urlscan.io logo urlscan.io
SecurityTrails logo

www.secureserver.net Open in urlscan Pro
2a02:26f0:6c00:28a::228b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://thevaxclinic.com/
Effective URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Submission: On January 14 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 6 countries across 13 domains to perform 49 HTTP transactions. The main IP is 2a02:26f0:6c00:28a::228b, located in Ascension Island and belongs to AKAMAI-ASN1, NL. The main domain is www.secureserver.net.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on October 22nd 2019. Valid for: 2 years.
This is the only time www.secureserver.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    34.98.99.30 (United States)

ASN15169 (GOOGLE, US)
PTR: 30.99.98.34.bc.googleusercontent.com
thevaxclinic.com
3    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2600:9000:214f:6600:d:df18:9800:21 (United States)

ASN16509 (AMAZON-02, US)
d2odv8q3xfctb4.cloudfront.net
4    52.66.163.227 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-66-163-227.ap-south-1.compute.amazonaws.com
api.aws.parking.godaddy.com
3    2a02:26f0:6c00:28a::228b (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
www.secureserver.net
gui.secureserver.net
16    104.111.217.130 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-130.deploy.static.akamaitechnologies.com
img6.wsimg.com
img1.wsimg.com
1    104.238.65.129 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: p3plcdrweb-v01.secureserver.net
www.rayhawk.net
1    2600:9000:2057:a200:1a:e647:b7c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3uxovyp91rmcf.cloudfront.net
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2.17.186.176 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-186-176.deploy.static.akamaitechnologies.com
events.api.secureserver.net
4    151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sdk.split.io
2    23.37.38.214 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-214.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
4    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
11 img6.wsimg.com www.secureserver.net
img6.wsimg.com
5 events.api.secureserver.net
5 img1.wsimg.com www.secureserver.net
4 www.google-analytics.com www.googletagmanager.com
img6.wsimg.com
4 sdk.split.io d3uxovyp91rmcf.cloudfront.net
4 api.aws.parking.godaddy.com d2odv8q3xfctb4.cloudfront.net
3 www.google.com thevaxclinic.com
www.google.com
2 tags.tiqcdn.com www.secureserver.net
tags.tiqcdn.com
2 www.secureserver.net 1 redirects d2odv8q3xfctb4.cloudfront.net
2 d2odv8q3xfctb4.cloudfront.net thevaxclinic.com
1 www.google.de
1 stats.g.doubleclick.net img6.wsimg.com
1 gui.secureserver.net img6.wsimg.com
1 www.googletagmanager.com img6.wsimg.com
1 d3uxovyp91rmcf.cloudfront.net www.secureserver.net
1 www.rayhawk.net www.secureserver.net
1 thevaxclinic.com
49 17

This site contains links to these domains. Also see Links.

Domain
sso.secureserver.net
cart.secureserver.net
www.rayhawk.net
account.secureserver.net
Subject Issuer Validity Valid
www.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.aws.parking.godaddy.com
Go Daddy Secure Certificate Authority - G2		 2020-03-09 -
2022-03-09		 2 years crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2		 2019-10-22 -
2021-10-22		 2 years crt.sh
*.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.wsimg.com
Starfield Secure Certificate Authority - G2		 2020-09-22 -
2021-10-24		 a year crt.sh
www.www.rayhawk.net
Starfield Secure Certificate Authority - G2		 2020-06-03 -
2021-08-02		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2020-09-21 -
2021-10-23		 a year crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-12-28 -
2021-04-23		 4 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2020-03-16 -
2021-06-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Frame ID: 47D4C07250874587A41720BBF3897A82
Requests: 44 HTTP requests in this frame

Frame: https://www.google.com/dp/ads?r=m&domain_name=thevaxclinic.com&cpp=0&client=dp-starfield&channel=gd-darklander&adtest=off&adsafe=low&type=3&pcsa=false&psid=3767353295&swp=as-drid-oo-1885714186540894&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300441%2C17300443%2C17300494%2C17300496%2C17300580%2C17300582&format=r6&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=60&dt=1610644725938&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=225&frm=0&uio=st24sa11lt40sl1sr1-&cont=relatedLinks&csize=w740h18&inames=master-1&jsv=15753&rurl=http%3A%2F%2Fthevaxclinic.com%2F
Frame ID: A24136D30BC0FD8220F255A5C6D0EDBA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://thevaxclinic.com/ Page URL
  2. https://www.secureserver.net/?isc=PLPPT02003&ci=81494&prog_id=325433&domain=thevaxclinic.com HTTP 302
    https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i
Overall confidence: 100%
Detected patterns
  • script /\/polyfill\.min\.js/i

Page Statistics

49
Requests

96 %
HTTPS

53 %
IPv6

13
Domains

17
Subdomains

16
IPs

6
Countries

1171 kB
Transfer

3761 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://thevaxclinic.com/ Page URL
  2. https://www.secureserver.net/?isc=PLPPT02003&ci=81494&prog_id=325433&domain=thevaxclinic.com HTTP 302
    https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
thevaxclinic.com/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://thevaxclinic.com/
Protocol
HTTP/1.1
Server
34.98.99.30 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.99.98.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
08b39771c8538e71e8f06770ba844c2c7b81a374f15012cc9d3faeca5bed9d69

Request headers

Host
thevaxclinic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
openresty
Date
Thu, 14 Jan 2021 17:18:44 GMT
Content-Type
text/html
Content-Length
2522
Last-Modified
Mon, 11 Jan 2021 16:57:51 GMT
ETag
"5ffc838f-9da"
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_JLFtBnCwO6FajdTQqHS8HVTV9Q3p7zcRmKOYnYAjohD5JqYGz99F16bnKFR9alb5rfwLvh2eTobvo1XD0br6IA
Set-Cookie
system=PW;Path=/;Max-Age=86400; caf_ipaddr=185.212.171.67;Path=/;Max-Age=86400; country=NL;Path=/;Max-Age=86400; city="Amsterdam";Path=/;Max-Age=86400; traffic_target=reseller;Path=/;Max-Age=86400;
Accept-Ranges
bytes
Via
1.1 google
caf.js
www.google.com/adsense/domains/ 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js
Requested by
Host: thevaxclinic.com
URL: http://thevaxclinic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf08b13e6430091552971502e26bd2c42427c758d8e91682f2d65c0e570fd2e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://thevaxclinic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 17:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"11305923321681172032"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 14 Jan 2021 17:18:44 GMT
2.82006e31.chunk.js
d2odv8q3xfctb4.cloudfront.net/static/js/ 		302 KB
303 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2odv8q3xfctb4.cloudfront.net/static/js/2.82006e31.chunk.js
Requested by
Host: thevaxclinic.com
URL: http://thevaxclinic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6600:d:df18:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f099fae7175ae24b4b89d28897185946aeeb4ab8db44421b5fa8261101d9e6e7

