proposal.buildmapperdesign.com Open in urlscan Pro
193.189.75.151 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3NvLUEe
Effective URL:
https://proposal.buildmapperdesign.com/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums
Submission: On June 29 via manual (June 29th 2023, 6:40:32 pm UTC) from CA — Scanned from CA

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 26 HTTP transactions. The main IP is 193.189.75.151, located in United Kingdom and belongs to M247, RO. The main domain is proposal.buildmapperdesign.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 8th 2023. Valid for: 3 months.

This is the only time proposal.buildmapperdesign.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	193.189.75.151 193.189.75.151	9009 (M247) (M247)
8	35.176.143.24 35.176.143.24	16509 (AMAZON-02) (AMAZON-02)
4	2600:141b:13:... 2600:141b:13::17d7:8252	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2607:f8b0:400... 2607:f8b0:4006:824::200a	15169 (GOOGLE) (GOOGLE)
2	52.218.44.112 52.218.44.112	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
26	8

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.189.75.151 (United Kingdom)

ASN9009 (M247, RO)
PTR: ns2.athletewhereabouts.com

proposal.buildmapperdesign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.176.143.24 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-143-24.eu-west-2.compute.amazonaws.com

betterproposals.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:141b:13::17d7:8252 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:824::200a (Flushing, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.44.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	betterproposals.io betterproposals.io — Cisco Umbrella Rank: 802695	35 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88 ajax.googleapis.com — Cisco Umbrella Rank: 433	43 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 614 p.typekit.net — Cisco Umbrella Rank: 795	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	133 KB
2	amazonaws.com s3-eu-west-1.amazonaws.com	463 KB
1	gstatic.com fonts.gstatic.com	19 KB
1	buildmapperdesign.com proposal.buildmapperdesign.com	781 B
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5138	341 B
26	9

	Domain	Requested by
8	betterproposals.io	proposal.buildmapperdesign.com betterproposals.io
4	fonts.googleapis.com	betterproposals.io
2	www.facebook.com	betterproposals.io
2	connect.facebook.net	betterproposals.io connect.facebook.net
2	p.typekit.net	use.typekit.net
2	s3-eu-west-1.amazonaws.com	betterproposals.io
2	ajax.googleapis.com	betterproposals.io
2	use.typekit.net	betterproposals.io
1	fonts.gstatic.com	fonts.googleapis.com
1	proposal.buildmapperdesign.com
1	bit.ly	1 redirects
26	11

This site contains no links.

Subject Issuer	Validity	Valid
proposal.buildmapperdesign.com cPanel, Inc. Certification Authority	`2023-05-08` - `2023-08-06`	3 months	crt.sh
*.betterproposals.io Amazon RSA 2048 M01	`2023-01-28` - `2024-02-26`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-23`	8 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-08` - `2023-07-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://proposal.buildmapperdesign.com/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums
Frame ID: 3F647F568B699A6F6027B366DDA0AF21
Requests: 2 HTTP requests in this frame

Frame: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes
Frame ID: 32316A49FC849F4373FA094B99F27622
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Proposal Cover

Page URL History Show full URLs

https://bit.ly/3NvLUEe HTTP 301
https://proposal.buildmapperdesign.com/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

26
Requests

100 %
HTTPS

56 %
IPv6

9
Domains

11
Subdomains

8
IPs

3
Countries

696 kB
Transfer

1218 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3NvLUEe HTTP 301
https://proposal.buildmapperdesign.com/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request cover.php Show response
proposal.buildmapperdesign.com/
Redirect Chain

https://bit.ly/3NvLUEe
https://proposal.buildmapperdesign.com/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums

573 B
781 B

405ms
213ms

Document
text/html

193.189.75.151
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://proposal.buildmapperdesign.com/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 193.189.75.151 , United Kingdom, ASN9009 (M247, RO),
Reverse DNS: ns2.athletewhereabouts.com
Software: Apache /
Resource Hash: 1f01dd9e41e3e2a1e08f862e3a34cf22109162bc279f518a05769e9215ccad8f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Jun 2023 18:40:25 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 190
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Thu, 29 Jun 2023 18:40:25 GMT
location: https://proposal.buildmapperdesign.com/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums
referrer-policy: unsafe-url
server: nginx
via: 1.1 google

