scdn1.secure.raxcdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.userpilot.io https://*.suralink.com https://*.fonts.com https://fonts.googleapis.com https://ok1static.oktacdn.com https://*.fonts.net https://appcdn.scdn1.secure.raxcdn.com; font-src 'self' https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://*.paragon.so https://*.statuspage.io https://johnsonlambert.oktapreview.com https://dev-558721.oktapreview.com https://dev-294367.oktapreview.com https://dev-933061.oktapreview.com https://dev-617002.oktapreview.com https://dev-890648.oktapreview.com https://dev-895915.oktapreview.com https://dev-295521.oktapreview.com https://chart.googleapis.com https://*.suralink.com https://*.zopim.com https://player.vimeo.com https://bam.nr-data.net; child-src https://chart.googleapis.com https://*.suralink.com https://*.zopim.com https://player.vimeo.com https://bam.nr-data.net; connect-src 'self' https://*.useparagon.com https://*.paragon.so https://*.userpilot.io *.userpilot.io wss: https://*.suralink.com wss://*.zopim.com https://*.google-analytics.com https://*.zdassets.com https://*.matomo.cloud https://*.zendesk.com; object-src 'self' blob: data:; frame-ancestors 'self' https://*.suralink.com; script-src-elem 'unsafe-inline' 'self' https://cdnjs.cloudflare.com/ajax/libs/ https://*.userpilot.io wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com https://*.zopim.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pkscpa.suralink.com/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self' https://*.paragon.so https://*.google-analytics.com https://*.zdassets.com https://*.zendesk.com wss://*.zendesk.com https://*.oktapreview.com https://*.microsoftonline.com https://*.onelogin.com https://*.okta.com https://*.windowsazure.com https://*.windows.net https://rum-collector-2.pingdom.net https://ok1static.oktacdn.com https://chart.googleapis.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://bam.nr-data.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.userpilot.io https://*.zdassets.com https://*.zendesk.com wss://*.zendesk.com wss://*.zopim.com https://*.statuspage.io https://*.matomo.cloud https://*.hs-sites.com/ https://ok1static.oktacdn.com https://cdn.ywxi.net https://fast.fonts.net https://appcdn.scdn1.secure.raxcdn.com https://bam.nr-data.net https://*.google-analytics.com https://*.suralink.com https://*.zopim.com https://*.pingdom.net https://*.newrelic.com; img-src 'self' blob: data: https://*.paragon.so https://v2assets.zopim.io https://*.userpilot.io https://static.zdassets.com https://*.s3.us-west-2.amazonaws.com https://*.s3.us-west-1.amazonaws.com https://*.s3.us-east-1.amazonaws.com https://*.s3.ca-central-1.amazonaws.com https://*.s3.eu-central-1.amazonaws.com https://ok1static.oktacdn.com https://appcdn.scdn1.secure.raxcdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.userpilot.io https://*.suralink.com https://*.fonts.com https://fonts.googleapis.com https://ok1static.oktacdn.com https://*.fonts.net https://appcdn.scdn1.secure.raxcdn.com; font-src 'self' https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://*.paragon.so https://*.statuspage.io https://johnsonlambert.oktapreview.com https://dev-558721.oktapreview.com https://dev-294367.oktapreview.com https://dev-933061.oktapreview.com https://dev-617002.oktapreview.com https://dev-890648.oktapreview.com https://dev-895915.oktapreview.com https://dev-295521.oktapreview.com https://chart.googleapis.com https://*.suralink.com https://*.zopim.com https://player.vimeo.com https://bam.nr-data.net; child-src https://chart.googleapis.com https://*.suralink.com https://*.zopim.com https://player.vimeo.com https://bam.nr-data.net; connect-src 'self' https://*.useparagon.com https://*.paragon.so https://*.userpilot.io *.userpilot.io wss: https://*.suralink.com wss://*.zopim.com https://*.google-analytics.com https://*.zdassets.com https://*.matomo.cloud https://*.zendesk.com; object-src 'self' blob: data:; frame-ancestors 'self' https://*.suralink.com; script-src-elem 'unsafe-inline' 'self' https://cdnjs.cloudflare.com/ajax/libs/ https://*.userpilot.io wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com https://*.zopim.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io;
ETag
"6140190b-ecea"
Connection
keep-alive
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Accept-Ranges
bytes
Content-Length
60650
Date
Wed, 02 Oct 2024 14:22:33 GMT
X-Xss-Protection
1; mode=block
Content-Type
image/png
Last-Modified
Tue, 14 Sep 2021 03:37:47 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://pkscpa.suralink.com
Referer
https://fonts.googleapis.com/