Request headers

Referer
http://thevaxclinic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
CQPUIgH9HIRuTb9HDgheSxHHvZWKKcFN
via
1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
etag
"a7954677c1fa3a4423771aaac80fa00b"
last-modified
Mon, 11 Jan 2021 16:45:55 GMT
server
AmazonS3
age
72
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 14 Jan 2021 17:17:32 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
309380
x-amz-cf-id
KdSWbWzTu9tdBf1HujT_hMR6iI9YB8mUm_SZvSxt847_KMpC9va9_Q==
main.0ff2407f.chunk.js
d2odv8q3xfctb4.cloudfront.net/static/js/ 		65 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2odv8q3xfctb4.cloudfront.net/static/js/main.0ff2407f.chunk.js
Requested by
Host: thevaxclinic.com
URL: http://thevaxclinic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6600:d:df18:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
592f60ade9b6a77803279ff2f4b8f1d171a4fa7d4f0c2f3cde265a4de5e88d07

Request headers

Referer
http://thevaxclinic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
YB29u5qK10G2ntOLBFv8bxuU9OZqP1Me
via
1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
etag
"38cec14edfad01df68cd749ebdba2739"
last-modified
Mon, 11 Jan 2021 16:45:55 GMT
server
AmazonS3
age
215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 14 Jan 2021 17:15:10 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
67004
x-amz-cf-id
hg7HugzKJq9rfc8V5P1gsRRdqUZYpZbLa2iPXCAetq3syvbGKFVj0w==
thevaxclinic.com
api.aws.parking.godaddy.com/v1/parking/landers/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.aws.parking.godaddy.com/v1/parking/landers/thevaxclinic.com?trafficTarget=reseller
Protocol
H2
Server
52.66.163.227 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-66-163-227.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-request-id
Origin
http://thevaxclinic.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 14 Jan 2021 17:18:45 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
X-Request-Id
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
http://thevaxclinic.com
access-control-max-age
600
x-request-id
D35qXWCM
thevaxclinic.com
api.aws.parking.godaddy.com/v1/parking/landers/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.aws.parking.godaddy.com/v1/parking/landers/thevaxclinic.com?trafficTarget=reseller
Requested by
Host: d2odv8q3xfctb4.cloudfront.net
URL: https://d2odv8q3xfctb4.cloudfront.net/static/js/main.0ff2407f.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.66.163.227 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-66-163-227.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
http://thevaxclinic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Request-Id
c9a244c2-e14f-4ada-8817-c26434228f22

Response headers

access-control-allow-origin
http://thevaxclinic.com
date
Thu, 14 Jan 2021 17:18:45 GMT
access-control-allow-credentials
true
content-length
1034
access-control-max-age
600
x-request-id
c9a244c2-e14f-4ada-8817-c26434228f22
content-type
application/json
Primary Request Cookie set /
www.secureserver.net/
Redirect Chain
  • https://www.secureserver.net/?isc=PLPPT02003&ci=81494&prog_id=325433&domain=thevaxclinic.com
  • https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
177 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Requested by
Host: d2odv8q3xfctb4.cloudfront.net
URL: https://d2odv8q3xfctb4.cloudfront.net/static/js/main.0ff2407f.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::228b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty/1.15.8.2 / Slay
Resource Hash
35ad5c20e56f88e692e51c211eff6c031764a789ff13bbdebdc631f50104f622
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Host
www.secureserver.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://thevaxclinic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://thevaxclinic.com/

Response headers

Server
openresty/1.15.8.2
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15724800; includeSubDomains
x-powered-by
Slay
Content-Encoding
gzip
Expires
Thu, 14 Jan 2021 17:18:47 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 14 Jan 2021 17:18:47 GMT
Transfer-Encoding
chunked
Connection
keep-alive Transfer-Encoding
Set-Cookie
market=undefined; Max-Age=31536000; Domain=.secureserver.net; Path=/; Expires=Fri, 14 Jan 2022 17:18:47 GMT; Secure; SameSite=None currency=USD; Max-Age=31536000; Domain=.secureserver.net; Path=/; Expires=Fri, 14 Jan 2022 17:18:47 GMT; Secure; SameSite=None
X-ARC
101

Redirect headers

Server
openresty/1.15.8.2
Content-Type
text/html; charset=utf-8
Content-Length
198
Strict-Transport-Security
max-age=15724800; includeSubDomains
x-powered-by
Slay
Location
https://www.secureserver.net?pl_id=325433&isc=PLPPT02003&isRedirect=1
Vary
Accept
Expires
Thu, 14 Jan 2021 17:18:47 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 14 Jan 2021 17:18:47 GMT
Connection
keep-alive
X-ARC
101
ads
www.google.com/dp/ Frame A241 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/dp/ads?r=m&domain_name=thevaxclinic.com&cpp=0&client=dp-starfield&channel=gd-darklander&adtest=off&adsafe=low&type=3&pcsa=false&psid=3767353295&swp=as-drid-oo-1885714186540894&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300441%2C17300443%2C17300494%2C17300496%2C17300580%2C17300582&format=r6&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=60&dt=1610644725938&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=225&frm=0&uio=st24sa11lt40sl1sr1-&cont=relatedLinks&csize=w740h18&inames=master-1&jsv=15753&rurl=http%3A%2F%2Fthevaxclinic.com%2F
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/dp/ads?r=m&domain_name=thevaxclinic.com&cpp=0&client=dp-starfield&channel=gd-darklander&adtest=off&adsafe=low&type=3&pcsa=false&psid=3767353295&swp=as-drid-oo-1885714186540894&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300441%2C17300443%2C17300494%2C17300496%2C17300580%2C17300582&format=r6&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=60&dt=1610644725938&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=225&frm=0&uio=st24sa11lt40sl1sr1-&cont=relatedLinks&csize=w740h18&inames=master-1&jsv=15753&rurl=http%3A%2F%2Fthevaxclinic.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://thevaxclinic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://thevaxclinic.com/