GET
H2 200 custom.css
betterproposals.io/proposal/ 142 B
772 B 277ms
86ms Stylesheet
text/css 35.176.143.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://betterproposals.io/proposal/custom.css

Requested by

Host: proposal.buildmapperdesign.com
URL: https://proposal.buildmapperdesign.com/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.143.24 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-176-143-24.eu-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a93e6b12e746ff1240e5c690aa8c00b78f3348d072f8d981241110696c49768c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://proposal.buildmapperdesign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=15552000, public
accept-ranges: bytes
content-length: 123
x-xss-protection: 1; mode=block

GET
H2 200 cover.php Show response
betterproposals.io/proposal/ Frame 3231 32 KB
7 KB 292ms
110ms Document
text/html 35.176.143.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Requested by

Host: proposal.buildmapperdesign.com
URL: https://proposal.buildmapperdesign.com/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.143.24 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-176-143-24.eu-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

8899ea4e54e5b624cf9c8f441690ea3ced21bbe83571adbcbd34dc4ce74f495f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://proposal.buildmapperdesign.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate max-age=1, private, must-revalidate
content-encoding: gzip
content-length: 6472
content-type: text/html; charset=UTF-8
date: Thu, 29 Jun 2023 18:40:25 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 uci0kgk.css
use.typekit.net/ Frame 3231 6 KB
1 KB 100ms
27ms Stylesheet
text/css 2600:141b:13::17d7:8252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/uci0kgk.css

Requested by

Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

5912365d5c7906532222282f1a1a9ec102f53b3c8198281a1d5efb0e809069d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 29 Jun 2023 18:40:26 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 928

GET
H2 200 normalize.css
betterproposals.io/proposal/css/ Frame 3231 7 KB
3 KB 95ms
85ms Stylesheet
text/css 35.176.143.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://betterproposals.io/proposal/css/normalize.css

Requested by

Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.143.24 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-176-143-24.eu-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

00ba86355398d936e28d997cdb8a451ab0ffc678a8a0dff3f5c026858f5a4845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=15552000, public
accept-ranges: bytes
content-length: 2070
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame 3231 8 KB
1 KB 96ms
34ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,700

Requested by

Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b201bff8ccf6fcfe213c5ec1512314c8566203539efff349e33478c29dabb8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 18:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 17:47:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jun 2023 18:40:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3231 1 KB
555 B 99ms
38ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dancing+Script

Requested by

Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

356949a72989baf4796c278cd0bdb96e0490e5f97ec19dae9f4453302049cc45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 18:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 18:25:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jun 2023 18:40:26 GMT

GET
H2 200 jsj6btw.css
use.typekit.net/ Frame 3231 1 KB
810 B 98ms
28ms Stylesheet
text/css 2600:141b:13::17d7:8252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/jsj6btw.css

Requested by

Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

413867605cb93dc9320ee49c266d1f1681ef605d75ea227240e9896a02affb53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 29 Jun 2023 18:40:26 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 587

GET
H2 200 css
fonts.googleapis.com/ Frame 3231 1 KB
548 B 99ms
39ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:300

Requested by

Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

575e6619d67646076f10466058777c4dee1aa09f074fecd6723ca65d6e83f77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 18:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 18:40:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jun 2023 18:40:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3231 3 KB
739 B 110ms
50ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300

Requested by

Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b8cc0e01837663d2044a70b7f82da9038e6eefa7bf41f8b0fddd68a29e38be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 18:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 17:56:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jun 2023 18:40:26 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.2/themes/ui-lightness/ Frame 3231 31 KB
7 KB 79ms
21ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.2/themes/ui-lightness/jquery-ui.css

Requested by

Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4db455b3a332659b90bd42757cc2d6f11fea1c288740b352cbbeddf1af850636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6143
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 06:52:15 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ Frame 3231 91 KB
33 KB 81ms
23ms Script
text/javascript 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:51:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 17:51:52 GMT

