www.msba.org Open in urlscan Pro
34.74.135.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.msba.org/CL0/https:%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2Femail-subscriptions%3Futm_campaign=phishi...
Effective URL:
https://www.msba.org/wp/wp-login.php?redirect_to=https%3A%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2F%2Femail-subscr...
Submission: On January 30 via manual (January 30th 2024, 1:56:35 pm UTC) from US — Scanned from NL

Summary HTTP 106 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 31 IPs in 3 countries across 23 domains to perform 106 HTTP transactions. The main IP is 34.74.135.52, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.msba.org.
TLS certificate: Issued by R3 on January 25th 2024. Valid for: 3 months.

This is the only time www.msba.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	34.74.135.52 34.74.135.52	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42::282 2a04:4e42::282	54113 (FASTLY) (FASTLY)
32	2600:9000:26d... 2600:9000:26da:a00:10:308a:6cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:225... 2600:9000:225b:5400:16:fecd:21c0:21	16509 (AMAZON-02) (AMAZON-02)
1	2400:52e0:1e0... 2400:52e0:1e00::1053:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:26d... 2600:9000:26db:2e00:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	108.138.32.174 108.138.32.174	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225b:8600:5:2ea6:6180:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:d9f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	99.84.88.30 99.84.88.30	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1484	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225b:f000:f:fd8f:b000:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	54.203.25.147 54.203.25.147	16509 (AMAZON-02) (AMAZON-02)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	3.223.242.83 3.223.242.83	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
10	99.84.88.70 99.84.88.70	16509 (AMAZON-02) (AMAZON-02)
4	52.2.170.208 52.2.170.208	14618 (AMAZON-AES) (AMAZON-AES)
1	3.33.152.127 3.33.152.127	16509 (AMAZON-02) (AMAZON-02)
106	31

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

links.msba.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.74.135.52 (North Charleston, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 52.135.74.34.bc.googleusercontent.com

www.msba.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2600:9000:26da:a00:10:308a:6cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.laruta.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:5400:16:fecd:21c0:21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d1azc1qln24ryf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1053:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.icomoon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26db:2e00:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o35839.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 108.138.32.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-32-174.muc50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:8600:5:2ea6:6180:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.laruta.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:d9f1 (United States)

ASN13335 (CLOUDFLARENET, US)

auth.msba.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-30.muc50.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1484 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:f000:f:fd8f:b000:93a1 (United States)

ASN16509 (AMAZON-02, US)

d1l6p2sc9645hc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.203.25.147 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-25-147.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.223.242.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-242-83.compute-1.amazonaws.com

data.gosquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 99.84.88.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-70.muc50.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.2.170.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-170-208.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.152.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: a69d63ecdf0f33068.awsglobalaccelerator.com

downloads.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	laruta.io assets.laruta.io cdn.laruta.io	216 KB
13	segment.com cdn.segment.com — Cisco Umbrella Rank: 1697	140 KB
11	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2157 downloads.intercomcdn.com — Cisco Umbrella Rank: 12241	1 MB
9	msba.org 3 redirects links.msba.org www.msba.org auth.msba.org	839 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349 www.linkedin.com — Cisco Umbrella Rank: 632 px4.ads.linkedin.com — Cisco Umbrella Rank: 6550	5 KB
5	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1661 api-iam.intercom.io — Cisco Umbrella Rank: 2016	11 KB
4	google.nl www.google.nl — Cisco Umbrella Rank: 9209	733 B
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	3 KB
4	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	239 B
2	gosquared.com data.gosquared.com — Cisco Umbrella Rank: 46366	151 B
2	segment.io api.segment.io — Cisco Umbrella Rank: 1326	343 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	18 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	69 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	166 KB
2	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 6706	230 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	2 KB
2	cloudfront.net 1 redirects d1azc1qln24ryf.cloudfront.net d1l6p2sc9645hc.cloudfront.net	6 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 783	16 KB
1	sentry.io o35839.ingest.sentry.io	324 B
1	icomoon.io cdn.icomoon.io — Cisco Umbrella Rank: 12918	2 KB
1	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2677	774 B
106	23

	Domain	Requested by
32	assets.laruta.io	www.msba.org
13	cdn.segment.com	www.msba.org assets.laruta.io cdn.segment.com
10	js.intercomcdn.com	widget.intercom.io js.intercomcdn.com
5	www.msba.org	2 redirects assets.laruta.io
4	api-iam.intercom.io	js.intercomcdn.com
4	px.ads.linkedin.com	3 redirects assets.laruta.io
4	www.google.nl	www.msba.org
4	www.google-analytics.com	cdn.segment.com www.google-analytics.com assets.laruta.io
3	www.google.com	1 redirects www.msba.org
3	auth.msba.org	assets.laruta.io
2	www.facebook.com	www.msba.org
2	data.gosquared.com	d1l6p2sc9645hc.cloudfront.net
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	api.segment.io	assets.laruta.io
2	stats.g.doubleclick.net	www.googletagmanager.com assets.laruta.io
2	www.googleadservices.com	cdn.segment.com www.googleadservices.com
2	connect.facebook.net	cdn.segment.com connect.facebook.net
2	www.googletagmanager.com	cdn.segment.com www.google-analytics.com
2	cdn.auth0.com	www.msba.org cdn.auth0.com
2	cdnjs.cloudflare.com	www.msba.org
1	downloads.intercomcdn.com
1	px4.ads.linkedin.com	www.msba.org
1	www.linkedin.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	d1l6p2sc9645hc.cloudfront.net	cdn.segment.com
1	snap.licdn.com	cdn.segment.com
1	widget.intercom.io	cdn.segment.com
1	cdn.laruta.io	www.msba.org
1	o35839.ingest.sentry.io	assets.laruta.io
1	cdn.icomoon.io	www.msba.org
1	d1azc1qln24ryf.cloudfront.net	1 redirects
1	cdn.polyfill.io	www.msba.org
1	links.msba.org	1 redirects
106	33

This site contains links to these domains. Also see Links.

Domain
wordpress.org

Subject Issuer	Validity	Valid
production.laruta.io R3	`2024-01-25` - `2024-04-24`	3 months	crt.sh
polyfill.io Certainly Intermediate R1	`2024-01-11` - `2024-02-10`	a month	crt.sh
*.laruta.io Amazon RSA 2048 M01	`2023-02-02` - `2024-03-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.auth0.com Amazon RSA 2048 M03	`2024-01-25` - `2025-02-22`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
auth.msba.org E1	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-08` - `2024-02-06`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
gosquared.com Amazon RSA 2048 M03	`2023-09-25` - `2024-10-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
intercom-attachments-9.com Amazon RSA 2048 M03	`2024-01-18` - `2025-02-15`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.msba.org/wp/wp-login.php?redirect_to=https%3A%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2F%2Femail-subscriptions%2F&utm_campaign=phishing%20scam&utm_source=dedicated&utm_medium=email&campaign=2753
Frame ID: FCE7992A5749FA5100FA914160D077DC
Requests: 92 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.3c0daf1d.js
Frame ID: 8D6823880D07D423BD703CAC8FBCCD29
Requests: 13 HTTP requests in this frame

Frame: data://truncated
Frame ID: A3E9240E633152DA4E9D1F372B710506
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/images/close.[md5:hash:hex:8]..png
Frame ID: 6A0AA136FC7579848EC4C3893C1B5BC5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In ‹ Maryland State Bar Association – MSBA — WordPress

Page URL History Show full URLs

https://links.msba.org/CL0/https:%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2Femail-subscriptions%3... HTTP 302
https://www.msba.org/my-account/settings/email-subscriptions?utm_campaign=phishing%20scam&utm_sou... HTTP 302
https://www.msba.org/wp/wp-login.php?redirect_to=https%3A%2F%2Fwww.msba.org%2Fmy-account%2Fsettin... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Auth0 Lock (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/lock/([\d.]+)/lock(?:.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

106
Requests

95 %
HTTPS

66 %
IPv6

23
Domains

33
Subdomains

31
IPs

3
Countries

3056 kB
Transfer

7442 kB
Size

21
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: Powered by WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.msba.org/CL0/https:%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2Femail-subscriptions%3Futm_campaign=phishing%2520scam%26utm_source=dedicated%26utm_medium=email%26campaign=2753/1/0100018d56fccf0c-726d7c19-9e54-44f8-84ce-5fd845c857a7-000000/hqgnvu3qEGgNj1ieIHhXi4HXjEd9I37TT991d_TASuc=337 HTTP 302
https://www.msba.org/my-account/settings/email-subscriptions?utm_campaign=phishing%20scam&utm_source=dedicated&utm_medium=email&campaign=2753 HTTP 302
https://www.msba.org/wp/wp-login.php?redirect_to=https%3A%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2F%2Femail-subscriptions%2F&utm_campaign=phishing%20scam&utm_source=dedicated&utm_medium=email&campaign=2753 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://d1azc1qln24ryf.cloudfront.net/119805/Laruta/style-cf.css?ver=1.62.8 HTTP 302
https://cdn.icomoon.io/119805/Laruta/style-cf.css

Request Chain 40

https://www.msba.org/content/uploads/sites/7/2018/04/MSBA-Logo-No-Tag-With-Padding-300x1181.png HTTP 302
https://cdn.laruta.io/raw/sites/7/2018/04/MSBA-Logo-No-Tag-With-Padding-300x1181.png

Request Chain 73

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=420913&time=1706622990595&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=420913&time=1706622990595&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D420913%26time%3D1706622990595%26url%3Dhttps%253A%252F%252Fwww.msba.org%252Fwp%252Fwp-login.php%253Fredirect_to%253Dhttps%25253A%25252F%25252Fwww.msba.org%25252Fmy-account%25252Fsettings%25252F%25252Femail-subscriptions%25252F%2526utm_campaign%253Dphishing%252520scam%2526utm_source%253Ddedicated%2526utm_medium%253Demail%2526campaign%253D2753%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=420913&time=1706622990595&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=420913&time=1706622990595&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&cookiesTest=true&liSync=true&e_ipv6=AQIFGv6l3ha5dgAAAY1aqDrg1vf-08Auw8w9srIloE_LeCtGqdhPUIZoMSENSRJAdHPQ2w

Request Chain 79

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805094301/?random=870420798&cv=9&fst=1706622990606&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&tiba=Log%20In%20%E2%80%B9%20Maryland%20State%20Bar%20Association%20%E2%80%93%20MSBA%20%E2%80%94%20WordPress&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&ocp_id=DgC5ZYjlJo7M78EP1qegmAU&sscte=1&crd=CIO9sQI&pscrd=IhMIiKT9iKKFhAMVDuY7Ah3WEwhT HTTP 302
https://www.google.com/pagead/1p-conversion/805094301/?random=870420798&cv=9&fst=1706622990606&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&tiba=Log%20In%20%E2%80%B9%20Maryland%20State%20Bar%20Association%20%E2%80%93%20MSBA%20%E2%80%94%20WordPress&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CIO9sQI&pscrd=IhMIiKT9iKKFhAMVDuY7Ah3WEwhT&is_vtc=1&ocp_id=DgC5ZYjlJo7M78EP1qegmAU&cid=CAQSGwAvHhf_9aQ2oN8dQw1Eo6MycmzVxVMNa3FWtw&random=3612779590&resp=GooglemKTybQhCsO HTTP 302
https://www.google.nl/pagead/1p-conversion/805094301/?random=870420798&cv=9&fst=1706622990606&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&tiba=Log%20In%20%E2%80%B9%20Maryland%20State%20Bar%20Association%20%E2%80%93%20MSBA%20%E2%80%94%20WordPress&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CIO9sQI&pscrd=IhMIiKT9iKKFhAMVDuY7Ah3WEwhT&is_vtc=1&ocp_id=DgC5ZYjlJo7M78EP1qegmAU&cid=CAQSGwAvHhf_9aQ2oN8dQw1Eo6MycmzVxVMNa3FWtw&random=3612779590&resp=GooglemKTybQhCsO&ipr=y

106 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request wp-login.php Show response
www.msba.org/wp/
Redirect Chain

https://links.msba.org/CL0/https:%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2Femail-subscriptions%3Futm_campaign=phishing%2520scam%26utm_source=dedicated%26utm_medium=email%26campaign=2753/1/010001...
https://www.msba.org/my-account/settings/email-subscriptions?utm_campaign=phishing%20scam&utm_source=dedicated&utm_medium=email&campaign=2753
https://www.msba.org/wp/wp-login.php?redirect_to=https%3A%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2F%2Femail-subscriptions%2F&utm_campaign=phishing%20scam&utm_source=dedicated&utm_medium=email&ca...

