invisionmag.com Open in urlscan Pro
2a06:98c1:3121::a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Submission: On May 20 via manual (May 20th 2022, 1:22:32 am UTC) from PH — Scanned from DE

Summary HTTP 56 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 56 HTTP transactions. The main IP is 2a06:98c1:3121::a, located in United States and belongs to CLOUDFLARENET, US. The main domain is invisionmag.com.
TLS certificate: Issued by E1 on May 13th 2022. Valid for: 3 months.

This is the only time invisionmag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2a06:98c1:312... 2a06:98c1:3121::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	204.180.130.190 204.180.130.190	53866 (QTS-AS) (QTS-AS)
5	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
1	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.120.202.204 34.120.202.204	15169 (GOOGLE) (GOOGLE)
3	205.162.42.5 205.162.42.5	53866 (QTS-AS) (QTS-AS)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	204.180.130.159 204.180.130.159	53866 (QTS-AS) (QTS-AS)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
56	14

17 2a06:98c1:3121::a (United States)

ASN13335 (CLOUDFLARENET, US)

invisionmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 204.180.130.190 (United States)

ASN53866 (QTS-AS, US)

smartworkmedia.dragonforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.162.42.5 (United States)

ASN53866 (QTS-AS, US)
PTR: cdn.omeda.com

cdn.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hostedcontent.dragonforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.180.130.159 (United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com

olytics.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	invisionmag.com invisionmag.com	216 KB
13	gstatic.com fonts.gstatic.com	264 KB
10	dragonforms.com smartworkmedia.dragonforms.com hostedcontent.dragonforms.com — Cisco Umbrella Rank: 70936	82 KB
7	vimeocdn.com i.vimeocdn.com — Cisco Umbrella Rank: 3149 f.vimeocdn.com — Cisco Umbrella Rank: 3279 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3120	241 KB
3	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1827 vimeo.com — Cisco Umbrella Rank: 1661	11 KB
2	omeda.com cdn.omeda.com — Cisco Umbrella Rank: 40626 olytics.omeda.com — Cisco Umbrella Rank: 24335	82 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 660	29 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	3 KB
56	10

	Domain	Requested by
17	invisionmag.com	invisionmag.com
13	fonts.gstatic.com	fonts.googleapis.com
8	smartworkmedia.dragonforms.com	invisionmag.com smartworkmedia.dragonforms.com code.jquery.com
3	f.vimeocdn.com	player.vimeo.com
2	hostedcontent.dragonforms.com	smartworkmedia.dragonforms.com
2	fresnel.vimeocdn.com	f.vimeocdn.com
2	i.vimeocdn.com	player.vimeo.com
2	player.vimeo.com	invisionmag.com
1	www.googletagservices.com	olytics.omeda.com
1	pagead2.googlesyndication.com	olytics.omeda.com
1	olytics.omeda.com	smartworkmedia.dragonforms.com
1	code.jquery.com	smartworkmedia.dragonforms.com
1	cdn.omeda.com	smartworkmedia.dragonforms.com
1	vimeo.com	f.vimeocdn.com
1	fonts.googleapis.com	invisionmag.com
56	15

This site contains links to these domains. Also see Links.

Domain
education.invisionmag.com
smartworkmedia.dragonforms.com
smartworkmedia.com
www.facebook.com
twitter.com
www.instagram.com
www.evergreenhealth.com
healthitsecurity.com

Subject Issuer	Validity	Valid
*.invisionmag.com E1	`2022-05-13` - `2022-08-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-01` - `2023-03-31`	a year	crt.sh
*.omeda.com SSL.com RSA SSL subCA	`2021-07-16` - `2022-07-21`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-17` - `2023-06-18`	a year	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2022-03-18` - `2023-03-17`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2022-04-10` - `2022-07-09`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Frame ID: 8EB922943C78F1F47438B3FDEBC84E94
Requests: 36 HTTP requests in this frame