GET
H2 200 jquery.validationEngine.js Show response
betterproposals.io/hosted_scripts/jquery-validation-engine/js/ Frame 3231 64 KB
16 KB 100ms
94ms Script
application/javascript 35.176.143.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://betterproposals.io/hosted_scripts/jquery-validation-engine/js/jquery.validationEngine.js

Requested by

Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.143.24 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-176-143-24.eu-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

33e87aae3e7b810d6ca7c1f99c23dd29df246084e38745fa2f0774fbd6e37d9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000, private
accept-ranges: bytes
content-length: 15901
x-xss-protection: 1; mode=block

GET
H2 200 jquery.validationEngine-en.js Show response
betterproposals.io/hosted_scripts/jquery-validation-engine/js/languages/ Frame 3231 10 KB
3 KB 98ms
93ms Script
application/javascript 35.176.143.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://betterproposals.io/hosted_scripts/jquery-validation-engine/js/languages/jquery.validationEngine-en.js

Requested by

Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.143.24 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-176-143-24.eu-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

4f2d5ff1cb9de8710634fddaca7faf7dfdb7ca7b9ddf206ab397839bc59bad04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000, private
accept-ranges: bytes
content-length: 2452
x-xss-protection: 1; mode=block

GET
H2 200 validationEngine.jquery.css
betterproposals.io/hosted_scripts/jquery-validation-engine/css/ Frame 3231 3 KB
1 KB 95ms
90ms Stylesheet
text/css 35.176.143.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://betterproposals.io/hosted_scripts/jquery-validation-engine/css/validationEngine.jquery.css

Requested by

Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.143.24 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-176-143-24.eu-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a5fe412e9739d021b6b57bd5128855360da11031255b5d7fc5f3e141bb3f8466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=15552000, public
accept-ranges: bytes
content-length: 721
x-xss-protection: 1; mode=block

GET
H2 200 tipTip.css
betterproposals.io/hosted_scripts/tiptip/ Frame 3231 2 KB
1 KB 96ms
91ms Stylesheet
text/css 35.176.143.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://betterproposals.io/hosted_scripts/tiptip/tipTip.css

Requested by

Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.143.24 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-176-143-24.eu-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

08c2d76eef4add94d454383a816a746c7489d8143b5dd5b0d5207a6e02319914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=15552000, public
accept-ranges: bytes
content-length: 595
x-xss-protection: 1; mode=block

GET
H2 200 jquery.tipTip.minified.js Show response
betterproposals.io/hosted_scripts/tiptip/ Frame 3231 5 KB
2 KB 96ms
92ms Script
application/javascript 35.176.143.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://betterproposals.io/hosted_scripts/tiptip/jquery.tipTip.minified.js

Requested by

Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.143.24 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-176-143-24.eu-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

160388861c09e2d2cc763a9de91b2765548c88c4d718d5a201e61f437ebf4c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000, private
accept-ranges: bytes
content-length: 1708
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 86099_aone_7634.png
s3-eu-west-1.amazonaws.com/businessautomation/Proposal_Cover_Logos/ Frame 3231 27 KB
27 KB 341ms
118ms Image
image/png 52.218.44.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/businessautomation/Proposal_Cover_Logos/86099_aone_7634.png
Requested by: Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.44.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 089b111005fb4055dec0c67963e7d257493d39b9fdd9a934376dbfc4cc8d21f4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 18:40:27 GMT
Last-Modified: Sun, 11 Dec 2022 00:20:21 GMT
Server: AmazonS3
x-amz-request-id: ND7D4A1PCJSZSBFZ
x-amz-meta-content-disposition: attachment
ETag: "1f57acf98e95564862d8d3bb7f346967"
Content-Type: image/png
x-amz-meta-content-type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 27308
x-amz-id-2: lJlQgyIiKSPYP7xqBZKrKgrT1wW8IBUlTWPZWDjcEDl+jxbFxZ23C8fPVotUXnvlIw0ocCcBS44=