26 KB
8 KB

907ms
907ms

Document
text/html

34.74.135.52
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.msba.org/wp/wp-login.php?redirect_to=https%3A%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2F%2Femail-subscriptions%2F&utm_campaign=phishing%20scam&utm_source=dedicated&utm_medium=email&campaign=2753

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.74.135.52 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

52.135.74.34.bc.googleusercontent.com

Software

Resource Hash

d1a2a584448e94ad6f4ed4c254c8f11abc8442f4f12059f0807d73e874872418

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 30 Jan 2024 13:56:28 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
date: Tue, 30 Jan 2024 13:56:27 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://www.msba.org/wp/wp-login.php?redirect_to=https%3A%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2F%2Femail-subscriptions%2F&utm_campaign=phishing%20scam&utm_source=dedicated&utm_medium=email&campaign=2753
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-redirect-by: WordPress

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v3/ 619 B
774 B 447ms
149ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v3/polyfill.min.js?flags=gated&features=NodeList.prototype.forEach%2CNode.prototype.contains%2CNodeList.prototype.%40%40iterator%2Ces6%2CArray.from%2CArray.isArray%2CArray.of%2CArray.prototype.%40%40iterator%2CArray.prototype.copyWithin%2CArray.prototype.entries%2CArray.prototype.every%2CArray.prototype.fill%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.flat%2CArray.prototype.flatMap%2CArray.prototype.forEach%2CArray.prototype.includes%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CArray.prototype.reduceRight%2CArray.prototype.some%2CArray.prototype.values%2CDOMTokenList%2CDOMTokenList.prototype.%40%40iterator%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CFunction.prototype.bind%2CFunction.prototype.name%2CMap%2CMutationObserver%2CNumber.isFinite%2CNumber.isInteger%2CNumber.isNaN%2CNumber.isSafeInteger%2CNumber.parseFloat%2CNumber.parseInt%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.freeze%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.getPrototypeOf%2CObject.is%2CObject.isExtensible%2CObject.isFrozen%2CObject.isSealed%2CObject.keys%2CObject.preventExtensions%2CObject.seal%2CObject.setPrototypeOf%2CObject.values%2CPromise%2CPromise.prototype.finally%2Cconsole%2Cconsole.assert%2Cconsole.clear%2Cconsole.count%2Cconsole.debug%2Cconsole.info%2Cconsole.log%2Cconsole.table%2Cconsole.time%2Cconsole.timeEnd%2Cconsole.timeStamp%2Cconsole.timeline%2Cconsole.timelineEnd%2Cconsole.trace%2Cconsole.warn%2CdevicePixelRatio%2Cconsole.dir%2Cconsole.dirxml%2Cconsole.error%2Cconsole.exception%2Cconsole.group%2Cconsole.groupCollapsed%2Cconsole.groupEnd%2Cconsole.markTimeline%2Cconsole.profile%2Cconsole.profileEnd%2Cconsole.profiles%2Cdocument%2Cfetch%2CmatchMedia%2Cscreen.orientation%2CString.prototype.startsWith&ver=5.9

Requested by

Host: www.msba.org
URL: https://www.msba.org/wp/wp-login.php?redirect_to=https%3A%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2F%2Femail-subscriptions%2F&utm_campaign=phishing%20scam&utm_source=dedicated&utm_medium=email&campaign=2753

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

948c6f0421cdbde0a3d53d76c71d56990c0b3659524dd10be54249ce32ca8d1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 13:56:29 GMT
age: 0
detected-user-agent: Chrome/120.0.0
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=4
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 280
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/120.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 parent_sentry.js Show response
assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/ 199 KB
47 KB 206ms
86ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/parent_sentry.js?ver=1.62.8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0298b33183ea24af7a7c306805173f3edf5c0f7b2a2b57c682274c2f46bb4da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 06:24:06 GMT
last-modified: Tue, 23 Jan 2024 19:56:50 GMT
x-amz-cf-pop: MUC50-P4
age: 27142
etag: W/"65b01a02-31bdb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 95zRRTfDih6q-18LhlVrcSqS9c-CCzQwUO9lHxjARsp-B2TdEMFN2w==

GET
H2 200 jquery.min.js Show response
assets.laruta.io/wp/wp-includes/js/jquery/ 87 KB
31 KB 244ms
123ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 11:30:19 GMT
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
age: 8769
etag: W/"61f05d81-15db1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: AwlwJvZ5xM2cAAsxJ6oXrcZOhBQ1ZikmtfyohozOgpPri6RPZvBk0w==

GET
H2 200 jquery-migrate.min.js Show response
assets.laruta.io/wp/wp-includes/js/jquery/ 11 KB
4 KB 206ms
86ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 13:00:50 GMT
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
age: 3338
etag: W/"61f05d81-2bd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: uaBRKfJqBEESKSxs-RErxvYyxxFCe_zZOBp5P2XMOHqHpFdCiKUIYQ==

GET
H2 200 parent_global_vendors.js Show response
assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/ 25 KB
7 KB 244ms
123ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/parent_global_vendors.js?ver=1.62.8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5ad1b65b6c73b54a44aa1be008959293c83d6eb5ee99ed2535d6ee256d573de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 10:48:08 GMT
last-modified: Tue, 23 Jan 2024 19:56:50 GMT
x-amz-cf-pop: MUC50-P4
age: 11300
etag: W/"65b01a02-64aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: VGZVhSrfSXAGhrsWhUJr8XlTgo41TegxbKCsLGiSiQZ1faQO76kEFA==

GET
H2 200 dashicons.min.css
assets.laruta.io/wp/wp-includes/css/ 58 KB
36 KB 170ms
49ms Stylesheet
text/css 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-includes/css/dashicons.min.css?ver=5.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Mon, 29 Jan 2024 17:39:15 GMT
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
age: 73032
etag: W/"61f05d81-e688"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: KBfQZMZXpAXIBjO3bvWYNpCrlkIp9qYgXZLSFaTjUpH9QvOshSpk3Q==

GET
H2 200 buttons.min.css
assets.laruta.io/wp/wp-includes/css/ 6 KB
2 KB 170ms
49ms Stylesheet
text/css 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-includes/css/buttons.min.css?ver=5.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a263951ba358b2b766fe5e06c24a5869f2a67aeee53a4ba7d3b1f9d478fc3c34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 11:17:16 GMT
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
age: 9552
etag: W/"61f05d81-16de"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: MTNOvcQaNA7PHaLk2Nyp4xe90BbCOQkIP48bDAw7Hn_rBvZOAlvoUA==

GET
H2 200 forms.min.css
assets.laruta.io/wp/wp-admin/css/ 25 KB
8 KB 574ms
454ms Stylesheet
text/css 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-admin/css/forms.min.css?ver=5.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a56bde4ff2dfc7ae7f081828a728514e80606e1d555f58babb469050a5756630

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 13:56:29 GMT
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
etag: W/"61f05d81-6319"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: cGT8ukH62xiL9VzehTbEuB_gGeRn4F3bFDHm09BDWs3lIhVuII0Pdg==

GET
H2 200 l10n.min.css
assets.laruta.io/wp/wp-admin/css/ 2 KB
1 KB 581ms
461ms Stylesheet
text/css 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-admin/css/l10n.min.css?ver=5.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

86669f0412fff3ba05a09c21f077c7a9ec4d9054633216b6ce04eb3c6c57538b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 13:56:29 GMT
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
etag: W/"61f05d81-9ad"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: 6HFEqTSS6G0Kg9T6KHHi5AEQ0i4xqsUSuR-y_-m3JSqefNBb0xDY6w==

GET
H2 200 login.min.css
assets.laruta.io/wp/wp-admin/css/ 6 KB
3 KB 601ms
480ms Stylesheet
text/css 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-admin/css/login.min.css?ver=5.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

38a7a5628e536d54062615d2b9b779b885facd3c488ec4b25a6ec6ec5347d0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 13:56:29 GMT
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
etag: W/"61f05d81-18ab"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: CBS4oO8bthMAbphtSth4g48igUb2QL0RpKAZVxTpE6Mf142sSOI43Q==

GET
H2 200 login.css
assets.laruta.io/app/plugins/auth0/assets/css/ 2 KB
986 B 576ms
456ms Stylesheet
text/css 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/app/plugins/auth0/assets/css/login.css?ver=3.11.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8bf8a7be8846cab44743b02cabad3cfce170be838855807df0c7a2124c86b09f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:29 GMT
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
strict-transport-security: max-age=15724800; includeSubDomains; preload
last-modified: Tue, 23 Jan 2024 19:54:23 GMT
x-amz-cf-pop: MUC50-P4
etag: W/"65b0196f-91d"
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: X_Ve8NhnKVb_SYVIk3748uajinNtwKCZwPt6cwjktKkQryjnKkbdqg==

GET
H2 200 parent_fonts_net.css
assets.laruta.io/app/themes/laruta-themosis-parent/dist/styles/ 8 KB
2 KB 198ms
78ms Stylesheet
text/css 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/styles/parent_fonts_net.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f4c913545fa96161776a0675fbcd153b40d94a1b071ca939cdcc1b5a32a359d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 09:20:20 GMT
last-modified: Tue, 23 Jan 2024 19:56:50 GMT
x-amz-cf-pop: MUC50-P4
age: 16568
etag: W/"65b01a02-218f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: 4TDBZX2vnpKPH0J5nVP8z0zsTELcVmXEcthnyNanRuwzudjoLyXjvg==

GET
H2 200 parent_global_vendors.css
assets.laruta.io/app/themes/laruta-themosis-parent/dist/styles/ 92 KB
19 KB 206ms
86ms Stylesheet
text/css 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/styles/parent_global_vendors.css?ver=1.62.8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fbc76c5f10f511a2a04a54ba1d8d50babed92bfa5ee1f46b2ea2ea0bac9bd862

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 10:48:08 GMT
last-modified: Tue, 23 Jan 2024 19:56:50 GMT
x-amz-cf-pop: MUC50-P4
age: 11300
etag: W/"65b01a02-1711e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: Xb-TGo0yR6XT7aArJE4toIwieaW-oO1GqV4kbFVBP_f0ssqcClBCWA==

GET
H2 200 parent_lrt_auth0_customizations.css
assets.laruta.io/app/themes/laruta-themosis-parent/dist/styles/ 387 B
549 B 162ms
42ms Stylesheet
text/css 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/styles/parent_lrt_auth0_customizations.css?ver=1.62.8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

57c4309a070f8b93f72fe8042008d667c6b73da830278885f7e9fbaeca94d305

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 09:20:20 GMT
last-modified: Tue, 23 Jan 2024 19:56:50 GMT
x-amz-cf-pop: MUC50-P4
age: 16568
etag: W/"65b01a02-183"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: g99rfIyUenbIxbfRNnAZkYgPYdSdJXIQyIf4XYgwaOpz-prljOSxng==

GET
H2

200

style-cf.css
cdn.icomoon.io/119805/Laruta/
Redirect Chain

https://d1azc1qln24ryf.cloudfront.net/119805/Laruta/style-cf.css?ver=1.62.8
https://cdn.icomoon.io/119805/Laruta/style-cf.css

7 KB
2 KB

107ms
24ms

Stylesheet
text/css

2400:52e0:1e00::1053:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.icomoon.io/119805/Laruta/style-cf.css
Requested by: Host: www.msba.org
URL: https://www.msba.org/wp/wp-login.php?redirect_to=https%3A%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2F%2Femail-subscriptions%2F&utm_campaign=phishing%20scam&utm_source=dedicated&utm_medium=email&campaign=2753
Protocol: H2
Server: 2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1053 /
Resource Hash: f7ad9eb76ed78a7865d76eda2b99c094b982f3266b779f08089cccf68ee45773

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:28 GMT
content-encoding: br
cdn-edgestorageid: 752
cdn-cachedat: 07/06/2023 23:08:21
cdn-pullzone: 1460617
last-modified: Wed, 07 Jun 2023 16:42:45 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"414b97302962da9d745f322f7d685484"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: dd4aa74a-23b0-4a02-a963-0a23a001f729
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: d51b496f21ff223e661d6ac9e20bea53
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Tue, 30 Jan 2024 13:56:28 GMT
via: 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P1
vary: Origin
x-cache: FunctionGeneratedResponse from cloudfront
location: https://cdn.icomoon.io/119805/Laruta/style-cf.css
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: -RtXsBgaYO4lnfxNZnyDFJvjeQYrP_jzkE_ev2ds_GuhsbLw8giyDg==