Response headers

age
106253
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:51:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:51:40 GMT
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18492
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __env__ function| gtag object| dataLayer object| zEWebpackACJsonp function| zE function| zEmbed function| statusEmbedTest object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal boolean| zEACLoaded object| webpackChunkfilesharing_fileview function| setImmediate function| clearImmediate object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb boolean| _pdfjsCompatibilityChecked object| core function| __verifyGDPRCookie function| __clearGDPRCookie

2 Cookies

Domain/Path Name / Value
.suralink.com/ Name: _ga
Value: GA1.1.1996209212.1727878938
.suralink.com/ Name: _ga_0N4DYFSGK9
Value: GS1.1.1727878938.1.0.1727878938.0.0.0

6 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtag/js?id=G-0N4DYFSGK9(Line 177)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-0N4DYFSGK9&gtm=45je4a10v885112900za200&_p=1727878938193&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1996209212.1727878938&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727878938&sct=1&seg=0&dl=https%3A%2F%2Fpkscpa.suralink.com%2Fsfs%2Ffileview%2Findex.html%3Fm%3Deb44a9f1-b96b-4ba0-a720-6d5e08679474&dt=Secure%20File%20Sharing&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1003' because it violates the following Content Security Policy directive: "connect-src 'self' https://*.userpilot.io wss://*.userpilot.io wss://*.zdassets.com wss://static.zdassets.com https://static.zdassets.com wss://*.zopim.com https://*.zendesk.com https://*.zdassets.com https://*.suralink.com https://www.google-analytics.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-0N4DYFSGK9(Line 177)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-0N4DYFSGK9&gtm=45je4a10v885112900za200&_p=1727878938193&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1996209212.1727878938&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727878938&sct=1&seg=0&dl=https%3A%2F%2Fpkscpa.suralink.com%2Fsfs%2Ffileview%2Findex.html%3Fm%3Deb44a9f1-b96b-4ba0-a720-6d5e08679474&dt=Secure%20File%20Sharing&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1003' because it violates the document's Content Security Policy.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-0N4DYFSGK9(Line 177)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-0N4DYFSGK9&gtm=45je4a10v885112900za200&_p=1727878938193&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1996209212.1727878938&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1727878938&sct=1&seg=0&dl=https%3A%2F%2Fpkscpa.suralink.com%2Fsfs%2Ffileview%2Findex.html%3Fm%3Deb44a9f1-b96b-4ba0-a720-6d5e08679474&dt=Secure%20File%20Sharing&en=scroll&epn.percent_scrolled=90&_et=3&tfd=6009' because it violates the following Content Security Policy directive: "connect-src 'self' https://*.userpilot.io wss://*.userpilot.io wss://*.zdassets.com wss://static.zdassets.com https://static.zdassets.com wss://*.zopim.com https://*.zendesk.com https://*.zdassets.com https://*.suralink.com https://www.google-analytics.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-0N4DYFSGK9(Line 177)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-0N4DYFSGK9&gtm=45je4a10v885112900za200&_p=1727878938193&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1996209212.1727878938&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1727878938&sct=1&seg=0&dl=https%3A%2F%2Fpkscpa.suralink.com%2Fsfs%2Ffileview%2Findex.html%3Fm%3Deb44a9f1-b96b-4ba0-a720-6d5e08679474&dt=Secure%20File%20Sharing&en=scroll&epn.percent_scrolled=90&_et=3&tfd=6009' because it violates the document's Content Security Policy.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-0N4DYFSGK9(Line 177)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-0N4DYFSGK9&gtm=45je4a10v885112900za200&_p=1727878938193&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1996209212.1727878938&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1727878938&sct=1&seg=1&dl=https%3A%2F%2Fpkscpa.suralink.com%2Fsfs%2Ffileview%2Findex.html%3Fm%3Deb44a9f1-b96b-4ba0-a720-6d5e08679474&dt=Secure%20File%20Sharing&en=user_engagement&_et=18847&tfd=19857' because it violates the following Content Security Policy directive: "connect-src 'self' https://*.userpilot.io wss://*.userpilot.io wss://*.zdassets.com wss://static.zdassets.com https://static.zdassets.com wss://*.zopim.com https://*.zendesk.com https://*.zdassets.com https://*.suralink.com https://www.google-analytics.