GET
H2 200 p.css
p.typekit.net/ Frame 3231 5 B
172 B 26ms
18ms Stylesheet
text/css 2600:141b:13::17d7:8252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=uci0kgk&ht=tk&f=175.28151.34661.34662.34665.34666.34863&a=6963403&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uci0kgk.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:40:26 GMT
last-modified: Thu, 09 Mar 2023 17:19:04 GMT
server: nginx
etag: "640a1508-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 p.css
p.typekit.net/ Frame 3231 5 B
172 B 27ms
19ms Stylesheet
text/css 2600:141b:13::17d7:8252
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=jsj6btw&ht=tk&f=28096&a=6963403&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jsj6btw.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:8252 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:40:26 GMT
last-modified: Thu, 09 Mar 2023 17:19:04 GMT
server: nginx
etag: "640a1508-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 3231 171 KB
47 KB 69ms
26ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Jun 2023 18:40:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: jqv1bme9tRYK/3BRScgIBnj5itu6rklpM+GqEpFrnIuHkHgJj13QIM/UjOekSSuaSPzhjIr86Q1tWTCuch711A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 86099_Tiles-Ottawa-1200x675_2519.jpg
s3-eu-west-1.amazonaws.com/businessautomation/Proposal_Cover_BGImages/ Frame 3231 436 KB
436 KB 310ms
114ms Image
image/jpeg 52.218.44.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/businessautomation/Proposal_Cover_BGImages/86099_Tiles-Ottawa-1200x675_2519.jpg
Requested by: Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.44.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 70df357710ff25d8868422b79357df62f11cae09817a1e138a0890f3334299d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 18:40:27 GMT
Last-Modified: Wed, 14 Dec 2022 21:49:37 GMT
Server: AmazonS3
x-amz-request-id: ND78PH5D0XE1C1F4
x-amz-meta-content-disposition: attachment
ETag: "292a012ca316440666f37ed1b6b18559"
Content-Type: image/jpeg
x-amz-meta-content-type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 446308
x-amz-id-2: pdxN9zKD9C/ebC5sGhOe8VNWrCd1XmRbSjMmsW+2USXHuxljFMoFTPTuTEs8tzhHw0jjQP7hPC0=

GET
H2 200 QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32KxfXBi8Jpg.woff2
fonts.gstatic.com/s/worksans/v18/ Frame 3231 18 KB
19 KB 76ms
26ms Font
font/woff2 2607:f8b0:4006:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v18/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32KxfXBi8Jpg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc959316c6371fbe192f3643c075f27d7fc76421fe6e045166a85322a4c49c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://betterproposals.io
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 05:43:39 GMT
x-content-type-options: nosniff
age: 478607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18748
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 17:55:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 05:43:39 GMT

GET
H2 200 1015789581848856 Show response
connect.facebook.net/signals/config/ Frame 3231 300 KB
86 KB 21ms
20ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1015789581848856?v=2.9.110&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

62f40d201f4b2dd99907c581e4b771577eb3e58270f588a9e57297b7b5cd1d1e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Jun 2023 18:40:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87938
x-xss-protection: 0
pragma: public
x-fb-debug: NRjee7emfYaYv1jOzZSX6aH1WBJqSyoD0LpV1VI02JG9AuLZ73uzu0iW79svjHj88pwMC2MSHlI54j9tSb+Wcw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 3231 0
185 B 66ms
18ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1015789581848856&ev=PageView&dl=https%3A%2F%2Fbetterproposals.io%2Fproposal%2Fcover.php%3FProposalID%3D7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums%26debug%3Dyes&rl=https%3A%2F%2Fproposal.buildmapperdesign.com%2F&if=true&ts=1688064026431&sw=1600&sh=1200&v=2.9.110&r=stable&ec=0&o=30&it=1688064026363&coo=false&rqm=GET