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 1 KB
1 KB 62ms
25ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.css?ver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6957821
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 394
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSBLSvgbTfuw8zGbSvTBGy9MzdSXRt7pczcwGqJ9a450HOd%2BMFWMrjqLsyMc2ll885lHcRPYggEq9FZnQKxryORNHWvWVErJ4XgPMuUJmo9WqLMEmw1U5ECgQZxtj8sgylGaFKlBpX%2FvcUP9dIrPl7IO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84da37efdb131cba-AMS
expires: Sun, 19 Jan 2025 13:56:28 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 2 KB
977 B 72ms
35ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css?ver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4837026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 657
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEk%2Fe514hzTyj76hGq1kRa4e2e39YoPyTIqzQkRQA4f7YoPIp6HgW888%2F7ni%2Fyvzv9eQFhBHjDfOPnQyRw52LHedJo8V%2FK7snyC%2FRPeaPvXe7S5ZKz0o3bhjjFvRsdqN%2BqARGsLLKvacyvHefaUvC3Qj"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84da37efdb191cba-AMS
expires: Sun, 19 Jan 2025 13:56:28 GMT

GET
H2 200 outdatedbrowser.min.js Show response
assets.laruta.io/app/themes/laruta-themosis-parent/resources/admin/to-refactor/assets/scripts/vendors/ 3 KB
2 KB 234ms
114ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/app/themes/laruta-themosis-parent/resources/admin/to-refactor/assets/scripts/vendors/outdatedbrowser.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c95d2c699112c4706a7d27cd9dc1f4e38cb71876ecc4b6496d0426bb1ad7bfdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 13:42:10 GMT
last-modified: Tue, 23 Jan 2024 19:47:23 GMT
x-amz-cf-pop: MUC50-P4
age: 858
etag: W/"65b017cb-c68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: CTuRegl1U6_OUJ_tmNu46cFVXvB7smuEweWeHu9FaBcPxoG3hisWHg==

GET
H2 200 parent_ie_legacy_support.js Show response
assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/ 2 KB
1 KB 233ms
113ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/parent_ie_legacy_support.js?ver=1.62.8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

27582db28c29b09a842c2804dcf69698d67d3011f383b2826f8e59e165f646a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 06:24:06 GMT
last-modified: Tue, 23 Jan 2024 19:56:50 GMT
x-amz-cf-pop: MUC50-P4
age: 27142
etag: W/"65b01a02-635"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: QNrjYvZWGYjWhNT0wuxUnYvYctcVHLwjWcgMUmObC2V9XPI47CeyHQ==

GET
H2 200 underscore.min.js Show response
assets.laruta.io/wp/wp-includes/js/ 19 KB
8 KB 235ms
116ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-includes/js/underscore.min.js?ver=1.13.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 13:42:10 GMT
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
age: 858
etag: W/"61f05d81-4a7d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 5GuhPnfnU7otY5Qif40onrgrH7li0oJWnbS3f40kynxRDCoUxUFZpQ==

GET
H2 200 backbone.min.js Show response
assets.laruta.io/wp/wp-includes/js/ 23 KB
8 KB 200ms
80ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-includes/js/backbone.min.js?ver=1.4.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f2c4a355f2a88ce6793b73c3a6cddb3703355d2b74a6cff0dc2ff81383480a01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 09:20:21 GMT
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
age: 16567
etag: W/"61f05d81-5cf2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 8dlioofi0B1KAU-ZP8pUjw4KEv0vkoME_sBHDHBw4jGSXum1t1SzXQ==

GET
H2 200 api-request.min.js Show response
assets.laruta.io/wp/wp-includes/js/ 1 KB
970 B 239ms
120ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-includes/js/api-request.min.js?ver=5.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

243d0318292081b26db69dad7403b07a4f8c302076bad5ff2f51ce135e19390e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 09:20:21 GMT
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
age: 16567
etag: W/"61f05d81-401"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: zXXzAyvTLbunyXmWVLktogfeLI3O2qv2A4-k7OG_4cUtbHPgrWkyVg==

GET
H2 200 wp-api.min.js Show response
assets.laruta.io/wp/wp-includes/js/ 14 KB
4 KB 233ms
114ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-includes/js/wp-api.min.js?ver=5.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

062d8167bc405094e000b7d3af11deba7a4ecff663aff087d7b19ef51c05ff6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 09:20:21 GMT
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
age: 16567
etag: W/"61f05d81-395e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: o3DWz8RMNeM-OJcg6fjamWx7LedySpYtnikB5f2PwwdfFoDNxiJX7g==

GET
H2 200 laruta_connect.js Show response
assets.laruta.io/app/themes/laruta-themosis-parent/assets/js/feature/ 585 B
961 B 239ms
120ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/app/themes/laruta-themosis-parent/assets/js/feature/laruta_connect.js?ver=1.62.8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7053006f6e991d8d96a6cbea5d1cad9247e36451be9ce65c96c08efe933f5ff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
date: Tue, 30 Jan 2024 09:20:21 GMT
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 19:47:23 GMT
x-amz-cf-pop: MUC50-P4
age: 16567
etag: "65b017cb-249"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 585
x-amz-cf-id: Nvi7Svo6gjCmWWHOdiZBuRCWbtZNc7mjkbZ39FaaAezWMS4-5RV-mQ==

GET
H2 200 parent_feature_gravity_forms.js Show response
assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/ 1 KB
1017 B 615ms
496ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/parent_feature_gravity_forms.js?ver=1.62.8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c4ff322edc2f8446033b2049b618e62d7aa62f0d199c890ee3c92fffacf18246

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
last-modified: Tue, 23 Jan 2024 19:56:50 GMT
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
etag: W/"65b01a02-51f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: qEciRPdQVcyaxgqW06Dl5WET4VW_QTPqnCaXvM3jvlnOlh7OTgVYww==

GET
H2 200 parent_feature_passport_membership.js Show response
assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/ 5 KB
2 KB 228ms
109ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/parent_feature_passport_membership.js?ver=1.62.8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

325a5beda6e0e0688e1db8404e2973b24ea0c825156fbdeb3f4954a44b6fcc04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 10:48:08 GMT
last-modified: Tue, 23 Jan 2024 19:56:50 GMT
x-amz-cf-pop: MUC50-P4
age: 11300
etag: W/"65b01a02-13a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: iIO0gvRuPrIsSl4fFx6g6T_0SrBCiWbqfjQClvV7J2rGSfkuYYdEaw==

GET
H2 200 lock.min.js Show response
cdn.auth0.com/js/lock/11.21.1/ 810 KB
229 KB 158ms
44ms Script
application/javascript 2600:9000:26db:2e00:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/js/lock/11.21.1/lock.min.js?ver=5.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:2e00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

109cdd7ef931af5342f8282754524658d3817fbb3f4476f46548fb66a9fb2e3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: hTTS5Le4zu.YCUuParYjvDIjEhE2eEhi
content-encoding: gzip
via: 1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 06:26:16 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: MUC50-P3
age: 27013
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 03 Feb 2020 17:13:10 GMT
server: AmazonS3
etag: W/"e51adee47c6c0528405d6f7b93560b7e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2628000,public
x-robots-tag: noindex
x-amz-cf-id: WX_uC6tZHpAiwFeqRBhl4lURj2pvv7y8wBJFw7JsDqieSnvhh5VBRg==

GET
H2 200 js.cookie.min.js Show response
assets.laruta.io/app/plugins/auth0/assets/lib/ 2 KB
1 KB 614ms
495ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/app/plugins/auth0/assets/lib/js.cookie.min.js?ver=2.2.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3c4766e71dd198e8aaee3433ace80c6b6e865d18a24f4267674b804e3feba0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
last-modified: Tue, 23 Jan 2024 19:54:23 GMT
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
etag: W/"65b0196f-69b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: xCx1QGMB7zIfkbIXZ728Z_gR5Ax80s1aFGVk1BiEen_D0qlE5i11HA==

GET
H2 200 lock-init.js Show response
assets.laruta.io/app/plugins/auth0/assets/js/ 4 KB
2 KB 238ms
119ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/app/plugins/auth0/assets/js/lock-init.js?ver=3.11.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b226301bd09027047ba1670e361d5bd51eaea02f10ce12b586c13292493a30d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 13:42:10 GMT
last-modified: Tue, 23 Jan 2024 19:54:23 GMT
x-amz-cf-pop: MUC50-P4
age: 858
etag: W/"65b0196f-eb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: B9DuqZZi8V6ytE4n2vV_EAybTwo1g_EapwcE3UHtFTa1-xiFoQQLCg==

GET
H2 200 zxcvbn-async.min.js Show response
assets.laruta.io/wp/wp-includes/js/ 351 B
725 B 229ms
110ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-includes/js/zxcvbn-async.min.js?ver=1.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e93e18f2f34a865e27d2d839eaccca6bec750d357f1c937980026d6d25507c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
date: Tue, 30 Jan 2024 11:17:16 GMT
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
age: 9552
etag: "61f05d81-15f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 351
x-amz-cf-id: IHqgcRzck2dr1644wtRVGrgwYGOLsIWqmRHQcaz1ZD-25cayte4Low==

GET
H2 200 regenerator-runtime.min.js Show response
assets.laruta.io/wp/wp-includes/js/dist/vendor/ 6 KB
3 KB 229ms
111ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 06:24:06 GMT
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
age: 27142
etag: W/"61f05d81-195e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 4cIOenw2FXKBXXWCqr8-4k5Yn_TlOp9rYhV0WehpvH-_ef9ptE07qg==

GET
H2 200 wp-polyfill.min.js Show response
assets.laruta.io/wp/wp-includes/js/dist/vendor/ 19 KB
7 KB 231ms
112ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 13:00:51 GMT
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
age: 3337
etag: W/"61f05d81-4b3d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: XgJq1HYKWdxTAMgcKE8776z6zvzRVI233zw4UXajo56q9LA4Qn_JDw==

GET
H2 200 hooks.min.js Show response
assets.laruta.io/wp/wp-includes/js/dist/ 6 KB
2 KB 227ms
108ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 09:20:21 GMT
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
age: 16567
etag: W/"61f05d81-163a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: HAkM1gBbZUkrQygWvuuXOCrIELm233AIgWzqW-RXAgoWufCQMIWVCw==

GET
H2 200 i18n.min.js Show response
assets.laruta.io/wp/wp-includes/js/dist/ 10 KB
4 KB 601ms
483ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 13:56:29 GMT
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
etag: W/"61f05d81-28a7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: YuNF0NoYR4O0pHLzol-5uFT9NrGtkI4Va37y936StZd791FJAtxFTQ==

GET
H2 200 password-strength-meter.min.js Show response
assets.laruta.io/wp/wp-admin/js/ 1 KB
997 B 610ms
492ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-admin/js/password-strength-meter.min.js?ver=5.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fcbe9e9ff2d1c20cab10bf43dc49914e188b44ae21f34257b4a0ef5cae90f7ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 13:56:29 GMT
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
x-amz-cf-pop: MUC50-P4
etag: W/"61f05d81-463"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: -VcVl5qc978gKOTtsLmb5M8bRjKBtUduHStyLtsV27q185mrZVk5kQ==

GET
H2 200 wp-util.min.js Show response
assets.laruta.io/wp/wp-includes/js/ 1 KB
1 KB 608ms
490ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-includes/js/wp-util.min.js?ver=5.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
etag: W/"61f05d81-53c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: AH1ld7n62Xjye8VeuuRo7NRxaT6YRgNTksbUF-E-iRA-f8RducmCtA==

GET
H2 200 user-profile.min.js Show response
assets.laruta.io/wp/wp-admin/js/ 6 KB
3 KB 607ms
489ms Script
application/javascript 2600:9000:26da:a00:10:308a:6cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.laruta.io/wp/wp-admin/js/user-profile.min.js?ver=5.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:a00:10:308a:6cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b0e9b99d170703cb961022b52ebb7fcaf216448efc08f4d8b6dd7902bb562c2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
via: 1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
etag: W/"61f05d81-17d6"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: W1kadU911vMLHnPobsO7pkRXlBWnTCaN3jg7C0yvy4L-WLNqk6oE3w==

POST
H2 200 / Show response
o35839.ingest.sentry.io/api/82121/envelope/ 2 B
324 B 107ms
31ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o35839.ingest.sentry.io/api/82121/envelope/?sentry_key=9cc6b1cea4214ca5a6e907fec38bec9e&sentry_version=7