Response headers

content-type
text/html; charset=UTF-8
content-disposition
inline
date
Thu, 14 Jan 2021 17:18:46 GMT
expires
Thu, 14 Jan 2021 17:18:46 GMT
cache-control
private, max-age=3600
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding
br
server
gws
content-length
7777
x-xss-protection
0
set-cookie
NID=207=MNyQ5yKLINyMg09P54kxorjrst6FX-6aCFxI8f5QToOnNdTn5pexxxEk-_NFL5cxA9nt9jfV_X39ImuINeg8dLKzSPIjLdSWzSjG9QeasZJc8l_zI4lkVfLMGk1IPidXhgkTPiup36JykNDaRQPan2aIdujD65m9Wa81PH3O4e0; expires=Fri, 16-Jul-2021 17:18:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=WP.28f5f7; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
parkingEvents
api.aws.parking.godaddy.com/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.aws.parking.godaddy.com/v1/parkingEvents
Requested by
Host: d2odv8q3xfctb4.cloudfront.net
URL: https://d2odv8q3xfctb4.cloudfront.net/static/js/main.0ff2407f.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.66.163.227 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-66-163-227.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
http://thevaxclinic.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 14 Jan 2021 17:18:46 GMT
content-length
0
content-type
text/plain
parkingEvents
api.aws.parking.godaddy.com/v1/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.aws.parking.godaddy.com/v1/parkingEvents
Protocol
H2
Server
52.66.163.227 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-66-163-227.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://thevaxclinic.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 14 Jan 2021 17:18:46 GMT
content-type
text/plain
content-length
0
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-allow-origin
*
gen_204
www.google.com/afs/ 		0
0
tcc.min.js
img6.wsimg.com/wrhs/d4829b8fe08d413dc0c4ea769565a72e/ 		108 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/d4829b8fe08d413dc0c4ea769565a72e/tcc.min.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf17cda5a5f3d90210b1f7334e13b6ad8bf6ab91f2d1510f4b890008b100e748

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
98, 98, 98
x-amz-version-id
KTNZbdTod0s4FDiCCYooWanSbfAHVmJ5
content-encoding
br
etag
"d4829b8fe08d413dc0c4ea769565a72e"
x-amz-request-id
0D7F553447456FFB
x-edgeconnect-midmile-rtt
5, 122, 5
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
23160
x-amz-id-2
XywTEsj7wu1X0AJKY9E+MT1/21EiJXvUZgzw6rUmLqSJXmll+kgXcFSNfXMJjGgSkelIyVWlx0U=
last-modified
Thu, 07 Jan 2021 17:40:57 GMT
date
Thu, 14 Jan 2021 17:18:47 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
polyfill.min.js
img6.wsimg.com/poly/v3/ 		72 B
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/poly/v3/polyfill.min.js?features=Promise,Promise.prototype.finally,fetch,AbortController,Intl.~locale.en-US&rum=0&unknown=polyfill&flags=gated
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
detected-user-agent
Chrome Mobile/83.0.4103
server-timing
cdn-cache; desc=HIT, edge; dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Fri, 18 Dec 2020 11:29:17 GMT
date
Thu, 14 Jan 2021 17:18:47 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/83.0.0
access-control-allow-origin
*
cache-control
public, max-age=172800, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Jan 2021 17:18:47 GMT
palette.min.js
img6.wsimg.com/wrhs/6ef224ce4cfc5d5821e5b0476498d79e/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/6ef224ce4cfc5d5821e5b0476498d79e/palette.min.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
29b3f042279fd273cabf34f3c4fe2f37679b5ff15ca690226b46c301ffd1cec6

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
138, 138
x-amz-version-id
0dgewKBQaLHr0sGDW.Cj0YJzhN6V4tzw
content-encoding
br
etag
"6ef224ce4cfc5d5821e5b0476498d79e"
x-amz-request-id
127B4228ED3229F1
x-edgeconnect-midmile-rtt
3, 121
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1187
x-amz-id-2
dphOp3c2j2xoKB/qv/IxFktNGetg0wcTVOJCGnixmkY7bARPO+yy5HsrZD9WO4OyLFdy6fh98s4=
last-modified
Fri, 04 Dec 2020 14:11:33 GMT
date
Thu, 14 Jan 2021 17:18:47 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
vendor~uxcore2.min.js
img6.wsimg.com/wrhs/5f1d295b85aaaba74af4ee02bdc62854/ 		222 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/5f1d295b85aaaba74af4ee02bdc62854/vendor~uxcore2.min.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7681b600ca47886a999262a34bc5fe49858d4f7041f1ed079d2a9b27524f3d81

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
631, 631
x-amz-version-id
SgNajjPCvcFJoNS0QrxzyU_h2jJ7f5xL
content-encoding
br
etag
"5f1d295b85aaaba74af4ee02bdc62854"
x-amz-request-id
76101629E5E86990
x-edgeconnect-midmile-rtt
1, 7
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
58726
x-amz-id-2
1JXvEfwuMeguppXDu4U4QGF42ETW9Wvl6rc4c7U/Ox8M/rUb2+St+/ZlLSg7yr6MAbJO2VC4SGg=
last-modified
Mon, 19 Oct 2020 20:02:10 GMT
date
Thu, 14 Jan 2021 17:18:47 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
uxcore2.min.js
img6.wsimg.com/wrhs/8423ef1d32036a5af0c0d8b0d1d8e328/ 		172 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/8423ef1d32036a5af0c0d8b0d1d8e328/uxcore2.min.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
05d6b4355ab522d373d920356adad3c30372ff0bea88c015011fa4298673494b

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
423
x-amz-version-id
5reXacapi8xQW0p2SL0UAz_PAGyTFLrz
content-encoding
br
etag
"8423ef1d32036a5af0c0d8b0d1d8e328"
x-amz-request-id
C05991FAFB20645B
x-edgeconnect-midmile-rtt
2
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
38008
x-amz-id-2
hI4fet3uHEoRaiONy8U+zwJTOuFP5rLqB+nGLUG0tlRJyBWgj83moUKPYAQDCnpezqLFtpi9YDo=
last-modified
Wed, 09 Dec 2020 20:48:51 GMT
date
Thu, 14 Jan 2021 17:18:47 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
heartbeat.min.js
img6.wsimg.com/wrhs/d6c7b1acb132140b70d61ad9ce6bc527/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/d6c7b1acb132140b70d61ad9ce6bc527/heartbeat.min.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5a639ab0f7f9882d413b0858538127154d8ae516e892c2bc41efb53c1758e99c

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
721, 721
x-amz-version-id
qSV8qV.axEygUsszufmFhOHOuec8LDBj
content-encoding
br
etag
"d6c7b1acb132140b70d61ad9ce6bc527"
x-amz-request-id
2BFD63315EAE46B7
x-edgeconnect-midmile-rtt
0, 2
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1124
x-amz-id-2
12Pr/ga4m2lAnjc2yA9I7o47n+XaHCgctl9V9JE6TFdqb4+H1hXJyS5P0T7y1+N+zdrGjwmawVY=
last-modified
Sat, 22 Aug 2020 09:47:11 GMT
date
Thu, 14 Jan 2021 17:18:47 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
salesheader.min.js
img6.wsimg.com/wrhs/abc9cc9b8e479b41c31dd6774bf80d7f/ 		420 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/abc9cc9b8e479b41c31dd6774bf80d7f/salesheader.min.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5518c849698a995e2047b0d3b11d40e969db0ec5672973f0fbdbdcf3ebe36eae