Frame: https://player.vimeo.com/video/705599020?h=5f8ab223f4
Frame ID: 3B1DEFCF9B225265E499344C9476C17A
Requests: 10 HTTP requests in this frame

Frame: https://smartworkmedia.dragonforms.com/loading.do?omedasite=INV_nlshort
Frame ID: A58B32900C56C7382141A45D5D62A278
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Data Breach Hits Eye Clinic in Seattle Area | INVISIONMAG.COM

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

100 %
HTTPS

46 %
IPv6

10
Domains

15
Subdomains

14
IPs

4
Countries

929 kB
Transfer

2632 kB
Size

4
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://education.invisionmag.com/
Title: INVISION Academy

Search URL Search Domain Scan URL

URL: https://smartworkmedia.dragonforms.com/IV_nl
Title: Subscribe to Bulletins

Search URL Search Domain Scan URL

URL: https://smartworkmedia.com/landing-page-invision/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://smartworkmedia.com//wp-content/uploads/key-content/invision-2022-media-guide-FINAL.pdf
Title: Download Our Media Kit

Search URL Search Domain Scan URL

URL: https://smartworkmedia.com/raves/invision-raves/
Title: INVISION Reader Raves

Search URL Search Domain Scan URL

URL: https://smartworkmedia.com/the-team/
Title: Contact INVISION

Search URL Search Domain Scan URL

URL: https://www.facebook.com/invisionmag/

Search URL Search Domain Scan URL

URL: https://twitter.com/invisionmag

Search URL Search Domain Scan URL

URL: https://www.instagram.com/invision.mag/

Search URL Search Domain Scan URL

URL: https://www.evergreenhealth.com/about-us/notice-of-eye-care-leaders-data-security-incident/
Title: notice on its website

Search URL Search Domain Scan URL

URL: https://healthitsecurity.com/news/illinois-gastroenterology-group-data-breach-impacts-228k
Title: reported

Search URL Search Domain Scan URL

URL: https://smartworkmedia.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/ 204 KB
30 KB 527ms
494ms Document
text/html 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29441e2ed7e703d12623ef364fc2519e07da518fdba4cc6986126e1f5c4759aa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 70e142e5ed7e5cb0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 20 May 2022 01:22:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 20 May 2022 01:22:25 GMT
last-modified: Thu, 19 May 2022 16:10:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmHsSALayW4kD77NjBxJdlZoTXDftSkPOcmIUUi8gVtcFCf5kglqblzcrqLKULbutVFPmVWh8fRAqtUV%2BUfVuU9t6A1rzUWtIs88YKfexRkuF%2B%2BcM0PMtNS3QaD8ONlqLDZeoLhf%2F7FIxQK0NWo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 css
fonts.googleapis.com/ 53 KB
3 KB 55ms
24ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700%2C900%7COswald%3A400%2C700%7CAdvent%20Pro%3A700%7COpen%20Sans%3A700%7CAnton%3A400Encode%20Sans%20Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CEncode%20Sans%20Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CEncode%20Sans%20Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CEncode%20Sans%20Semi%20Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CBitter%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CEncode%20Sans%20Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26amp%3Bsubset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese&display=swap

Requested by

Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1d9687609572008b1c058d5cff51d96dab45ff0ad7eeefc8541660b036d1391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invisionmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 May 2022 01:22:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 20 May 2022 01:22:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 May 2022 01:22:27 GMT

GET
H2 200 c469a5b29145b17a977af39759f4f896.css
invisionmag.com/wp-content/cache/min/1/ 448 KB
66 KB 24ms
23ms Stylesheet
text/css 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://invisionmag.com/wp-content/cache/min/1/c469a5b29145b17a977af39759f4f896.css
Requested by: Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 003cf2c7fabbd37f108e4f2c30ed0b4e86ae4e7fcdeac64bb8ed4d491adbb583