Requested by

Host: assets.laruta.io
URL: https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/parent_sentry.js?ver=1.62.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.msba.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 30 Jan 2024 13:56:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/26Dv9pY359sVsAPQLc2fjJYG8uZlcZJ8/ 108 KB
29 KB 713ms
635ms Script
text/javascript 108.138.32.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/26Dv9pY359sVsAPQLc2fjJYG8uZlcZJ8/analytics.min.js
Requested by: Host: www.msba.org
URL: https://www.msba.org/wp/wp-login.php?redirect_to=https%3A%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2F%2Femail-subscriptions%2F&utm_campaign=phishing%20scam&utm_source=dedicated&utm_medium=email&campaign=2753
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-174.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 077ce04da69f4a1cfc6a1ccb8025cd628c1b2854e54c70739141529bcb1eadf0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: A_T1fE1yCNSMJqMF9xL8x7LeTR1qiPdO
content-encoding: br
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 13:56:30 GMT
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 17 Jan 2024 20:25:21 GMT
server: AmazonS3
etag: W/"b97bb6e399c2cd0dddd93a8f36e266e8"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: sUpXwKFhChcUGWzFLp7gcuw6QRWKnkAtAbFiIFMRe6rdhxOqSUOAkw==

GET
H2 200 / Show response
www.msba.org/wp-json/wp/v2/ 269 KB
26 KB 1014ms
1012ms XHR
application/json 34.74.135.52
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.msba.org/wp-json/wp/v2/

Requested by

Host: assets.laruta.io
URL: https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/parent_sentry.js?ver=1.62.8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.74.135.52 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

52.135.74.34.bc.googleusercontent.com

Software

Resource Hash

b46a2ccfe04e97db404b0acad7b27064470161122ec4608a2d576042d6ffc98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.msba.org/wp/wp-login.php?redirect_to=https%3A%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2F%2Femail-subscriptions%2F&utm_campaign=phishing%20scam&utm_source=dedicated&utm_medium=email&campaign=2753
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains; preload
allow: GET
vary: Origin
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-robots-tag: noindex
link: <https://www.msba.org/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

GET
H2

200

MSBA-Logo-No-Tag-With-Padding-300x1181.png
cdn.laruta.io/raw/sites/7/2018/04/
Redirect Chain

https://www.msba.org/content/uploads/sites/7/2018/04/MSBA-Logo-No-Tag-With-Padding-300x1181.png
https://cdn.laruta.io/raw/sites/7/2018/04/MSBA-Logo-No-Tag-With-Padding-300x1181.png

2 KB
3 KB

161ms
48ms

Image
binary/octet-stream

2600:9000:225b:8600:5:2ea6:6180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.laruta.io/raw/sites/7/2018/04/MSBA-Logo-No-Tag-With-Padding-300x1181.png
Requested by: Host: www.msba.org
URL: https://www.msba.org/wp/wp-login.php?redirect_to=https%3A%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2F%2Femail-subscriptions%2F&utm_campaign=phishing%20scam&utm_source=dedicated&utm_medium=email&campaign=2753
Protocol: H2
Server: 2600:9000:225b:8600:5:2ea6:6180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c838785e2daeb84b6da832ab8e5f7ce92eb6edc7644b0d9f8ab15499fb8f55d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:28:41 GMT
via: 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront)
last-modified: Mon, 13 Apr 2020 21:33:20 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 1670
etag: "07b992a8f6049df216e852f751730cba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 2361
x-amz-cf-id: xnc2F1eNOkoeIWlZUIGBrysOAZtmPghb_DWuK_lKk4GGViFX_AtVeA==

Redirect headers

location: https://cdn.laruta.io/raw/sites/7/2018/04/MSBA-Logo-No-Tag-With-Padding-300x1181.png
date: Tue, 30 Jan 2024 13:56:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-redirect-by: redirection
content-type: text/html; charset=UTF-8

OPTIONS
H2 404 challenge
auth.msba.org/usernamepassword/ Frame 0
0 395ms
320ms Preflight
text/plain 2606:4700::6810:d9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.msba.org/usernamepassword/challenge

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:d9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: auth0-client,content-type
Access-Control-Request-Method: POST
Origin: https://www.msba.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=60
cf-cache-status: DYNAMIC
cf-ray: 84da37f45d370a54-AMS
content-length: 10
content-type: text/plain; charset=utf-8
date: Tue, 30 Jan 2024 13:56:29 GMT
etag: W/"a-8RJARPvfYzJdDi+ZdXbdTOYnAfo"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-not-found: 1
x-auth0-requestid: 2c4869a0d3ab48321927
x-content-type-options: nosniff

OPTIONS
H2 204 country
auth.msba.org/user/geoloc/ Frame 0
0 398ms
323ms Preflight 2606:4700::6810:d9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.msba.org/user/geoloc/country

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:d9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: auth0-client,content-type
Access-Control-Request-Method: GET
Origin: https://www.msba.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Origin, Content-Type, Accept, X-Requested-With, Authorization, Auth0-Client, X-Request-Language
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset
access-control-max-age: 1000
alt-svc: h3=":443"; ma=86400
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 84da37f45d3c0a54-AMS
date: Tue, 30 Jan 2024 13:56:29 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-auth0-requestid: edfc190e7dd4c2c51e84
x-content-type-options: nosniff

GET
H2 200 a3GAMpHrxtjOIe7D45xgNm0URBYBGx7r.js Show response
cdn.auth0.com/client/ 768 B
1 KB 245ms
245ms Script
application/x-javascript 2600:9000:26db:2e00:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/client/a3GAMpHrxtjOIe7D45xgNm0URBYBGx7r.js?t1706622989409

Requested by

Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.21.1/lock.min.js?ver=5.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:2e00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f91e321dd29448fda55250a73c5edb5dd48258fde6603754bd0adba66dab19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
tracestate: auth0-request-id=83dc98774e579a2a,auth0=true
x-auth0-requestid: 82321b88cf9616c60b19
date: Tue, 30 Jan 2024 13:56:29 GMT
via: 1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
x-cache: RefreshHit from cloudfront
server: cloudflare
ot-tracer-sampled: true
traceparent: 00-00000000000000000631c19624b45c28-2e60b1e874b218fe-01
etag: W/"300-ZLNrK2Hk99iGY2xKoPUsbb95wU4"
ot-tracer-traceid: 0631c19624b45c28
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=60, stale-while-revalidate=60, stale-if-error=86400
ot-baggage-auth0-request-id: 83dc98774e579a2a
cf-ray: 84be8005caf36955-FRA
x-robots-tag: noindex
x-amz-cf-id: xeJMX7sVTpiJNMzukBN0rQSCWbapBgFCS0UOpeZfsTzdPt8TYzDZkA==
ot-tracer-spanid: 2e60b1e874b218fe

POST challenge
auth.msba.org/usernamepassword/ 0
0

GET
H2 200 country Show response
auth.msba.org/user/geoloc/ 21 B
470 B 285ms
284ms XHR
application/json 2606:4700::6810:d9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.msba.org/user/geoloc/country

Requested by

Host: assets.laruta.io
URL: https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/parent_sentry.js?ver=1.62.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:d9f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7181be2d5cd8fd0f9887b0219504ac91e908673b779ddfe7e2f53ad1b61f2b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Auth0-Client: eyJuYW1lIjoibG9jay5qcyIsInZlcnNpb24iOiIxMS4yMS4xIiwiZW52Ijp7ImF1dGgwLmpzIjoiOS4xMi4yIn19
Referer: https://www.msba.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Jan 2024 13:56:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-auth0-requestid: c957e9385fa4925110af
alt-svc: h3=":443"; ma=86400
content-length: 21
server: cloudflare
etag: W/"15-aMXpht66OraaI5R6UXdO/M5rknE"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
access-control-allow-credentials: false
cf-ray: 84da37f658360a54-AMS

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/26Dv9pY359sVsAPQLc2fjJYG8uZlcZJ8/ 7 KB
3 KB 101ms
42ms Fetch
application/json 108.138.32.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/26Dv9pY359sVsAPQLc2fjJYG8uZlcZJ8/settings
Requested by: Host: assets.laruta.io
URL: https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/parent_sentry.js?ver=1.62.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-174.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b21c926f337ef151753a5f530a3e755e8e502ce16cce2569aa5661b149ce28bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qcJyXUUaa7uFTbNqICumQa_XJ._26b.e
content-encoding: gzip
via: 1.1 75964e4626dd702b8dac2690031df25a.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 12:12:34 GMT
x-amz-cf-pop: MUC50-P2
age: 6237
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 26 Jan 2024 21:26:53 GMT
server: AmazonS3
etag: W/"d6f21f53b10de026b25c101836ded7e9"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: 59Lp9ko9cuzMkpuqHlh4JwUxMqBwBxMjoMLVU52i5sLl4fwQMfm5ng==

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78f991561757f77208f4502582e9217ce716e6d6504ef8dd1386157636b4718f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c4acf0f28094a43f0dbf10c4850284aec88efb8ed50bf3fb4e86c13c18f59c6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 739c82a6d76dd19acf29c82dae7b53b1cf63372f3da597e027c1b8f14627391a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ajs-destination.bundle.13362ca512563a10e34d.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 30ms
30ms Script
application/javascript 108.138.32.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/26Dv9pY359sVsAPQLc2fjJYG8uZlcZJ8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-174.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:48:28 GMT
x-amz-version-id: p6tk_itArJhm1.zmwaH5aXhODx_TUmzt
content-encoding: br
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 6541683
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 15 Nov 2023 20:12:01 GMT
server: AmazonS3
etag: W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: 3gcGi76Hm4Xhhb1pIPMd1n4XU_0rrkaVCoOMZ0EPMzZQlIVgKMfQhg==

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 29ms
29ms Script
application/javascript 108.138.32.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/26Dv9pY359sVsAPQLc2fjJYG8uZlcZJ8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-174.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:37:17 GMT
x-amz-version-id: Q83vlLXgyWB6DuTGnFxHLMCEzu8jknn5
content-encoding: br
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 10325954
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 03 Oct 2023 01:26:38 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: 4RUer8UQMnDZmYzMZ1P8EuQTglhU64hkDxp9b5SePkgLeP7ISVQIEA==

GET
H2 200 bfab87631cbcb7d70964.js Show response
cdn.segment.com/next-integrations/actions/google-analytics-4-web/ 190 KB
56 KB 34ms
34ms Script
application/javascript 108.138.32.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/google-analytics-4-web/bfab87631cbcb7d70964.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/26Dv9pY359sVsAPQLc2fjJYG8uZlcZJ8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-174.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbcc12bee438733478bc68281e69f0e6031444c835279466ce3d75dc69b95c62

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: R.q4B1o9W.cldK7sIK0FcyezROk_Do4n
content-encoding: gzip
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 01:56:14 GMT
x-amz-cf-pop: MUC50-P2
age: 77887
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 26 Jan 2024 00:42:32 GMT
server: AmazonS3
etag: W/"04af00a4669e6d93238f8599aa9e0e69"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: 6HtKsh9O7aYYgZOPJ5rg9zXUUGfPsZyuymC8nCeuqxjeCFzSF7UeCA==

GET
H2 200 3afb34170d18de455d37.js Show response
cdn.segment.com/next-integrations/actions/845/ 24 KB
8 KB 31ms
31ms Script
application/javascript 108.138.32.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/845/3afb34170d18de455d37.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/google-analytics-4-web/bfab87631cbcb7d70964.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-174.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04d18bef2807591fc537180f58ede59bc3788ba3817847f2cdf5ec41d8a611d0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: HsD9W7j8_kOvkjo7SAH1hu3oW68vMSHh
content-encoding: gzip
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 06:31:38 GMT
x-amz-cf-pop: MUC50-P2
age: 77885
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 26 Jan 2024 00:42:30 GMT
server: AmazonS3
etag: W/"5343057d1293b492869e57bab8573740"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: yjREe4eqYSncTkYaQPMsex9XW3LOnZjfYKWuAFtY0GjbcmC31pS-4Q==

GET
H2 200 google-analytics.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 16 KB
5 KB 32ms
31ms Script
application/javascript 108.138.32.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/26Dv9pY359sVsAPQLc2fjJYG8uZlcZJ8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-174.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 08:03:32 GMT
content-encoding: gzip
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
x-amz-version-id: K4QGNkPJBd_QhAl8Ep7SDksdcNN7fIa5
x-amz-cf-pop: MUC50-P2
age: 3995579
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4743
last-modified: Wed, 18 Oct 2023 10:36:35 GMT
server: AmazonS3
etag: "36786f75981fc0efd629c4a89e1c78ec"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: UkMh5tTuqJ2FGB22Qt1RP7SdrUMIo44IAa3JDIWpnqTYTRAr78RgvQ==