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
424
x-amz-version-id
bzgnRgmCm95EuESN_DjCaMXgiH3vo.E0
content-encoding
br
etag
"abc9cc9b8e479b41c31dd6774bf80d7f"
x-amz-request-id
E53ADAD29E334798
x-edgeconnect-midmile-rtt
1
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
57027
x-amz-id-2
N/4sniW3Z7UUA0OTu1GcRonY8tiApLQ4q5Q1MRUkfoZmTEHyXXT2wYuwDOfFUadj/P2w6fuhGOE=
last-modified
Sat, 26 Dec 2020 18:34:25 GMT
date
Thu, 14 Jan 2021 17:18:47 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
set-preference
www.rayhawk.net/ 		0
494 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rayhawk.net/set-preference?market=&currency=USD&pixel=true
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.65.129 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
p3plcdrweb-v01.secureserver.net
Software
openresty/1.15.8.2 / Slay
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
server
openresty/1.15.8.2
x-powered-by
Slay
content-type
text/css; charset=utf-8
x-arc
101
cache-control
max-age=0, no-cache, no-store
date
Thu, 14 Jan 2021 17:18:48 GMT
connection
keep-alive
expires
Thu, 14 Jan 2021 17:18:48 GMT
uxcore2.min.css
img6.wsimg.com/wrhs/5818f659687c7d28e0e177823e4ce6b9/ 		213 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/5818f659687c7d28e0e177823e4ce6b9/uxcore2.min.css
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b7fc4c8589df0546f8550ed519ff0f449a7a3b3dcd9f16f960590c6695910b4b

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
58
x-amz-version-id
vVu6y5EZi2ryiIdHBSM0ghU1H.v1iC5L
content-encoding
br
etag
"1e503ab2e33e5e4314e94c739b911ae3"
x-amz-request-id
EC9F995DF4516F76
x-edgeconnect-midmile-rtt
0
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
28154
x-amz-id-2
LRFEySx2LV/qDImwYj+pCuDv3384LOHvH5ItrybSL9fl+l+AXHD9/SLitu6zSO5J4KT5xJ1oquc=
last-modified
Thu, 10 Dec 2020 14:07:18 GMT
date
Thu, 14 Jan 2021 17:18:47 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
salesheader.min.css
img6.wsimg.com/wrhs/dea3c6d1adbc0e75c608d8ce37d9622a/ 		112 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/dea3c6d1adbc0e75c608d8ce37d9622a/salesheader.min.css
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ab7f3ec455eb078fd17e51d3822bbda867441a720f8e8dab09cdbd7112a92cf7

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
663
x-amz-version-id
mhaNz06LWP7Ll9xyKlGbIf8f0dhKPhTi
content-encoding
br
etag
"de5e3e4eddd9d7417c06392a5bfcf901"
x-amz-request-id
2E05F0609BA5C6F7
x-edgeconnect-midmile-rtt
0
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
19313
x-amz-id-2
W21ntovtyIUh431FTYcxK4EYiMh0tQFraPSQ2E+lWqD0CSezKN3W0ejzNC8BDcTwqH+A0KE7OS8=
last-modified
Mon, 21 Dec 2020 14:55:07 GMT
date
Thu, 14 Jan 2021 17:18:47 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
styles.3152ab42.css
img1.wsimg.com/storefront/static/stylesheets/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/storefront/static/stylesheets/styles.3152ab42.css
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d13413a2021d4c5a79d6e3a9899983cfc46c8943a11e04243f92a5a3c2f61c3d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"26df-176f35b5de0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Thu, 14 Jan 2021 17:18:47 GMT
timing-allow-origin
*
content-length
2661
vendor.2a93f7b0.css
img1.wsimg.com/storefront/static/stylesheets/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/storefront/static/stylesheets/vendor.2a93f7b0.css
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c8ee526abf79e107ac9e257b1498423c82de5b0ea5f6531cb3dcdf43b076b6ee
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"1d9f5-176f35b5de0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Thu, 14 Jan 2021 17:18:47 GMT
timing-allow-origin
*
content-length
20102
runtime.e8fc4baf.js
img1.wsimg.com/storefront/static/scripts/ 		2 KB
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/storefront/static/scripts/runtime.e8fc4baf.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
69585981708db85ec6302063dbbaf8187609de320cd90150e4f1d567f1e6ed11
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"607-176f6bca1b0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Thu, 14 Jan 2021 17:18:47 GMT
timing-allow-origin
*
content-length
769
vendors~main.a18064cc.js
img1.wsimg.com/storefront/static/scripts/ 		1012 KB
249 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/storefront/static/scripts/vendors~main.a18064cc.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d6429c0b3984543a0be5c7ed6b65bbd1c3f00febb7a9bf0bb6f9d1248c344cd8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"fd018-176f6bca1b0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Thu, 14 Jan 2021 17:18:47 GMT
timing-allow-origin
*
content-length
253913
main.d6cf6887.js
img1.wsimg.com/storefront/static/scripts/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/storefront/static/scripts/main.d6cf6887.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e9424ea9896d9767d386a4d55b42a6ab1f79d9ce888fb5178d2d940cb395ac
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"1baaa-176f35b5de0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Thu, 14 Jan 2021 17:18:47 GMT
timing-allow-origin
*
content-length
30349
hivemind-v2.js
d3uxovyp91rmcf.cloudfront.net/ 		161 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3uxovyp91rmcf.cloudfront.net/hivemind-v2.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a200:1a:e647:b7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46c2ce5c9eff3c40a825b9b661bc3d4566d01bfd7118cb9d43002641115e9383