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-0N4DYFSGK9(Line 177)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-0N4DYFSGK9&gtm=45je4a10v885112900za200&_p=1727878938193&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1996209212.1727878938&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1727878938&sct=1&seg=1&dl=https%3A%2F%2Fpkscpa.suralink.com%2Fsfs%2Ffileview%2Findex.html%3Fm%3Deb44a9f1-b96b-4ba0-a720-6d5e08679474&dt=Secure%20File%20Sharing&en=user_engagement&_et=18847&tfd=19857' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://static.zdassets.com https://*.suralink.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.statuspage.io https://www.googletagmanager.com https://*.userpilot.io https://*.cloudflare.com https://*.hs-sites.com/ https://ok1static.oktacdn.com https://*.suralink.com https://*.pingdom.net; img-src 'self' blob: data: https://*.s3.us-west-2.amazonaws.com https://*.s3.us-west-1.amazonaws.com https://*.s3.us-east-1.amazonaws.com https://ok1static.oktacdn.com https://appcdn.scdn1.secure.raxcdn.com https://bam.nr-data.net https://cdn.ywxi.net https://i.vimeocdn.com https://rum-collector.pingdom.net https://stats.g.doubleclick.net/ https://www.google-analytics.com https://*.suralink.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; style-src 'self' 'unsafe-inline' https://*.suralink.com https://*.fonts.com https://fonts.googleapis.com https://ok1static.oktacdn.com https://*.fonts.net https://appcdn.scdn1.secure.raxcdn.com; font-src 'self' https://ok1static.oktacdn.com https://*.suralink.com https://fonts.gstatic.com https://*.zopim.com wss://*.zopim.com https://*.zopim.io https://*.fonts.com https://appcdn.scdn1.secure.raxcdn.com; frame-src https://*.statuspage.io https://*.oktapreview.com https://chart.googleapis.com https://*.suralink.com https://*.zopim.com https://player.vimeo.com https://bam.nr-data.net; connect-src 'self' https://*.userpilot.io wss://*.userpilot.io wss://*.zdassets.com wss://static.zdassets.com https://static.zdassets.com wss://*.zopim.com https://*.zendesk.com https://*.zdassets.com https://*.suralink.com https://www.google-analytics.com; child-src 'self' blob: https://*.suralink.com https://bam.nr-data.net; object-src 'self' blob: data:; frame-ancestors 'self' https://*.suralink.com; script-src-elem 'unsafe-inline' 'self' https://*.userpilot.io wss://*.userpilot.io https://cdnjs.cloudflare.com/ajax/libs/ wss://static.zdassets.com https://static.zdassets.com wss://*.zdassets.com wss://*.zopim.com https://*.suralink.com https://*.zdassets.com https://*.google-analytics.com https://*.googletagmanager.com https://*.statuspage.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.suralink.com
ekr.zdassets.com
fileshare.suralink.com
fonts.googleapis.com
fonts.gstatic.com
pkscpa.suralink.com
pmdhm29jnlq8.statuspage.io
static.zdassets.com
www.googletagmanager.com
104.18.70.113
104.18.72.113
108.138.7.111
108.138.7.72
18.207.53.228
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:82b::2003
34.195.97.101
52.71.63.92
2767b2fd8c68dec447151e05ba3aa95daf9caafd9f7f8571428c09bba35a9523
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
61d2e06733cee39537c3dd808ef2f7f4a9053b70cd36098c8f086b1a67f78dfe
62742bede10b657c307d86bcaa4a50003c18bb4971eaa2e9d0d928c2a9526791
6f6c7e21a033ba788d3c4ab39fd8a313607ecc2e60118e127970e47d45a97228
76559c2bacb886534056a305bb3c97ff654fb5f6b251eb4ea8ea86e2dabd22b3
7dcc5d68664e6f23ee52aebebd7f17b57e9f68ef781c5ff37b2642c30de123a1
86d8b086af0fc30d06856e218fcfdb6b803f91b45f50b1b753d8deac627fc054
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
99ae0e24e54f6e02c2231fd53e2f3845d1a8b0396f7b3b455411e9fded22b9d6
a6dc9801f4281082656e2ada91e4b6d7b98d4006008624debe428dbba104af1d
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
d5e73ae42ed4f068014f2ac26f036966e4997aa1fd32c2182859e3163dd1f71a
ec89d6df9202c89ed25c90da924dd5b6f55931b08195fce6e8c0df74c7baccad
ecaf91bbe0669b8b13fe4935a768a042d3804bd4ed99f11aa183c6ab7e2fc511