GET
H2 200 intercom.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/intercom/3.1.0/ 4 KB
2 KB 32ms
32ms Script
application/javascript 108.138.32.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/intercom/3.1.0/intercom.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/26Dv9pY359sVsAPQLc2fjJYG8uZlcZJ8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-174.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f17f078ea883fbe048f75ab5e7371c081cbd7d85ec5d91d443512d1ecd63dfb3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:36:04 GMT
content-encoding: gzip
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
x-amz-version-id: 5b1tkua7MmGqtjD1FWqYm4X1yYVabAcO
x-amz-cf-pop: MUC50-P2
age: 1614027
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1878
last-modified: Wed, 18 Oct 2023 10:36:35 GMT
server: AmazonS3
etag: "d20b898e8b1fe44f03e532db7fe5cf4e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: 6q3BUzHLN89DcoQ7kpZJY61jqEeowJymtFIYXFS6SQei0fCnQb8Nzg==

GET
H2 200 facebook-pixel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/ 10 KB
4 KB 33ms
33ms Script
application/javascript 108.138.32.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/26Dv9pY359sVsAPQLc2fjJYG8uZlcZJ8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-174.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:34:23 GMT
content-encoding: gzip
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
x-amz-version-id: qdXzfb4GnmqZ9jlUvDFRxsDuV9F80jxN
x-amz-cf-pop: MUC50-P2
age: 19340528
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3273
last-modified: Wed, 03 May 2023 11:04:44 GMT
server: AmazonS3
etag: "4b03a476015c2ba9b9e74e895b97c12c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: Hni_lX5emy58u0BWhuv__PZDB-cWeUxmqlVXPP5R1eYZYtw2BGYWnQ==

GET
H2 200 linkedin-insight-tag.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/ 2 KB
2 KB 34ms
34ms Script
application/javascript 108.138.32.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/26Dv9pY359sVsAPQLc2fjJYG8uZlcZJ8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-174.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:53:08 GMT
content-encoding: gzip
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
x-amz-version-id: PgMPNrJn4UXeGYnax_P5hY3ZIibnCzEY
x-amz-cf-pop: MUC50-P2
age: 4471403
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1061
last-modified: Wed, 18 Oct 2023 10:36:35 GMT
server: AmazonS3
etag: "9fb524ce2b800e7ddc8a15d53c31c3d1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: BnOEFd8-VNXo7nupl-pqrzCEP-1SwbG_9S4HLymJSYvjapyFOnzwdA==

GET
H2 200 adwords.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/adwords/2.5.3/ 4 KB
2 KB 35ms
35ms Script
application/javascript 108.138.32.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/adwords/2.5.3/adwords.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/26Dv9pY359sVsAPQLc2fjJYG8uZlcZJ8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-174.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3cdfc45291898f113cf74b9db84cd914b2069a1bf948e51665789a627186f342

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 18:18:23 GMT
content-encoding: gzip
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
x-amz-version-id: kX7MQ8Dko4jLJ7bEXdgbdXt2lbAcAkqf
x-amz-cf-pop: MUC50-P2
age: 11129888
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1356
last-modified: Wed, 06 Sep 2023 07:09:30 GMT
server: AmazonS3
etag: "257fe81df53dcd4819bc1a81e78fce58"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: FLGSjO2ehGivYAiZA71IWKTZRFevzhUiTTbPXaOjI5rBgOmUx53mIw==

GET
H2 200 gosquared.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/gosquared/2.1.4/ 4 KB
2 KB 36ms
36ms Script
application/javascript 108.138.32.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/gosquared/2.1.4/gosquared.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/26Dv9pY359sVsAPQLc2fjJYG8uZlcZJ8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-174.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 503c07e33e6f2b463b1e2119502b8e65aef71e3ba82d554142688bc32034becb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 07:14:20 GMT
content-encoding: gzip
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
x-amz-version-id: UJPZXhwf2nkhGE4X3pS_k9Fb00R.2gVJ
x-amz-cf-pop: MUC50-P2
age: 456131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1655
last-modified: Wed, 18 Oct 2023 10:36:35 GMT
server: AmazonS3
etag: "1993edcfc967d93d4052118e5eb080da"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: oFZZIw2aWhvqYY9sFRy2fB6fi_iUl2B29RDSbTiUOitUM5aCW-gGMQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
82 KB 97ms
42ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZDBMD315QZ

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/845/3afb34170d18de455d37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79c86f5a6172612cd171b279a7b49390a07716c848b0373bd7159c0a27699588

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83764
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Jan 2024 13:56:30 GMT

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 35ms
33ms Script
application/javascript 108.138.32.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/26Dv9pY359sVsAPQLc2fjJYG8uZlcZJ8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-174.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 05:07:08 GMT
content-encoding: gzip
via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
x-amz-version-id: vF8NcNrfYVnvHDzXm61D3Gm3b3IL0Kde
x-amz-cf-pop: MUC50-P2
age: 26988563
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Thu, 23 Mar 2023 13:55:24 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: 5FuRDWezTHtM3nPtP_elujn1FLd2aX1EmS9y-nWE78V0xiaCeB2UoQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 155ms
49ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 13:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 501
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 30 Jan 2024 15:48:09 GMT

GET
H2 200 locf7iyl Show response
widget.intercom.io/widget/ 7 KB
3 KB 484ms
414ms Script
application/javascript 99.84.88.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/locf7iyl
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-30.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 79611170ccd9b97353939e11106f87c710196f17d538d2ce16f9d81620b440a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:55:04 GMT
content-encoding: gzip
via: 1.1 a19127e21dc5a939819061334abff380.cloudfront.net (CloudFront)
x-amz-version-id: 9QYtTRs89Ggy2z2uE9.9Ij5PSKyx4Oqb
x-amz-cf-pop: MUC50-C1
age: 87
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2705
last-modified: Tue, 30 Jan 2024 13:55:00 GMT
server: AmazonS3
etag: "5752bd9489e1ef9e9aa821128a2103eb"
vary: Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: pYcH05f7KFgL3Q7eRI5RlwRTewgZqof-0zaiCKweKU6yUlitezjykQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
58 KB 72ms
25ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

05e0d95e16595bcc9b3c0e4f2a0f1a455630f8ab577f682676162e3c87aefe20

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jan 2024 13:56:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57161
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: 0cyEje+IVuXo3DiQYaZt/rktouTCl1bvSmVz+BcQC8PB1TgKMx/mt7NrBd0Cqz/xnvz/k185lBLnORqAJ1f+tQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 91ms
28ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 14:42:29 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=37339
accept-ranges: bytes
content-length: 15732

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 46 KB
17 KB 113ms
60ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

105b732a5904cf4ab674b3cb77f34db7f364663da88c652330bdc32ad7a3da6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16848
x-xss-protection: 0
server: cafe
etag: 13310292836814682028
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 13:56:30 GMT

GET
H2 200 tracker.js Show response
d1l6p2sc9645hc.cloudfront.net/ 10 KB
5 KB 118ms
32ms Script
text/javascript 2600:9000:225b:f000:f:fd8f:b000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1l6p2sc9645hc.cloudfront.net/tracker.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:f000:f:fd8f:b000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f9b39d4685187f53d059fa79097782292ba1954f9e29d518adee023e86d90c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 05:23:25 GMT
content-encoding: gzip
via: 1.1 8ebebe66cc8de626ee8e15b2ee72d826.cloudfront.net (CloudFront)
last-modified: Tue, 28 Nov 2023 23:22:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 30790
x-amz-server-side-encryption: AES256
etag: W/"4c428f6e61b7c494241fc820f580f70e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=UTF-8
cache-control: max-age=43200, public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: S8HQM5yWUDLohb7hTWA978ExsH5Iuk7TFr8AZwTTcey1f4X59LRxvw==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 56ms
20ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZDBMD315QZ&gtm=45je41o0v9122627811&_p=1706622990381&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&cid=82347719.1706622991&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706622990&sct=1&seg=0&dl=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&dt=Log%20In%20%E2%80%B9%20Maryland%20State%20Bar%20Association%20%E2%80%93%20MSBA%20%E2%80%94%20WordPress&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4932
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDBMD315QZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 13:56:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.msba.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
243 B 72ms
24ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZDBMD315QZ&cid=82347719.1706622991&gtm=45je41o0v9122627811&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDBMD315QZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 13:56:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.msba.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 102ms
48ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZDBMD315QZ&cid=82347719.1706622991&gtm=45je41o0v9122627811&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=512095216

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 13:56:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
171 B 505ms
164ms Fetch
application/json 54.203.25.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: assets.laruta.io
URL: https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/parent_sentry.js?ver=1.62.8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.203.25.147 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-203-25-147.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.msba.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.msba.org
date: Tue, 30 Jan 2024 13:56:31 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
172 B 502ms
163ms Fetch
application/json 54.203.25.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: assets.laruta.io
URL: https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/parent_sentry.js?ver=1.62.8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.203.25.147 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-203-25-147.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.msba.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.msba.org
date: Tue, 30 Jan 2024 13:56:31 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=420913&time=1706622990595&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fs...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=420913&time=1706622990595&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fs...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D420913%26time%3D1706622990595%26url%3Dhttps%253A%252F%252Fwww.msba.org%252Fwp%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=420913&time=1706622990595&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fs...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=420913&time=1706622990595&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252F...

0
266 B

188ms
132ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=420913&time=1706622990595&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&cookiesTest=true&liSync=true&e_ipv6=AQIFGv6l3ha5dgAAAY1aqDrg1vf-08Auw8w9srIloE_LeCtGqdhPUIZoMSENSRJAdHPQ2w
Requested by: Host: www.msba.org
URL: https://www.msba.org/wp/wp-login.php?redirect_to=https%3A%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2F%2Femail-subscriptions%2F&utm_campaign=phishing%20scam&utm_source=dedicated&utm_medium=email&campaign=2753
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:30 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 283DA7CD8D514A4CAB0675C446F380E0 Ref B: BRU30EDGE0614 Ref C: 2024-01-30T13:56:31Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQKiEohgmDsXpnyE4GoQ==

Redirect headers

date: Tue, 30 Jan 2024 13:56:30 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: DE04CF68907E46288740AD7637F1CD1D Ref B: BRU30EDGE0815 Ref C: 2024-01-30T13:56:31Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=420913&time=1706622990595&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&cookiesTest=true&liSync=true&e_ipv6=AQIFGv6l3ha5dgAAAY1aqDrg1vf-08Auw8w9srIloE_LeCtGqdhPUIZoMSENSRJAdHPQ2w
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQKiEl3UiGyUXThaouew==

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/805094301/ 3 KB
2 KB 60ms
59ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/805094301/?random=1706622990606&cv=9&fst=1706622990606&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&tiba=Log%20In%20%E2%80%B9%20Maryland%20State%20Bar%20Association%20%E2%80%93%20MSBA%20%E2%80%94%20WordPress&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

212fdda324fbc14e7b75a948b952df5aebaf411ab38b6faa14d8c09f17238426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 13:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1500
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/805094301/ 5 KB
2 KB 192ms
87ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805094301/?random=1706622990608&cv=9&fst=1706622990608&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C509562773%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=path%3D%2Fwp%2Fwp-login.php%3Breferrer%3D%3Bsearch%3D%3Fredirect_to%5C%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%5C%3Dphishing%2520scam%26utm_source%5C%3Ddedicated%26utm_medium%5C%3Demail%26campaign%5C%3D2753%3Btitle%3DLog%20In%20%E2%80%B9%20Maryland%20State%20Bar%20Association%20%E2%80%93%20MSBA%20%E2%80%94%20WordPress%3Burl%3Dhttps%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%5C%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%5C%3Dphishing%2520scam%26utm_source%5C%3Ddedicated%26utm_medium%5C%3Demail%26campaign%5C%3D2753&frm=0&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&tiba=Log%20In%20%E2%80%B9%20Maryland%20State%20Bar%20Association%20%E2%80%93%20MSBA%20%E2%80%94%20WordPress&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7476020dee21b62806363e9b31b80cb9fa517bbec815b3ad93f7bc8f9900ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 13:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1520
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 749307022076761 Show response
connect.facebook.net/signals/config/ 54 KB
11 KB 217ms
216ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/749307022076761?v=2.9.143&r=stable&domain=www.msba.org&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

038373fc76078c07ff93db5383bbaa6fb36fb8c683e722b839b4254370158260

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jan 2024 13:56:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: KVrseWyjyfmXigkDsIjth4wkzB60QwRqixbyAU9yMM4tFMFzGX9jBCLOdxCHpUPDqkX9+j96dpg67uRVPyjQ7w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pv Show response
data.gosquared.com/ 8 B
77 B 323ms
104ms Script
text/javascript 3.223.242.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://data.gosquared.com/pv?cs=UTF-8&cd=24&la=en-US&sw=1600&sh=1200&dp=1&tp=0&pu=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&pt=Log%20In%20%E2%80%B9%20Maryland%20State%20Bar%20Association%20%E2%80%93%20MSBA%20%E2%80%94%20WordPress&ri=0&ru=-&re=0&vi=1&pv=1&lv=0&vw=1600&vh=1200&dw=1600&dh=1200&st=0&sl=0&tz=-60&cp=custom%3Do&rc=1&cb=0&a=GSN-106105-J&id=6c8b454f62d0dab9d69ea967590f302c&tv=6.7.1940
Requested by: Host: d1l6p2sc9645hc.cloudfront.net
URL: https://d1l6p2sc9645hc.cloudfront.net/tracker.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.242.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-242-83.compute-1.amazonaws.com
Software: /
Resource Hash: c24a65ac901ef285ee99d016d2eaebcdbadf171639d8857dd7ff6a9458ab2b6c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:30 GMT
content-length: 8
content-type: text/javascript

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 30 Jan 2024 14:06:30 GMT

GET
H3

200

/
www.google.nl/pagead/1p-conversion/805094301/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805094301/?random=870420798&cv=9&fst=1706622990606&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_a...
https://www.google.com/pagead/1p-conversion/805094301/?random=870420798&cv=9&fst=1706622990606&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=...
https://www.google.nl/pagead/1p-conversion/805094301/?random=870420798&cv=9&fst=1706622990606&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2...