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
jwEn2.71jTZbhxaoP4RRs6X6TG0VDHNs
content-encoding
br
etag
"5bfd47372e7b8a6eb91826f9467f377f"
age
219
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
41151
last-modified
Fri, 11 Dec 2020 00:08:41 GMT
server
AmazonS3
date
Thu, 14 Jan 2021 17:15:09 GMT
content-type
application/javascript
via
1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
kV7n64Qu1-ZwvFpCdo8GK1EaD3Za5FUdPyOpm-20UJ4FKpCdDWo2og==
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-115508484-1&l=_analyticsDataLayer
Requested by
Host: img6.wsimg.com
URL: https://img6.wsimg.com/wrhs/d4829b8fe08d413dc0c4ea769565a72e/tcc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c22ac6239447a2bfaa8e0b28547de74a8ba4c48e78d5613376c05462f0840f35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 17:18:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38979
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Jan 2021 17:18:48 GMT
tti.min.js
img6.wsimg.com/wrhs/fb1258e31ab7be158d088d86a2c990af/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/fb1258e31ab7be158d088d86a2c990af/tti.min.js
Requested by
Host: img6.wsimg.com
URL: https://img6.wsimg.com/wrhs/d4829b8fe08d413dc0c4ea769565a72e/tcc.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7e427c09ce67a5ad38626f03cbf1d1c90f711decd5c4bd9c5edc710c35d60018

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
89, 89
x-amz-version-id
xba67i400nBGVPNHDNuHkBkoo0_MtAUO
content-encoding
br
etag
"fb1258e31ab7be158d088d86a2c990af"
x-amz-request-id
14EBE339FE1468A3
x-edgeconnect-midmile-rtt
1, 1
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
6932
x-amz-id-2
GPqKnvYqSHlskyTnJTgrsMtMTvv4Xnq58onL/BVM1MSsQBX71H/iGSlFNY0G9a3GXn3GvpRVcvo=
last-modified
Thu, 07 Jan 2021 17:41:43 GMT
date
Thu, 14 Jan 2021 17:18:48 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
image.aspx
events.api.secureserver.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.api.secureserver.net/image.aspx?referrer=http%3A%2F%2Fthevaxclinic.com%2F&timestamp=1610644728424&corrid=884766702&currency=USD&marketid=undefined&vs=visible&rand=1074060936&sitename=www.secureserver.net&page=%2F&location=https%3A%2F%2Fwww.secureserver.net%2F%3Fpl_id%3D325433%26isc%3DPLPPT02003%26isRedirect%3D1&loadSource=uxpHeader&app=rs-sf&page_level_properties=loadSource&event_type=page.request&hw=2&browx=1600&browy=1200&resx=1600&resy=1200&cdepth=24&querystring=%3Fpl_id%3D325433%26isc%3DPLPPT02003%26isRedirect%3D1&hit_id=26368512-a664-5151-8fe9-abf007bcf4df&visitor_guid=2ce5bf64-db7d-52b1-b47e-c103beacb178&environment_name=prod&has_consent=1&cv=3.10.4&client_name=tcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.186.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-186-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
2ce5bf64-db7d-52b1-b47e-c103beacb178
sdk.split.io/api/mySegments/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/2ce5bf64-db7d-52b1-b47e-c103beacb178
Protocol
H2
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Origin
https://www.secureserver.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Varnish
retry-after
0
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age
7200
accept-ranges
bytes
date
Thu, 14 Jan 2021 17:18:48 GMT
via
1.1 varnish
x-served-by
cache-fra19149-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1610644729.634041,VS0,VE0
vary
Cookie
access-control-allow-origin
https://www.secureserver.net
content-length
37
splitChanges
sdk.split.io/api/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=1610643520298
Protocol
H2
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Origin
https://www.secureserver.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Varnish
retry-after
0
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age
7200
accept-ranges
bytes
date
Thu, 14 Jan 2021 17:18:48 GMT
via
1.1 varnish
x-served-by
cache-fra19149-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1610644729.634055,VS0,VE0
vary
Cookie
access-control-allow-origin
https://www.secureserver.net
content-length
37
vendors~browser-deprecation-banner.header-chunk.min.js
img6.wsimg.com/wrhs/edcf81c3d50869730555ae3a95e8b343/ 		40 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/edcf81c3d50869730555ae3a95e8b343/vendors~browser-deprecation-banner.header-chunk.min.js
Requested by
Host: img6.wsimg.com
URL: https://img6.wsimg.com/wrhs/abc9cc9b8e479b41c31dd6774bf80d7f/salesheader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.130 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1c56b3f0f475654200cdc71b58d5a279fa810215ed6df11cadec4405cc6f8f58

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
665, 665, 665
x-amz-version-id
uHEVl1l6WHS3H0TDL1aodWSrkLNykohG
content-encoding
br
etag
"edcf81c3d50869730555ae3a95e8b343"
x-amz-request-id
6QDJAKAV4H5S0R9W
x-edgeconnect-midmile-rtt
8, 125, 8
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
7817
x-amz-id-2
jITFj3SlJsWCZQPAc6qsYfw1L1UrUwgbnwiN2Fz3kuzA823QBi9ttf84y7YVx8RxoFBu54sFfwk=
last-modified
Fri, 18 Dec 2020 18:27:48 GMT
date
Thu, 14 Jan 2021 17:18:48 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
salesheader
gui.secureserver.net/pcjson/ 		368 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gui.secureserver.net/pcjson/salesheader?plId=325433&shopperId=&sid=
Requested by
Host: img6.wsimg.com
URL: https://img6.wsimg.com/wrhs/abc9cc9b8e479b41c31dd6774bf80d7f/salesheader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::228b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ARR/2.5
Resource Hash
d2eb333c83b13b0ab5a97dc501b05ad32ed63df4d24ee4182c16d18d415cdcc4