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1310657
cf-polished: origSize=459220
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 May 2022 20:50:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwJNaakwqD0Pue5K01K5ty2pIbwpcsC0mOWOKNFUNRNgRPLvu%2FG00U0R2TWONPvS0edBNfMqdjighjOVlTeRJippy3LBa7csi9NwF9KP1aeu%2FWuk%2FkVbEklpNOVoKnXW%2FpQRkqE3UgDY%2BUZk%2BR0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 70e142e928b55cb0-FRA
expires: Thu, 04 May 2023 21:18:08 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d5538b6bf43abc973e459c38e06b238168a8fc2fc5a5d6ffa64a75bae46bc34

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 3qT7oiKqnDuUtQUEHMoXcmspmy55SFWrXFRp9FTOG1Q91tFAZ9U.woff2
fonts.gstatic.com/s/encodesanssemicondensed/v10/ 21 KB
21 KB 53ms
25ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesanssemicondensed/v10/3qT7oiKqnDuUtQUEHMoXcmspmy55SFWrXFRp9FTOG1Q91tFAZ9U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700%2C900%7COswald%3A400%2C700%7CAdvent%20Pro%3A700%7COpen%20Sans%3A700%7CAnton%3A400Encode%20Sans%20Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CEncode%20Sans%20Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CEncode%20Sans%20Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CEncode%20Sans%20Semi%20Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CBitter%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CEncode%20Sans%20Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26amp%3Bsubset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6d3b14e59a8c0b41c3e58a77040d0ae174bb716093b7f4a1f211a34ef8d8a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://invisionmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21600
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:38:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 May 2023 01:22:27 GMT

GET
H2 200 3qT7oiKqnDuUtQUEHMoXcmspmy55SFWrXFRp9FTOG1Qt0dFAZ9U.woff2
fonts.gstatic.com/s/encodesanssemicondensed/v10/ 21 KB
21 KB 47ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesanssemicondensed/v10/3qT7oiKqnDuUtQUEHMoXcmspmy55SFWrXFRp9FTOG1Qt0dFAZ9U.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7362df145ffb1c4d7d9c6ba5de7d6b53d330b433564258440b72fe1a25f731c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://invisionmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:58:59 GMT
x-content-type-options: nosniff
age: 5008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21808
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:59:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 23:58:59 GMT

GET
H2 200 j8_46_LD37rqfuwxyIuaZhE6cRXOLtm2gfT-dYyZAC4I.woff2
fonts.gstatic.com/s/encodesanscondensed/v10/ 21 KB
21 KB 37ms
10ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesanscondensed/v10/j8_46_LD37rqfuwxyIuaZhE6cRXOLtm2gfT-dYyZAC4I.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2123f408e24aef68f451ccbe5370ec3c92354c75d3e58188d31e6b9618edafb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://invisionmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:56:03 GMT
x-content-type-options: nosniff
age: 5184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21596
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:47:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 23:56:03 GMT

GET
H2 200 3qT7oiKqnDuUtQUEHMoXcmspmy55SFWrXFRp9FTOG1Rl19FAZ9U.woff2
fonts.gstatic.com/s/encodesanssemicondensed/v10/ 21 KB
21 KB 49ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesanssemicondensed/v10/3qT7oiKqnDuUtQUEHMoXcmspmy55SFWrXFRp9FTOG1Rl19FAZ9U.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e4275835ffb333a0e4f522fec029b223208757a92f0ddf82508b1ab937aa102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://invisionmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 03:24:50 GMT
x-content-type-options: nosniff
age: 597457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21804
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:59:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 03:24:50 GMT