42 B
64 B

66ms
65ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-conversion/805094301/?random=870420798&cv=9&fst=1706622990606&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&tiba=Log%20In%20%E2%80%B9%20Maryland%20State%20Bar%20Association%20%E2%80%93%20MSBA%20%E2%80%94%20WordPress&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CIO9sQI&pscrd=IhMIiKT9iKKFhAMVDuY7Ah3WEwhT&is_vtc=1&ocp_id=DgC5ZYjlJo7M78EP1qegmAU&cid=CAQSGwAvHhf_9aQ2oN8dQw1Eo6MycmzVxVMNa3FWtw&random=3612779590&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 13:56:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 13:56:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.nl/pagead/1p-conversion/805094301/?random=870420798&cv=9&fst=1706622990606&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&tiba=Log%20In%20%E2%80%B9%20Maryland%20State%20Bar%20Association%20%E2%80%93%20MSBA%20%E2%80%94%20WordPress&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CIO9sQI&pscrd=IhMIiKT9iKKFhAMVDuY7Ah3WEwhT&is_vtc=1&ocp_id=DgC5ZYjlJo7M78EP1qegmAU&cid=CAQSGwAvHhf_9aQ2oN8dQw1Eo6MycmzVxVMNa3FWtw&random=3612779590&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
219 B 56ms
56ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1568741450&t=pageview&_s=1&dl=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&dp=%2Fwp%2Fwp-login.php&ul=en-us&de=UTF-8&dt=Log%20In%20%E2%80%B9%20Maryland%20State%20Bar%20Association%20%E2%80%93%20MSBA%20%E2%80%94%20WordPress&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=phishing%20scam&cs=dedicated&cm=email&_u=aCDAgEAjAAAAACgCIAB~&jid=1954345178&gjid=243901120&cid=82347719.1706622991&tid=UA-11992460-1&_gid=389683193.1706622991&_slc=1&z=1576150646

Requested by

Host: assets.laruta.io
URL: https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/parent_sentry.js?ver=1.62.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60d084864ee736c6b367db84655629afaace7d4b1c7085683eaee546143395a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.msba.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 13:56:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.msba.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 25ms
24ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11992460-1&cid=82347719.1706622991&jid=1954345178&gjid=243901120&_gid=389683193.1706622991&_u=aCDAgEAjAAAAAGgCIAD~&z=1876974889

Requested by

Host: assets.laruta.io
URL: https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/parent_sentry.js?ver=1.62.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.msba.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 30 Jan 2024 13:56:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.msba.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 206ms
96ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11992460-1&cid=82347719.1706622991&jid=1954345178&_u=aCDAgEAjAAAAAGgCIAD~&z=1226943312

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 13:56:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 48ms
47ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11992460-1&cid=82347719.1706622991&jid=1954345178&_u=aCDAgEAjAAAAAGgCIAD~&z=1226943312

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 13:56:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
84 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZDBMD315QZ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

325b9d1dac18cc624dd39eb8e130084909cec3113a2ef1a78359238afd52853b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85609
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Jan 2024 13:56:30 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/805094301/ 42 B
108 B 110ms
65ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/805094301/?random=1706622990608&cv=9&fst=1706619600000&num=1&guid=ON&eid=466465926%2C509562773%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=path%3D%2Fwp%2Fwp-login.php%3Breferrer%3D%3Bsearch%3D%3Fredirect_to%5C%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%5C%3Dphishing%2520scam%26utm_source%5C%3Ddedicated%26utm_medium%5C%3Demail%26campaign%5C%3D2753%3Btitle%3DLog%20In%20%E2%80%B9%20Maryland%20State%20Bar%20Association%20%E2%80%93%20MSBA%20%E2%80%94%20WordPress%3Burl%3Dhttps%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%5C%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%5C%3Dphishing%2520scam%26utm_source%5C%3Ddedicated%26utm_medium%5C%3Demail%26campaign%5C%3D2753&frm=0&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&tiba=Log%20In%20%E2%80%B9%20Maryland%20State%20Bar%20Association%20%E2%80%93%20MSBA%20%E2%80%94%20WordPress&async=1&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_2jjpaYzc2inPBD-BEYMw_T3Suwf2cA&random=1913365107&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 13:56:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/805094301/ 42 B
154 B 35ms
35ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/805094301/?random=1706622990608&cv=9&fst=1706619600000&num=1&guid=ON&eid=466465926%2C509562773%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=path%3D%2Fwp%2Fwp-login.php%3Breferrer%3D%3Bsearch%3D%3Fredirect_to%5C%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%5C%3Dphishing%2520scam%26utm_source%5C%3Ddedicated%26utm_medium%5C%3Demail%26campaign%5C%3D2753%3Btitle%3DLog%20In%20%E2%80%B9%20Maryland%20State%20Bar%20Association%20%E2%80%93%20MSBA%20%E2%80%94%20WordPress%3Burl%3Dhttps%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%5C%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%5C%3Dphishing%2520scam%26utm_source%5C%3Ddedicated%26utm_medium%5C%3Demail%26campaign%5C%3D2753&frm=0&url=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&tiba=Log%20In%20%E2%80%B9%20Maryland%20State%20Bar%20Association%20%E2%80%93%20MSBA%20%E2%80%94%20WordPress&async=1&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_2jjpaYzc2inPBD-BEYMw_T3Suwf2cA&random=1913365107&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 13:56:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 96ms
25ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=749307022076761&ev=PageView&dl=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&rl=&if=false&ts=1706622990844&sw=1600&sh=1200&v=2.9.143&r=stable&a=seg&ec=0&o=4126&fbp=fb.1.1706622990843.1243980858&ler=empty&cdl=API_unavailable&it=1706622990616&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-2ad6591f38b3c97d7b24d960222ed1c2&exp=e0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jan 2024 13:56:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 frame-modern.3c0daf1d.js Show response
js.intercomcdn.com/ Frame 8D68 878 KB
250 KB 170ms
99ms Script
application/javascript 99.84.88.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.3c0daf1d.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/locf7iyl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-70.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

760d6b6b8cadea57b87a92c8546549534722b81fe0c9c0e7c45422f6c65316a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:55:01 GMT
content-encoding: gzip
via: 1.1 fe36c7f30c8ef2853edecc43f320092c.cloudfront.net (CloudFront)
x-amz-version-id: BqFmXOfa1GEBHCbVb17XvphDmRg00c1Q
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MUC50-C1
age: 91
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 255236
last-modified: Tue, 30 Jan 2024 13:52:54 GMT
server: AmazonS3
etag: "e06227422a265b2dc632e16d9df6d095"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: f2cM4RTShK5AirF3prR9nKr3P0x_YJVt964QcdiKeHhAFMXtvfdNLA==

GET
H2 200 vendor-modern.c93438f4.js Show response
js.intercomcdn.com/ Frame 8D68 458 KB
141 KB 105ms
34ms Script
application/javascript 99.84.88.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.c93438f4.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/locf7iyl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-70.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7bc3d8790dd96d6ddd96469f44a181b79daf78402bfdac1a1784e4668cb8d63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: PVmWOd9txiWMG8tImFv0m_r56xr6CC0I
content-encoding: gzip
via: 1.1 fe36c7f30c8ef2853edecc43f320092c.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 11:59:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MUC50-C1
age: 7029
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 143979
last-modified: Fri, 26 Jan 2024 17:34:33 GMT
server: AmazonS3
etag: "23075e5e0dab5434e3872365e9ccbba4"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: W_XvEFYczBe4n8ctkrVn_yrdT8Q5MtU69D4_K1YcLlnSVi-V9zZr8w==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 8D68 5 KB
3 KB 649ms
440ms XHR
application/json 52.2.170.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0daf1d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.2.170.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-170-208.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6a5ac4328d104cd5b51f663ef7308e6af1e5dc74fc017c379d92206cfa9e5c17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Jan 2024 13:56:31 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-02153bee0fab8bfbb
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0003m2gvn2pljo1ak4tg
x-runtime: 0.320801
server: nginx
etag: W/"6a5ac4328d104cd5b51f663ef7308e6a"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msba.org
x-intercom-version: c03770dec8a6183eb831f9bd09b65d25978eba6e
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
195 B 121ms
120ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: assets.laruta.io
URL: https://assets.laruta.io/app/themes/laruta-themosis-parent/dist/scripts/parent_sentry.js?ver=1.62.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.msba.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 30 Jan 2024 13:56:31 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 766889F520D54CABB62B03E91ACDE868 Ref B: BRU30EDGE0815 Ref C: 2024-01-30T13:56:31Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://www.msba.org
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYQKiEqueMOQhf48zs+7w==

GET
H2 200 zxcvbn.min.js Show response
www.msba.org/wp/wp-includes/js/ 803 KB
804 KB 109ms
109ms Script
application/javascript 34.74.135.52
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.msba.org/wp/wp-includes/js/zxcvbn.min.js

Requested by

Host: assets.laruta.io
URL: https://assets.laruta.io/wp/wp-includes/js/zxcvbn-async.min.js?ver=1.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.74.135.52 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

52.135.74.34.bc.googleusercontent.com

Software

Resource Hash

daa6634ed8d6376bfd22d8f68942d00e1b56db0fa8c9f90ba2af52734dd5593b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/wp/wp-login.php?redirect_to=https%3A%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2F%2Femail-subscriptions%2F&utm_campaign=phishing%20scam&utm_source=dedicated&utm_medium=email&campaign=2753
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains; preload
last-modified: Tue, 25 Jan 2022 20:28:49 GMT
accept-ranges: bytes
etag: "61f05d81-c8bdd"
content-length: 822237
content-type: application/javascript

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 49ms
49ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1568741450&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&dp=%2Fwp%2Fwp-login.php&ul=en-us&de=UTF-8&dt=Log%20In%20%E2%80%B9%20Maryland%20State%20Bar%20Association%20%E2%80%93%20MSBA%20%E2%80%94%20WordPress&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=phishing%20scam&cs=dedicated&cm=email&ec=All&ea=Viewed%20Login%20Page&ev=0&_u=aCDAgEAjAAAAAGgCIAD~&jid=&gjid=&cid=82347719.1706622991&tid=UA-11992460-1&_gid=389683193.1706622991&z=1325076423

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 10:46:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11426
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 match Show response
api-iam.intercom.io/messenger/web/rulesets/38403705/ Frame 8D68 4 KB
2 KB 858ms
857ms XHR
application/json 52.2.170.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/rulesets/38403705/match

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0daf1d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.2.170.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-170-208.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4ca1a4842e2becdbf79f6de61affe667a76775917ef942433a495874e2531b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Jan 2024 13:56:32 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-02153bee0fab8bfbb
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0001go42rqnh1ovoag20
x-runtime: 0.728267
server: nginx
etag: W/"4ca1a4842e2becdbf79f6de61affe667"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msba.org
x-intercom-version: c03770dec8a6183eb831f9bd09b65d25978eba6e
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

POST
H2 200 events Show response
api-iam.intercom.io/messenger/web/ Frame 8D68 4 B
699 B 270ms
270ms XHR
application/json 52.2.170.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/events