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 17:18:49 GMT
X-AspNet-Version
4.0.30319
X-Powered-By
ARR/2.5
P3P
policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR OUR IND", policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Connection
keep-alive
Content-Length
368
Pragma
no-cache
Server
Microsoft-IIS/8.5
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,PUT,PATCH,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.secureserver.net
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
x-requested-with, content-type, accept, origin, authorization, x-csrftoken
2ce5bf64-db7d-52b1-b47e-c103beacb178
sdk.split.io/api/mySegments/ 		17 B
161 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/2ce5bf64-db7d-52b1-b47e-c103beacb178
Requested by
Host: d3uxovyp91rmcf.cloudfront.net
URL: https://d3uxovyp91rmcf.cloudfront.net/hivemind-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Authorization
Bearer pbqj1rfhsn00ukm2lv96jcg4rmbktkrdsmm0
SplitSDKVersion
javascript-10.15.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubDomains
via
1.1 varnish, 1.1 varnish
etag
"1000002--gzip"
age
0
x-cache
MISS, MISS
content-encoding
gzip
content-length
37
x-served-by
cache-dca17739-DCA, cache-fra19149-FRA
x-timer
S1610644729.664110,VS0,VE95
date
Thu, 14 Jan 2021 17:18:48 GMT
vary
Origin, Accept-Encoding, Cookie
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-ID
cache-control
no-transform, max-age=60, s-maxage=60
accept-ranges
bytes
x-cache-hits
0, 0
pageEvents.aspx
events.api.secureserver.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.api.secureserver.net/pageEvents.aspx?timestamp=1610644728478&corrid=884766702&referrer=http%3A%2F%2Fthevaxclinic.com%2F&currency=USD&marketid=undefined&vs=visible&rand=1689606069&sitename=www.secureserver.net&page=%2F&location=https%3A%2F%2Fwww.secureserver.net%2F%3Fpl_id%3D325433%26isc%3DPLPPT02003%26isRedirect%3D1&loadSource=uxpHeader&app=rs-sf&page_level_properties=loadSource&event_type=page.event&usrin=market%2Cen-US%5Esplit%2C%5Euxcore%2C2%5Ecurrency%2CUSD%5Ehostname%2Cwww.secureserver.net%5Epath%2Cundefined%5Equery%2C%5Bobject%20Object%5D%5Ecountry%2CUnited%20States%5Elang%2CEnglish&eventdate=2021-01-14T17%3A18%3A48.478Z&eventtype=impression&type=&eventid=&eventclass=&absolutex=0&absolutey=0&relativex=0&relativey=0&e_id=uxp.hyd.int.salesheader.sales.impression&hit_id=a13b4c5e-f2a8-58ea-a972-2cd600257307&visitor_guid=2ce5bf64-db7d-52b1-b47e-c103beacb178&environment_name=prod&has_consent=1&cv=3.10.4&client_name=tcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.186.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-186-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
splitChanges
sdk.split.io/api/ 		56 B
383 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=1610643520298
Requested by
Host: d3uxovyp91rmcf.cloudfront.net
URL: https://d3uxovyp91rmcf.cloudfront.net/hivemind-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d274ca0a1767094eb0047ba2f77d10e419bea5a5ca6d7b3e079a42b8bcbf44a
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Authorization
Bearer pbqj1rfhsn00ukm2lv96jcg4rmbktkrdsmm0
SplitSDKVersion
javascript-10.15.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubDomains
via
1.1 varnish, 1.1 varnish
etag
"2056346188--gzip"
age
1207
x-cache
HIT, HIT
content-encoding
gzip
content-length
63
x-served-by
cache-dca17722-DCA, cache-fra19149-FRA
last-modified
Thu, 14 Jan 2021 16:58:40 GMT
x-timer
S1610644729.664329,VS0,VE0
date
Thu, 14 Jan 2021 17:18:48 GMT
vary
Origin, Accept-Encoding, Cookie
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-ID
cache-control
no-transform, max-age=60, s-maxage=60
accept-ranges
bytes
x-cache-hits
2, 1967
b.aspx
events.api.secureserver.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.api.secureserver.net/b.aspx?timestamp=1610644728615&corrid=884766702&referrer=http%3A%2F%2Fthevaxclinic.com%2F&currency=USD&marketid=undefined&vs=visible&rand=1971584339&sitename=www.secureserver.net&page=%2F&location=https%3A%2F%2Fwww.secureserver.net%2F%3Fpl_id%3D325433%26isc%3DPLPPT02003%26isRedirect%3D1&loadSource=uxpHeader&app=rs-sf&page_level_properties=loadSource&event_type=page.log&eventdate=2021-01-14T17%3A18%3A48.616Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1610644727518&connectStart=1610644727518&domComplete=1610644728408&domContentLoadedEventEnd=1610644728408&domContentLoadedEventStart=1610644728408&domInteractive=1610644728408&domLoading=1610644727689&domainLookupEnd=1610644727518&domainLookupStart=1610644727518&fetchStart=1610644727518&navigationStart=1610644725931&requestStart=1610644727519&responseEnd=1610644728007&responseStart=1610644727686&loadEventStart=1610644728408&loadEventEnd=1610644728409&transferSize=46052&encodedBodySize=44510&decodedBodySize=181646&navigationType=navigate&lcp=2478&hit_id=7f200748-f920-5910-9d7b-81b9429ccc50&visitor_guid=2ce5bf64-db7d-52b1-b47e-c103beacb178&environment_name=prod&has_consent=1&cv=3.10.4&client_name=tcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.186.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-186-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
utag.js
tags.tiqcdn.com/utag/gpl/main/prod/ 		167 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/gpl/main/prod/utag.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.214 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-214.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0aae4cc6dd282a878b456b40ffb07855a4dc12fc42ac93aff2deefbd220d8530