GET
H3 200 fontawesome-webfont.woff2
invisionmag.com/wp-content/themes/zox-news-child/font-awesome/fonts/ 70 KB
71 KB 19ms
18ms Font
font/woff2 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://invisionmag.com/wp-content/themes/zox-news-child/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: invisionmag.com
URL: https://invisionmag.com/wp-content/cache/min/1/c469a5b29145b17a977af39759f4f896.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://invisionmag.com/wp-content/cache/min/1/c469a5b29145b17a977af39759f4f896.css
Origin: https://invisionmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1308275
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71896
last-modified: Mon, 06 Aug 2018 20:08:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrKulnt3weqS6ZZ9F2kuIl6VkodrfleAw5U0XolkHv4zG%2FiYKiGxheP0NyTVA2BmVc0G3ZhKnsjE2QTtj0z%2BvIQ1cGLkiX9MvOoTweDhLk1puaeMnKaWUb%2BPo9Hps%2BxjH9Nn4o7av8m4cFixoxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70e142e9bca68ff2-FRA
expires: Thu, 01 Sep 2022 21:57:50 GMT

GET
H2 200 3qT4oiKqnDuUtQUEHMoXcmspmy55SFWrXFRp9FTOG1yW9MQ.woff2
fonts.gstatic.com/s/encodesanssemicondensed/v10/ 21 KB
22 KB 51ms
24ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesanssemicondensed/v10/3qT4oiKqnDuUtQUEHMoXcmspmy55SFWrXFRp9FTOG1yW9MQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1a36023a08c74591bd777c344a8d5e21b9200275cd8a131592df75cf867ff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://invisionmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:58:59 GMT
x-content-type-options: nosniff
age: 5008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22000
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:37:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 23:58:59 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 16 KB
17 KB 35ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://invisionmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:12:36 GMT
x-content-type-options: nosniff
age: 292191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16360
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 16:12:36 GMT

GET
H2 200 rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v26/ 30 KB
30 KB 22ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v26/rax8HiqOu8IVPmn7f4xp.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebb47fd79ee856806fec5c85f947b3a908cbe3cfef92099fa4c9b481f092f6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://invisionmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 22:20:26 GMT
x-content-type-options: nosniff
age: 183721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30792
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 20:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 22:20:26 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e858d72f8da26509ac78dc79362db7db0b5a4a5cc9f3154012222b4ea929ca8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 email-decode.min.js Show response
invisionmag.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
9ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://invisionmag.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 May 2022 19:29:40 GMT
server: cloudflare
etag: W/"6283f7a4-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N66rBg15nKiJoN8R8QK2uBTYGwdrILxc5N8bbimq%2BfP%2FSJ5DSx1x49kJslUbcB83zpwGmh3O72%2B8pXzBdNzhjxZ2pjHEX4k8VofUzjyfDlCXzIN0AZQkG9nx1VVqNMB3kzV0vhFSornxL60fzZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70e142e9ecbe8ff2-FRA
vary: Accept-Encoding
expires: Sun, 22 May 2022 01:22:27 GMT

GET
H3 200 lazyload.min.js Show response
invisionmag.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 16ms
15ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://invisionmag.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1309724
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 11 Apr 2022 06:13:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIUoIBZCAlUCXubgHGKUOFvvhbgsOpLcjlAkwNMEaxHxjxtnppci0KWC7e7ErU9B%2F%2BfaFywcwH07CgufTa20yApO1s84SdYOVI0Qvlf4sfjGG6QJBrAaxsuqqmn%2Fl%2B7Y1FsDQqdxOXUK7OnuEPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 70e142e9ecc18ff2-FRA
expires: Thu, 04 May 2023 21:33:41 GMT

GET
H3 200 j8_46_LD37rqfuwxyIuaZhE6cRXOLtm2gfT-PYqZAC4I.woff2
fonts.gstatic.com/s/encodesanscondensed/v10/ 21 KB
21 KB 26ms
10ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesanscondensed/v10/j8_46_LD37rqfuwxyIuaZhE6cRXOLtm2gfT-PYqZAC4I.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d52f1f1c0e3e9e237c7604afefa8d784064f688c76293e3f1102dab32a830925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://invisionmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:56:03 GMT
x-content-type-options: nosniff
age: 5184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21624
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:59:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 23:56:03 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://invisionmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 310480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:07:47 GMT