Requested by

Host: betterproposals.io
URL: https://betterproposals.io/proposal/cover.php?ProposalID=7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums&debug=yes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Jun 2023 18:40:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 3231 0
54 B 100ms
99ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1015789581848856&ev=Microdata&dl=https%3A%2F%2Fbetterproposals.io%2Fproposal%2Fcover.php%3FProposalID%3D7FuS-N0W47KAqeNKz4kjdh-cpTjSSikW2eg-yOIJums%26debug%3Dyes&rl=https%3A%2F%2Fproposal.buildmapperdesign.com%2F&if=true&ts=1688064027936&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Proposal%20from%20Proposal%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.110&r=stable&ec=1&o=30&it=1688064026363&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://betterproposals.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Jun 2023 18:40:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bit.ly/	1970-01-20 17:13:36	Name: _bit Value: n5tiEp-f4ddf5ae9e91a5700e-009
			betterproposals.io/	1970-01-20 13:04:28	Name: AWSALBTGCORS Value: Ujk+fAqzeArevCRc9zfXIsELVhMqd9DUiLFtfsv4XHxcoDLoQvKGxKnDTHG6zWPZeaJ+q2V4oIAqM+w2JgiueN8D9+4btw8nugIqzQcYjTLlvyZP5AGoyPDygEloVT79HoVxBw5JtxVycefWF0ae7BLwjKGF47gHRpzhG2tW2S4A

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
betterproposals.io
bit.ly
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
p.typekit.net
proposal.buildmapperdesign.com
s3-eu-west-1.amazonaws.com
use.typekit.net
www.facebook.com
193.189.75.151
2600:141b:13::17d7:8252
2607:f8b0:4006:80a::2003
2607:f8b0:4006:824::200a
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
35.176.143.24
52.218.44.112
67.199.248.11
00ba86355398d936e28d997cdb8a451ab0ffc678a8a0dff3f5c026858f5a4845
089b111005fb4055dec0c67963e7d257493d39b9fdd9a934376dbfc4cc8d21f4
08c2d76eef4add94d454383a816a746c7489d8143b5dd5b0d5207a6e02319914
160388861c09e2d2cc763a9de91b2765548c88c4d718d5a201e61f437ebf4c93
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f01dd9e41e3e2a1e08f862e3a34cf22109162bc279f518a05769e9215ccad8f
33e87aae3e7b810d6ca7c1f99c23dd29df246084e38745fa2f0774fbd6e37d9c
356949a72989baf4796c278cd0bdb96e0490e5f97ec19dae9f4453302049cc45
413867605cb93dc9320ee49c266d1f1681ef605d75ea227240e9896a02affb53
4b201bff8ccf6fcfe213c5ec1512314c8566203539efff349e33478c29dabb8c
4db455b3a332659b90bd42757cc2d6f11fea1c288740b352cbbeddf1af850636
4f2d5ff1cb9de8710634fddaca7faf7dfdb7ca7b9ddf206ab397839bc59bad04
575e6619d67646076f10466058777c4dee1aa09f074fecd6723ca65d6e83f77d
5912365d5c7906532222282f1a1a9ec102f53b3c8198281a1d5efb0e809069d4
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
62f40d201f4b2dd99907c581e4b771577eb3e58270f588a9e57297b7b5cd1d1e
70df357710ff25d8868422b79357df62f11cae09817a1e138a0890f3334299d6
7b8cc0e01837663d2044a70b7f82da9038e6eefa7bf41f8b0fddd68a29e38be3
8899ea4e54e5b624cf9c8f441690ea3ced21bbe83571adbcbd34dc4ce74f495f
a5fe412e9739d021b6b57bd5128855360da11031255b5d7fc5f3e141bb3f8466
a93e6b12e746ff1240e5c690aa8c00b78f3348d072f8d981241110696c49768c
cc959316c6371fbe192f3643c075f27d7fc76421fe6e045166a85322a4c49c1e
e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

proposal.buildmapperdesign.com Open in urlscan Pro 193.189.75.151 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

56 %IPv6

9 Domains

11 Subdomains

8 IPs

3 Countries

696 kBTransfer

1218 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

2 Cookies

Indicators

proposal.buildmapperdesign.com Open in urlscan Pro
193.189.75.151 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

56 %
IPv6

9
Domains

11
Subdomains

8
IPs

3
Countries

696 kB
Transfer

1218 kB
Size

2
Cookies

26 HTTP transactions
0 data transactions