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 17:18:48 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 12:28:30 GMT
server
AkamaiNetStorage
etag
"344434a312647ca4179f3257dac8b3dc:1597667309.813967"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Thu, 14 Jan 2021 17:23:48 GMT
pageEvents.aspx
events.api.secureserver.net/ 		43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.api.secureserver.net/pageEvents.aspx?timestamp=1610644728683&corrid=884766702&referrer=http%3A%2F%2Fthevaxclinic.com%2F&vs=visible&rand=867885149&sitename=www.secureserver.net&page=%2F&location=https%3A%2F%2Fwww.secureserver.net%2F%3Fpl_id%3D325433%26isc%3DPLPPT02003%26isRedirect%3D1&loadSource=uxpHeader&app=rs-sf&page_level_properties=loadSource&event_type=page.event&usrin=experiment_type%2Cabn%5Eexperiment_id%2Cuxp_salesheader_accountmenu%5Eexperiment_source%2Cundefined%5Evariant_id%2CB%5Econtent_id%2Cundefined&eventdate=2021-01-14T17%3A18%3A48.684Z&eventtype=experiment&e_id=traffic.tcc.instrumentation.experiment.add_experiment&hit_id=f8690580-b0ae-5d5b-bdb7-1e2cf86f405f&visitor_guid=3fe6f18d-3f77-5174-97a1-36be944fcae2&environment_name=prod&has_consent=0&cv=3.10.4&client_name=tcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.186.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-186-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
date
Thu, 14 Jan 2021 17:18:51 GMT
x-frame-options
DENY
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.secureserver.net, *
access-control-max-age
1000
cache-control
private
x-robots-tag
noindex, nofollow
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
43
x-xss-protection
1; mode=block
pageEvents.aspx
events.api.secureserver.net/ 		43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.api.secureserver.net/pageEvents.aspx?timestamp=1610644728687&corrid=884766702&referrer=http%3A%2F%2Fthevaxclinic.com%2F&vs=visible&rand=684405710&sitename=www.secureserver.net&page=%2F&location=https%3A%2F%2Fwww.secureserver.net%2F%3Fpl_id%3D325433%26isc%3DPLPPT02003%26isRedirect%3D1&loadSource=uxpHeader&app=rs-sf&page_level_properties=loadSource&event_type=page.event&usrin=hashedShopperId%2Cundefined%5EvisitorGuid%2C2ce5bf64-db7d-52b1-b47e-c103beacb178&eventdate=2021-01-14T17%3A18%3A48.688Z&eventtype=impression&e_id=hivemind.sales.experiment.uxp_salesheader_accountmenu.b.impression&hit_id=4ea9230b-5dfa-56f8-9742-1715745a21eb&visitor_guid=3fe6f18d-3f77-5174-97a1-36be944fcae2&environment_name=prod&has_consent=0&cv=3.10.4&client_name=tcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.186.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-186-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
date
Thu, 14 Jan 2021 17:18:49 GMT
x-frame-options
DENY
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.secureserver.net, *
access-control-max-age
1000
cache-control
private
x-robots-tag
noindex, nofollow
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
43
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115508484-1&l=_analyticsDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
7156
date
Thu, 14 Jan 2021 15:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Thu, 14 Jan 2021 17:19:32 GMT
collect
www.google-analytics.com/j/ 		2 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=1745061594&t=pageview&_s=1&dl=https%3A%2F%2Fwww.secureserver.net%2F%3Fpl_id%3D325433%26isc%3DPLPPT02003%26isRedirect%3D1&dr=http%3A%2F%2Fthevaxclinic.com%2F&ul=en-us&de=UTF-8&dt=Rayhawk%20Corporation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=oGBAAUABAAAAAC~&jid=1905666361&gjid=907464287&cid=2199042.1610644729&tid=UA-115508484-1&_gid=92556279.1610644729&_r=1&cd1=2ce5bf64-db7d-52b1-b47e-c103beacb178&cd2=2ce5bf64-db7d-52b1-b47e-c103beacb178&cd3=2ce5bf64-db7d-52b1-b47e-c103beacb178&cd4=2ce5bf64-db7d-52b1-b47e-c103beacb178&cd5=2ce5bf64-db7d-52b1-b47e-c103beacb178&cd15=0&cd20=0&cd22=0&cd24=undefined&cd25=undefined&cd26=http%3A%2F%2Fthevaxclinic.com%2F&cd27=PLPPT02003&cd28=PLPPT02003&cd30=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd31=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd32=%3Fpl_id%3D325433%26isc%3DPLPPT02003%26isRedirect%3D1&cd44=2021-01-14T17%3A18%3A48.429Z&cd52=%2F%3Fpl_id%3D325433%26isc%3DPLPPT02003%26isRedirect%3D1&cd53=Not%20Available&cd54=Not%20Available&cd55=Not%20Available&cd56=sales&cd57=Sales&cd58=SalesHeader&cd59=29.6.2&cd62=0&cd87=884766702&cd91=uxpHeader&cd94=3.10.4&cd96=0&cd98=26368512-a664-5151-8fe9-abf007bcf4df&cd102=0&cd107=0&gtm=2oubu0&z=1054199015
Requested by
Host: img6.wsimg.com
URL: https://img6.wsimg.com/wrhs/fb1258e31ab7be158d088d86a2c990af/tti.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 17:18:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.secureserver.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&aip=1&a=1745061594&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.secureserver.net%2F%3Fpl_id%3D325433%26isc%3DPLPPT02003%26isRedirect%3D1&dr=http%3A%2F%2Fthevaxclinic.com%2F&ul=en-us&de=UTF-8&dt=Rayhawk%20Corporation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=impression&ea=uxp.hyd.int.salesheader.sales.impression&_u=oGBAAUABAAAAAC~&jid=&gjid=&cid=2199042.1610644729&tid=UA-115508484-1&_gid=92556279.1610644729&cd1=2ce5bf64-db7d-52b1-b47e-c103beacb178&cd2=2ce5bf64-db7d-52b1-b47e-c103beacb178&cd3=2ce5bf64-db7d-52b1-b47e-c103beacb178&cd4=2ce5bf64-db7d-52b1-b47e-c103beacb178&cd5=2ce5bf64-db7d-52b1-b47e-c103beacb178&cd15=0&cd20=0&cd22=0&cd24=undefined&cd25=undefined&cd26=http%3A%2F%2Fthevaxclinic.com%2F&cd27=PLPPT02003&cd28=PLPPT02003&cd30=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd31=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd32=%3Fpl_id%3D325433%26isc%3DPLPPT02003%26isRedirect%3D1&cd44=2021-01-14T17%3A18%3A48.481Z&cd53=Not%20Available&cd54=Not%20Available&cd55=Not%20Available&cd56=sales&cd57=Sales&cd58=SalesHeader&cd59=29.6.2&cd62=0&cd87=884766702&cd91=uxpHeader&cd94=3.10.4&cd96=0&cd98=a13b4c5e-f2a8-58ea-a972-2cd600257307&cd102=0&cd107=0&gtm=2oubu0&cm4=1&z=1871792399
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 16:20:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3477
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=gpl/main/202008171228&nocookie=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/gpl/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.214 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-214.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 17:18:48 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Thu, 14 Jan 2021 17:28:48 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-115508484-1&cid=2199042.1610644729&jid=1905666361&gjid=907464287&_gid=92556279.1610644729&_u=oGBAAUAAAAAAAC~&z=2042297980
Requested by
Host: img6.wsimg.com
URL: https://img6.wsimg.com/wrhs/fb1258e31ab7be158d088d86a2c990af/tti.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 14 Jan 2021 17:18:48 GMT
content-type
text/plain
access-control-allow-origin
https://www.secureserver.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-115508484-1&cid=2199042.1610644729&jid=1905666361&_u=oGBAAUAAAAAAAC~&z=1630111068
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 17:18:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-115508484-1&cid=2199042.1610644729&jid=1905666361&_u=oGBAAUAAAAAAAC~&z=1630111068
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 17:18:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&aip=1&a=1745061594&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.secureserver.net%2F%3Fpl_id%3D325433%26isc%3DPLPPT02003%26isRedirect%3D1&dr=http%3A%2F%2Fthevaxclinic.com%2F&ul=en-us&de=UTF-8&dt=Rayhawk%20Corporation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=experiment&ea=traffic.tcc.instrumentation.experiment.add_experiment&el=uxp_salesheader_accountmenu&_u=qGBAAUABAAAAAC~&jid=&gjid=&cid=2199042.1610644729&tid=UA-115508484-1&_gid=92556279.1610644729&cd1=3fe6f18d-3f77-5174-97a1-36be944fcae2&cd2=3fe6f18d-3f77-5174-97a1-36be944fcae2&cd3=3fe6f18d-3f77-5174-97a1-36be944fcae2&cd4=3fe6f18d-3f77-5174-97a1-36be944fcae2&cd5=3fe6f18d-3f77-5174-97a1-36be944fcae2&cd15=0&cd20=0&cd22=0&cd26=http%3A%2F%2Fthevaxclinic.com%2F&cd27=PLPPT02003&cd28=PLPPT02003&cd30=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd31=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd32=%3Fpl_id%3D325433%26isc%3DPLPPT02003%26isRedirect%3D1&cd44=2021-01-14T17%3A18%3A48.685Z&cd53=Not%20Available&cd54=Not%20Available&cd55=Not%20Available&cd56=sales&cd57=Sales&cd58=SalesHeader&cd59=29.6.2&cd62=0&cd87=884766702&cd91=uxpHeader&cd94=3.10.4&cd96=0&cd98=f8690580-b0ae-5d5b-bdb7-1e2cf86f405f&cd102=0&cd107=0&gtm=2oubu0&cd47=uxp_salesheader_accountmenu&cd48=uxp_salesheader_accountmenu&cd45=B&cd46=B&z=1831203154
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.secureserver.net/?pl_id=325433&isc=PLPPT02003&isRedirect=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 16:20:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3477
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/afs/gen_204?client=dp-starfield&output=uds_ads_only&zx=fkht9l41rop5&aqid=9nwAYMrLAofl1gb1gbnACg&psid=3767353295&pbt=bs&adbx=430&adby=72&adbh=308&adbw=740&adbn=master-1&eawp=partner-dp-starfield&errv=15753162209046399873&csadii=12&csadr=219&pblt=1&lle=0&llm=0&ifv=1&usr=1