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0daf1d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.2.170.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-170-208.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Jan 2024 13:56:32 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-02153bee0fab8bfbb
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 000k3hqg6rhhhkf3rb3g
x-runtime: 0.135863
server: nginx
etag: W/"e10808d43975dc400731053386849f86"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msba.org
x-intercom-version: c03770dec8a6183eb831f9bd09b65d25978eba6e
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 25ms
25ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=749307022076761&ev=Viewed%20Login%20Page&dl=https%3A%2F%2Fwww.msba.org%2Fwp%2Fwp-login.php%3Fredirect_to%3Dhttps%253A%252F%252Fwww.msba.org%252Fmy-account%252Fsettings%252F%252Femail-subscriptions%252F%26utm_campaign%3Dphishing%2520scam%26utm_source%3Ddedicated%26utm_medium%3Demail%26campaign%3D2753&rl=&if=false&ts=1706622992149&cd[nonInteraction]=true&sw=1600&sh=1200&v=2.9.143&r=stable&a=seg&ec=1&o=4126&fbp=fb.1.1706622990843.1243980858&ler=empty&cdl=API_unavailable&it=1706622990616&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-58df51878ee5720966cb60271f5031bf&tm=2&exp=e0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jan 2024 13:56:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 101790400438412 Show response
api-iam.intercom.io/messenger/web/conversations/ Frame 8D68 4 KB
2 KB 402ms
402ms XHR
application/json 52.2.170.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/conversations/101790400438412

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0daf1d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.2.170.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-170-208.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c4346592d4656cea20823a656c0b1da61c99f38ab73003992dcaa0c3582aab8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Jan 2024 13:56:33 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-02153bee0fab8bfbb
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 000lu2h8o3t37c81hi7g
x-runtime: 0.280164
server: nginx
etag: W/"c4346592d4656cea20823a656c0b1da6"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msba.org
x-intercom-version: c03770dec8a6183eb831f9bd09b65d25978eba6e
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2 200 vendors~app~tooltips-modern.e8f447f4.js Show response
js.intercomcdn.com/ Frame 8D68 690 KB
160 KB 31ms
30ms Script
application/javascript 99.84.88.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendors~app~tooltips-modern.e8f447f4.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0daf1d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-70.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b2024a86c3ee85e9bb09a223bcb9106a25d0d89aa2cca0038bfcbc3b0dc3969a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: NvCKEjA.O_navtJ0XMgCAbp4oRIHIE2p
content-encoding: gzip
via: 1.1 fe36c7f30c8ef2853edecc43f320092c.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 13:32:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MUC50-C1
age: 1471
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 163203
last-modified: Fri, 26 Jan 2024 17:34:33 GMT
server: AmazonS3
etag: "6508345aabbdc6df781a529ed36f7bee"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 6z9zRDdfFHeMhmyYVm2GbfSUN-AYOpOu01K5zNC_jLGwfutGUCBQGQ==

GET
H2 200 vendors~app-modern.63b80d09.js Show response
js.intercomcdn.com/ Frame 8D68 50 KB
16 KB 39ms
39ms Script
application/javascript 99.84.88.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendors~app-modern.63b80d09.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0daf1d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-70.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2190b0cb83fb5ac63a60e923a014a6aacbc644623a3a85de31570bf0888ccbef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: RovGVlpVeS2L4Q3p22Mj7k07ayPvQPan
content-encoding: gzip
via: 1.1 fe36c7f30c8ef2853edecc43f320092c.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 13:41:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MUC50-C1
age: 898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15569
last-modified: Fri, 26 Jan 2024 17:34:33 GMT
server: AmazonS3
etag: "0045811175e9fa9161caf35ebbae8e6c"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: fyDH4257eQAyig2xGEoGhH2Bg_hs2kZFf6dQPENnIyE_nuQtIadxdA==

GET
H2 200 app~tooltips-modern.23c2afb8.js Show response
js.intercomcdn.com/ Frame 8D68 203 KB
52 KB 40ms
40ms Script
application/javascript 99.84.88.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/app~tooltips-modern.23c2afb8.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0daf1d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-70.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d469dc29eb4b38267cb93f501085752208410856ff7a15162c34c8f577593e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: gYm0XCyzfpxYh.OG61TOj.v9EysnN_X_
content-encoding: gzip
via: 1.1 fe36c7f30c8ef2853edecc43f320092c.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 13:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MUC50-C1
age: 2497
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52450
last-modified: Fri, 26 Jan 2024 17:34:33 GMT
server: AmazonS3
etag: "2822355f39334bc6e27dbacd485fd3d6"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: bMmPqgvgTynerrD8fxXgtL3RwXeWKIozXQl-GPeSHcQS8WBGBVvaKQ==

GET
H2 200 app-modern.2db34aa7.js Show response
js.intercomcdn.com/ Frame 8D68 472 KB
129 KB 43ms
42ms Script
application/javascript 99.84.88.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/app-modern.2db34aa7.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0daf1d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-70.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0a61cc27addae869ce3443c2f84f1b7d0344af68efc9f8cb8dd007fa12de8761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 12:04:48 GMT
content-encoding: gzip
via: 1.1 fe36c7f30c8ef2853edecc43f320092c.cloudfront.net (CloudFront)
x-amz-version-id: 9PW1kj0BCQWA_aBYkC8jr1cEhXPDqGt7
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MUC50-C1
age: 6705
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 131803
last-modified: Tue, 30 Jan 2024 12:02:19 GMT
server: AmazonS3
etag: "9062125b7486da4974b470a9946dad87"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: KCQmL5cMZdb8d07HzLRlobpfBys5tcK1BBszMX1encu3CmBhInAEvg==

GET
H2 206 notification.20576730.mp3
js.intercomcdn.com/audio/ Frame 8D68 22 KB
23 KB 46ms
46ms Media
audio/mpeg 99.84.88.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/audio/notification.20576730.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-70.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0e6563a609efbf837985e4c598f5f41ef3f32634e60f2abe5e124594f2ea05d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: KAswWI8VKsBQAAdQsZbbw0F7z3KGsPjF
date: Tue, 30 Jan 2024 12:16:17 GMT
via: 1.1 fe36c7f30c8ef2853edecc43f320092c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MUC50-C1
age: 6016
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-22812/22813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
Content-Length: 22813
last-modified: Fri, 26 Jan 2024 17:34:34 GMT
server: AmazonS3
etag: "205767301bc13a45332af776d517aada"
vary: Accept-Encoding
content-type: audio/mpeg
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: CEVISL034QGrCec1rdnO39YMoWwRR8tlnLX7xb7rxIZGUvGsU3J0Pw==

GET
H2 200 ping Show response
data.gosquared.com/ 6 B
74 B 105ms
105ms Script
text/javascript 3.223.242.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://data.gosquared.com/ping?gs_evt_name=Viewed%20Login%20Page&d=nonInteraction%3Dbtrue&i=0&e=event&et=2356&cb=1&a=GSN-106105-J&id=6c8b454f62d0dab9d69ea967590f302c&tv=6.7.1940
Requested by: Host: d1l6p2sc9645hc.cloudfront.net
URL: https://d1l6p2sc9645hc.cloudfront.net/tracker.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.242.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-242-83.compute-1.amazonaws.com
Software: /
Resource Hash: eb2ad463e0fd390d63acc0e4e0c064cd787cab3ee5711fc9e6e203ad1429d4c0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.msba.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:33 GMT
content-length: 6
content-type: text/javascript

GET
H3 200 vendors~message-modern.1d50ca84.js Show response
js.intercomcdn.com/ Frame 8D68 31 KB
9 KB 127ms
127ms Script
application/javascript 99.84.88.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendors~message-modern.1d50ca84.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0daf1d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

99.84.88.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-70.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

633457da47d6bcfe9a2739d9a2c378a2ca79b0f0211931cf4357830ca297632f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: eZBleS4g5peVPqfZUFmWutZJ1i5SckCE
content-encoding: gzip
via: 1.1 fc6dca2df1221c0bec817610bc20e504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 12:13:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MUC50-C1
age: 6201
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8978
last-modified: Fri, 26 Jan 2024 17:34:33 GMT
server: AmazonS3
etag: "3ac2ca222224454b52c222cee301e83c"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: Qjb4y1cEhJkH7Y2zhZGzi0YAqcVpGWhDDnGNAWsCnBm1kzQSP5Ccbw==

GET
H3 200 message-modern.45812ad7.js Show response
js.intercomcdn.com/ Frame 8D68 91 KB
25 KB 127ms
127ms Script
application/javascript 99.84.88.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/message-modern.45812ad7.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0daf1d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

99.84.88.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-70.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6a1afa43f5670971b89f5bfb3faf57b6d8db096b8096c32272dda41fccc01e2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 9P508jbYbl.OVQPPghbxg5nbzEdZm6gQ
content-encoding: gzip
via: 1.1 fc6dca2df1221c0bec817610bc20e504.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 13:15:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MUC50-C1
age: 2491
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 24695
last-modified: Fri, 26 Jan 2024 17:34:33 GMT
server: AmazonS3
etag: "a47012d27a264d0fb94f122d6d968156"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: Ziic8KnGgZtX5rjg8MuZK2V7aTxunj1vFEmxBuDHWc8aj3rbB-DtyQ==

GET
DATA 200
OK truncated
/ Frame A3E9 263 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c62424e1240037e1acb6e83db86800c98cd0616990c45a1e233e77c5ec0970f

Request headers

Referer
Origin: https://www.msba.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 close.[md5:hash:hex:8]..png
js.intercomcdn.com/images/ Frame 6A0A 183 B
637 B 30ms
30ms Image
image/png 99.84.88.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.intercomcdn.com/images/close.[md5:hash:hex:8]..png

Protocol

Security

QUIC, , AES_128_GCM

Server

99.84.88.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-70.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

260674591e5f343c0527044a9561b8741691802650897e46a8a96df3f636760b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: .7KzlE0MlUZS2egUCB_zluoj2zMCboW4
date: Tue, 30 Jan 2024 12:44:15 GMT
via: 1.1 fc6dca2df1221c0bec817610bc20e504.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MUC50-C1
age: 4354
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 183
last-modified: Fri, 26 Jan 2024 17:34:34 GMT
server: AmazonS3
etag: "c92dae59e5ba34948b36926e3e759f7b"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 0hzUkaZoUmEIwjkIazXM1zHKQKeq5p5KBAji9LDs7peP6IhaDLmYbQ==

GET
DATA 200
OK truncated
/ Frame 6A0A 92 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27cb9e06b79d04b6bf0c58926385454f298839f351652de5147a0c131a0e68d1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Screen+Shot+2024-01-29+at+3.01.43+PM.png
downloads.intercomcdn.com/i/o/947256763/96577a8995147172c0962c7b/ Frame 6A0A 584 KB
508 KB 442ms
239ms Image
image/png 3.33.152.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://downloads.intercomcdn.com/i/o/947256763/96577a8995147172c0962c7b/Screen+Shot+2024-01-29+at+3.01.43+PM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.152.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a69d63ecdf0f33068.awsglobalaccelerator.com

Software

nginx /

Resource Hash

241eee08c4e2e49ea3c9e93e2e1b44f397e55fe56585bdde2679f62f81793ef8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:56:33 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-02153bee0fab8bfbb
content-security-policy: default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
status: 200 OK
content-transfer-encoding: binary
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="Screen Shot 2024-01-29 at 3.01.43 PM.png"; filename*=UTF-8''Screen%20Shot%202024-01-29%20at%203.01.43%20PM.png
x-xss-protection: 1; mode=block
x-request-id: 000ln149cq3cqhcjksd0
x-runtime: 0.104249
last-modified: Mon, 29 Jan 2024 20:06:19 GMT
server: nginx
x-request-queueing: 0
vary: Accept-Encoding
x-frame-options: deny
content-type: image/png
x-intercom-version: c03770dec8a6183eb831f9bd09b65d25978eba6e
cache-control: max-age=86400, private

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: auth.msba.org
URL: https://auth.msba.org/usernamepassword/challenge