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| appEnvSettings object| utag_cfg_ovrd object| ux object| _gaDataLayer object| _expDataLayer object| _trfq object| hivemind object| __hivemindPreload object| recaptchaOptions function| loadScript boolean| _tccPageReqFired object| _tccInternal object| _analyticsDataLayer object| _tccTrackingValues object| tcc object| uxcore2WebpackJsonp object| React object| ReactDOM object| PropTypes object| ReactTransitionGroup object| heartbeat object| webpackJsonpSalesHeader object| SalesHeader object| utag_data object| webpackJsonp object| growlInstance object| tti object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData boolean| utag_condload object| utag boolean| __tealium_twc_switch object| tagUtils

2 Cookies

Domain/Path Name / Value
.secureserver.net/ Name: currency
Value: USD
.secureserver.net/ Name: market
Value: undefined

1 Console Messages

Source Level URL
Text
console-api warning URL: https://www.google.com/adsense/domains/caf.js(Line 312)
Message:
The following CSA option(s) were ignored due to being overridden by native style controls: rolloverLinkColor,colorAttribution,colorBackground,attributionSpacingBelow,fontSizeAttribution,colorTitleLink,titleBold,fontSizeTitle,lineHeightTitle,noTitleUnderline,adIconUrl,adIconHeight,adIconWidth,adIconSpacingAbove,adIconSpacingAfter,adBorderSelections,colorAdBorder

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.aws.parking.godaddy.com
d2odv8q3xfctb4.cloudfront.net
d3uxovyp91rmcf.cloudfront.net
events.api.secureserver.net
gui.secureserver.net
img1.wsimg.com
img6.wsimg.com
sdk.split.io
stats.g.doubleclick.net
tags.tiqcdn.com
thevaxclinic.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.rayhawk.net
www.secureserver.net
www.google.com
104.111.217.130
104.238.65.129
151.101.14.2
2.17.186.176
23.37.38.214
2600:9000:2057:a200:1a:e647:b7c0:21
2600:9000:214f:6600:d:df18:9800:21
2a00:1450:4001:800::2004
2a00:1450:4001:802::2003
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:400c:c0c::9a
2a02:26f0:6c00:28a::228b
34.98.99.30
52.66.163.227
05d6b4355ab522d373d920356adad3c30372ff0bea88c015011fa4298673494b
08b39771c8538e71e8f06770ba844c2c7b81a374f15012cc9d3faeca5bed9d69
0aae4cc6dd282a878b456b40ffb07855a4dc12fc42ac93aff2deefbd220d8530
1c56b3f0f475654200cdc71b58d5a279fa810215ed6df11cadec4405cc6f8f58
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
24e9424ea9896d9767d386a4d55b42a6ab1f79d9ce888fb5178d2d940cb395ac
29b3f042279fd273cabf34f3c4fe2f37679b5ff15ca690226b46c301ffd1cec6
35ad5c20e56f88e692e51c211eff6c031764a789ff13bbdebdc631f50104f622
46c2ce5c9eff3c40a825b9b661bc3d4566d01bfd7118cb9d43002641115e9383
5518c849698a995e2047b0d3b11d40e969db0ec5672973f0fbdbdcf3ebe36eae
592f60ade9b6a77803279ff2f4b8f1d171a4fa7d4f0c2f3cde265a4de5e88d07
5a639ab0f7f9882d413b0858538127154d8ae516e892c2bc41efb53c1758e99c
69585981708db85ec6302063dbbaf8187609de320cd90150e4f1d567f1e6ed11
7681b600ca47886a999262a34bc5fe49858d4f7041f1ed079d2a9b27524f3d81
7d274ca0a1767094eb0047ba2f77d10e419bea5a5ca6d7b3e079a42b8bcbf44a
7e427c09ce67a5ad38626f03cbf1d1c90f711decd5c4bd9c5edc710c35d60018
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ab7f3ec455eb078fd17e51d3822bbda867441a720f8e8dab09cdbd7112a92cf7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7fc4c8589df0546f8550ed519ff0f449a7a3b3dcd9f16f960590c6695910b4b
bf08b13e6430091552971502e26bd2c42427c758d8e91682f2d65c0e570fd2e7
c22ac6239447a2bfaa8e0b28547de74a8ba4c48e78d5613376c05462f0840f35
c8ee526abf79e107ac9e257b1498423c82de5b0ea5f6531cb3dcdf43b076b6ee
cf17cda5a5f3d90210b1f7334e13b6ad8bf6ab91f2d1510f4b890008b100e748
d13413a2021d4c5a79d6e3a9899983cfc46c8943a11e04243f92a5a3c2f61c3d
d2eb333c83b13b0ab5a97dc501b05ad32ed63df4d24ee4182c16d18d415cdcc4
d6429c0b3984543a0be5c7ed6b65bbd1c3f00febb7a9bf0bb6f9d1248c344cd8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f099fae7175ae24b4b89d28897185946aeeb4ab8db44421b5fa8261101d9e6e7