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.msba.org/	1969-12-31 23:59:59	Name: wordpress_test_cookie Value: WP%20Cookie%20check
www.msba.org/	1969-12-31 23:59:59	Name: auth0_state Value: eyJpbnRlcmltIjpmYWxzZSwibm9uY2UiOiJkMWE1ZDc5NDA4Yjg2MjU2ZWJiNDViYjg4NWY2NThmMjBkN2Y1ZjNiYmIwZTcyYTMxMDE5MjA0NzQ0MzUxNjU5IiwicmVkaXJlY3RfdG8iOiJodHRwczpcL1wvd3d3Lm1zYmEub3JnXC9teS1hY2NvdW50XC9zZXR0aW5nc1wvXC9lbWFpbC1zdWJzY3JpcHRpb25zXC8ifQ==
.msba.org/	1970-01-21 02:49:18	Name: ajs_anonymous_id Value: ab05e4eb-1412-4b47-9d66-6177db4109cf
.msba.org/	1970-01-21 03:39:42	Name: _ga_ZDBMD315QZ Value: GS1.1.1706622990.1.0.1706622990.60.0.0
.msba.org/	1970-01-21 03:39:42	Name: gs_v_GSN-106105-J Value:
.msba.org/	1970-01-21 03:39:42	Name: gs_u_GSN-106105-J Value: 6c8b454f62d0dab9d69ea967590f302c:2567:5000:1706622990625
.msba.org/	1970-01-21 03:39:42	Name: _ga Value: GA1.2.82347719.1706622991
.msba.org/	1970-01-20 18:05:09	Name: _gid Value: GA1.2.389683193.1706622991
.msba.org/	1970-01-20 18:03:43	Name: _gat Value: 1
.linkedin.com/	1970-01-20 20:13:18	Name: li_sugr Value: 850dd274-eb88-41fa-a538-473e6184a6b3
.linkedin.com/	1970-01-21 02:49:18	Name: bcookie Value: "v=2&412932c4-453d-4f17-8e1e-4fb4a0f00c24"
.linkedin.com/	1970-01-20 18:05:09	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2797:u=1:x=1:i=1706622990:t=1706709390:v=2:sig=AQFhOsYrPedtRPY6if5eI7vYcpzO4Vxy"
.doubleclick.net/	1970-01-20 18:03:43	Name: test_cookie Value: CheckForPermission
.msba.org/	1970-01-20 20:13:18	Name: _fbp Value: fb.1.1706622990843.1243980858
.linkedin.com/	1970-01-20 18:46:54	Name: UserMatchHistory Value: AQIoFuTndEt5aQAAAY1aqDncPZ-fsiErM9D5B6XzH1Ng4UorGxOTVaXTQpzkYgzUrvQkG7s9sbz80g
.linkedin.com/	1970-01-20 18:46:54	Name: AnalyticsSyncHistory Value: AQJZEClzQRV55AAAAY1aqDncOPMXcOUnmJoX8vK-eEhFIMJqpa0jAKFLcI7Oe84HOQate_JmhuKru-RzOGS_FA
.www.linkedin.com/	1970-01-21 02:49:18	Name: bscookie Value: "v=1&2024013013563009465bad-24a5-4872-84a4-828c37b82939AQE1KD_oMMuwqGTz1206Z-HPgIlmZmya"
.linkedin.com/	1970-01-20 22:22:54	Name: li_gc Value: MTswOzE3MDY2MjI5OTA7MjswMjEGdCwxCs9lSZDpmyk1sCzbBt/zUfU9kzKzOqaIQWZWAw==
.msba.org/	1970-01-21 00:32:32	Name: intercom-id-locf7iyl Value: 62b80b7f-37d6-4f4f-ba74-f0535fd63a0b
.msba.org/	1970-01-20 18:13:47	Name: intercom-session-locf7iyl Value:
.msba.org/	1970-01-21 00:32:32	Name: intercom-device-id-locf7iyl Value: 21149217-c433-4beb-a376-9c199d06e9fd

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.msba.org/wp/wp-login.php?redirect_to=https%3A%2F%2Fwww.msba.org%2Fmy-account%2Fsettings%2F%2Femail-subscriptions%2F&utm_campaign=phishing%20scam&utm_source=dedicated&utm_medium=email&campaign=2753 Message: Access to XMLHttpRequest at 'https://auth.msba.org/usernamepassword/challenge' from origin 'https://www.msba.org' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://auth.msba.org/usernamepassword/challenge Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://connect.facebook.net/signals/config/749307022076761?v=2.9.143&r=stable&domain=www.msba.org&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 95) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.segment.io
assets.laruta.io
auth.msba.org
cdn.auth0.com
cdn.icomoon.io
cdn.laruta.io
cdn.polyfill.io
cdn.segment.com
cdnjs.cloudflare.com
connect.facebook.net
d1azc1qln24ryf.cloudfront.net
d1l6p2sc9645hc.cloudfront.net
data.gosquared.com
downloads.intercomcdn.com
googleads.g.doubleclick.net
js.intercomcdn.com
links.msba.org
o35839.ingest.sentry.io
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
stats.g.doubleclick.net
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.msba.org
auth.msba.org
108.138.32.174
13.107.42.14
142.250.186.34
2001:4860:4802:32::36
2400:52e0:1e00::1053:1
2600:9000:225b:5400:16:fecd:21c0:21
2600:9000:225b:8600:5:2ea6:6180:93a1
2600:9000:225b:f000:f:fd8f:b000:93a1
2600:9000:26da:a00:10:308a:6cc0:93a1
2600:9000:26db:2e00:10:474e:104a:2961
2606:4700::6810:d9f1
2606:4700::6811:180e
2620:1ec:21::14
2a00:1450:4001:806::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c06::9c
2a02:26f0:3500:16::215:1484
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::282
2a06:98c1:3120::3
3.223.242.83
3.33.152.127
34.120.195.249
34.74.135.52
52.2.170.208
54.203.25.147
99.84.88.30
99.84.88.70
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
038373fc76078c07ff93db5383bbaa6fb36fb8c683e722b839b4254370158260
04d18bef2807591fc537180f58ede59bc3788ba3817847f2cdf5ec41d8a611d0
05e0d95e16595bcc9b3c0e4f2a0f1a455630f8ab577f682676162e3c87aefe20
062d8167bc405094e000b7d3af11deba7a4ecff663aff087d7b19ef51c05ff6c
077ce04da69f4a1cfc6a1ccb8025cd628c1b2854e54c70739141529bcb1eadf0
0a61cc27addae869ce3443c2f84f1b7d0344af68efc9f8cb8dd007fa12de8761
0e6563a609efbf837985e4c598f5f41ef3f32634e60f2abe5e124594f2ea05d0
105b732a5904cf4ab674b3cb77f34db7f364663da88c652330bdc32ad7a3da6c
109cdd7ef931af5342f8282754524658d3817fbb3f4476f46548fb66a9fb2e3e
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
212fdda324fbc14e7b75a948b952df5aebaf411ab38b6faa14d8c09f17238426
2190b0cb83fb5ac63a60e923a014a6aacbc644623a3a85de31570bf0888ccbef
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
241eee08c4e2e49ea3c9e93e2e1b44f397e55fe56585bdde2679f62f81793ef8
243d0318292081b26db69dad7403b07a4f8c302076bad5ff2f51ce135e19390e
24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49
260674591e5f343c0527044a9561b8741691802650897e46a8a96df3f636760b
27582db28c29b09a842c2804dcf69698d67d3011f383b2826f8e59e165f646a6
27cb9e06b79d04b6bf0c58926385454f298839f351652de5147a0c131a0e68d1
2c62424e1240037e1acb6e83db86800c98cd0616990c45a1e233e77c5ec0970f
2f9b39d4685187f53d059fa79097782292ba1954f9e29d518adee023e86d90c1
325a5beda6e0e0688e1db8404e2973b24ea0c825156fbdeb3f4954a44b6fcc04
325b9d1dac18cc624dd39eb8e130084909cec3113a2ef1a78359238afd52853b
38a7a5628e536d54062615d2b9b779b885facd3c488ec4b25a6ec6ec5347d0af
3c4766e71dd198e8aaee3433ace80c6b6e865d18a24f4267674b804e3feba0eb
3cdfc45291898f113cf74b9db84cd914b2069a1bf948e51665789a627186f342
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c838785e2daeb84b6da832ab8e5f7ce92eb6edc7644b0d9f8ab15499fb8f55d
4ca1a4842e2becdbf79f6de61affe667a76775917ef942433a495874e2531b72
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
503c07e33e6f2b463b1e2119502b8e65aef71e3ba82d554142688bc32034becb
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
57c4309a070f8b93f72fe8042008d667c6b73da830278885f7e9fbaeca94d305
5ad1b65b6c73b54a44aa1be008959293c83d6eb5ee99ed2535d6ee256d573de1
5c4acf0f28094a43f0dbf10c4850284aec88efb8ed50bf3fb4e86c13c18f59c6
60d084864ee736c6b367db84655629afaace7d4b1c7085683eaee546143395a7
633457da47d6bcfe9a2739d9a2c378a2ca79b0f0211931cf4357830ca297632f
6a1afa43f5670971b89f5bfb3faf57b6d8db096b8096c32272dda41fccc01e2f
6a5ac4328d104cd5b51f663ef7308e6af1e5dc74fc017c379d92206cfa9e5c17
7053006f6e991d8d96a6cbea5d1cad9247e36451be9ce65c96c08efe933f5ff6
7181be2d5cd8fd0f9887b0219504ac91e908673b779ddfe7e2f53ad1b61f2b8f
739c82a6d76dd19acf29c82dae7b53b1cf63372f3da597e027c1b8f14627391a
760d6b6b8cadea57b87a92c8546549534722b81fe0c9c0e7c45422f6c65316a0
78f991561757f77208f4502582e9217ce716e6d6504ef8dd1386157636b4718f
79611170ccd9b97353939e11106f87c710196f17d538d2ce16f9d81620b440a8
79c86f5a6172612cd171b279a7b49390a07716c848b0373bd7159c0a27699588
7bc3d8790dd96d6ddd96469f44a181b79daf78402bfdac1a1784e4668cb8d63d
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86669f0412fff3ba05a09c21f077c7a9ec4d9054633216b6ce04eb3c6c57538b
8bf8a7be8846cab44743b02cabad3cfce170be838855807df0c7a2124c86b09f
91f91e321dd29448fda55250a73c5edb5dd48258fde6603754bd0adba66dab19
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
948c6f0421cdbde0a3d53d76c71d56990c0b3659524dd10be54249ce32ca8d1c
a0298b33183ea24af7a7c306805173f3edf5c0f7b2a2b57c682274c2f46bb4da
a263951ba358b2b766fe5e06c24a5869f2a67aeee53a4ba7d3b1f9d478fc3c34
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a56bde4ff2dfc7ae7f081828a728514e80606e1d555f58babb469050a5756630
b0e9b99d170703cb961022b52ebb7fcaf216448efc08f4d8b6dd7902bb562c2b
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b2024a86c3ee85e9bb09a223bcb9106a25d0d89aa2cca0038bfcbc3b0dc3969a
b21c926f337ef151753a5f530a3e755e8e502ce16cce2569aa5661b149ce28bc
b226301bd09027047ba1670e361d5bd51eaea02f10ce12b586c13292493a30d8
b46a2ccfe04e97db404b0acad7b27064470161122ec4608a2d576042d6ffc98a
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c24a65ac901ef285ee99d016d2eaebcdbadf171639d8857dd7ff6a9458ab2b6c
c4346592d4656cea20823a656c0b1da61c99f38ab73003992dcaa0c3582aab8b
c4ff322edc2f8446033b2049b618e62d7aa62f0d199c890ee3c92fffacf18246
c95d2c699112c4706a7d27cd9dc1f4e38cb71876ecc4b6496d0426bb1ad7bfdd
cbcc12bee438733478bc68281e69f0e6031444c835279466ce3d75dc69b95c62
d1a2a584448e94ad6f4ed4c254c8f11abc8442f4f12059f0807d73e874872418
d469dc29eb4b38267cb93f501085752208410856ff7a15162c34c8f577593e5b
d7476020dee21b62806363e9b31b80cb9fa517bbec815b3ad93f7bc8f9900ac1
daa6634ed8d6376bfd22d8f68942d00e1b56db0fa8c9f90ba2af52734dd5593b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99
e93e18f2f34a865e27d2d839eaccca6bec750d357f1c937980026d6d25507c2c
eb2ad463e0fd390d63acc0e4e0c064cd787cab3ee5711fc9e6e203ad1429d4c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17f078ea883fbe048f75ab5e7371c081cbd7d85ec5d91d443512d1ecd63dfb3
f2c4a355f2a88ce6793b73c3a6cddb3703355d2b74a6cff0dc2ff81383480a01
f4c913545fa96161776a0675fbcd153b40d94a1b071ca939cdcc1b5a32a359d8
f7ad9eb76ed78a7865d76eda2b99c094b982f3266b779f08089cccf68ee45773
fbc76c5f10f511a2a04a54ba1d8d50babed92bfa5ee1f46b2ea2ea0bac9bd862
fcbe9e9ff2d1c20cab10bf43dc49914e188b44ae21f34257b4a0ef5cae90f7ac
fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

www.msba.org Open in urlscan Pro 34.74.135.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

95 %HTTPS

66 %IPv6

23 Domains

33 Subdomains

31 IPs

3 Countries

3056 kBTransfer

7442 kBSize

21 Cookies

1 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.msba.org Open in urlscan Pro
34.74.135.52 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

95 %
HTTPS

66 %
IPv6

23
Domains

33
Subdomains

31
IPs

3
Countries

3056 kB
Transfer

7442 kB
Size

21
Cookies

106 HTTP transactions
5 data transactions