GET
H3 200 3qT7oiKqnDuUtQUEHMoXcmspmy55SFWrXFRp9FTOG1RJ0NFAZ9U.woff2
fonts.gstatic.com/s/encodesanssemicondensed/v10/ 22 KB
22 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesanssemicondensed/v10/3qT7oiKqnDuUtQUEHMoXcmspmy55SFWrXFRp9FTOG1RJ0NFAZ9U.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23a13f579a421695af30c628a6021c8ae5c1a41aa612b5420061577140635ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://invisionmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:58:59 GMT
x-content-type-options: nosniff
age: 5008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22032
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:49:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 23:58:59 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://invisionmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 19:06:05 GMT
x-content-type-options: nosniff
age: 281782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 19:06:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://invisionmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:43:04 GMT
x-content-type-options: nosniff
age: 304763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 12:43:04 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b85175c21358b9c4e67033cef7ea98ed3f508ded187fd5a627bf9c77c0f74fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK 705599020 Show response
player.vimeo.com/video/ Frame 3B1D 16 KB
9 KB 176ms
151ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/705599020?h=5f8ab223f4

Requested by

Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ba9da5bbade4ae4151df3df74a6053c9e98bfc0750a702f0eef67ad3129f8c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://invisionmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 70e142ea7a7b90ac-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 May 2022 01:22:27 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: MISS
X-Cache-Hits: 0
X-Player-Backend: p
X-Served-By: cache-fra19140-FRA
X-Timer: S1653009748.624219,VS0,VE113
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
expires: Fri, 20 May 2022 01:25:30 GMT
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
x-backend-proxy: playproxy5
x-bapp-server: player-v085-w86vl
x-content-type-options: nosniff
x-host: player-v085-w86vl
x-varnish-cache: 1
x-vserver: playproxy-prod-varnish-4
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e29046c63169796f2fa316ef20a80b088b7264ea6392cc4b2383af80d2760f20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5390e9facc0ddb3ebb2236c1c797ba47be28e4173b948f172d133e4f8ce5748e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-M.woff2
fonts.gstatic.com/s/encodesanscondensed/v10/ 21 KB
21 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesanscondensed/v10/j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-M.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

140ee2462b736e743b7f9b2dd82f41ecfa63f17a818739fec426067500edb49c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://invisionmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:51:24 GMT
x-content-type-options: nosniff
age: 5463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21560
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 23:51:24 GMT

GET
H/1.1 200 init.do Show response
smartworkmedia.dragonforms.com/ Frame A58B 272 B
616 B 625ms
120ms Document
text/html 204.180.130.190
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://smartworkmedia.dragonforms.com/init.do?omedasite=INV_nlshort

Requested by

Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.190 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

854077e257a6b1b0a462dd0eaee23d0dc6e70e4af61d0999997b281e9312a8f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://invisionmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 20 May 2022 01:22:28 GMT
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H3 200 invision-logo-1x.png
invisionmag.com/wp-content/uploads/2020/05/ 8 KB
9 KB 13ms
13ms Image
image/png 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://invisionmag.com/wp-content/uploads/2020/05/invision-logo-1x.png
Requested by: Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d7128bc5d2a1894037ef6f93c594ed0f3522022892c6d0c36cf94dca2685d88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 553945
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8298
last-modified: Mon, 25 May 2020 08:11:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNI%2FDc5o2DqzDtGU6mr3CDDMqAYWLicka6SXtuOauc%2BzRZGT9PhGljHMfW23FUSRHXMREq61SrKcnI6W25UxDfHBq1yaGUS%2BfWkypFd7CYeyO0G5huHSlt1oY%2F1CIxlg1eCVQFtQA6CAnHiDnv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70e142eacd7f8ff2-FRA
expires: Sat, 10 Sep 2022 15:30:01 GMT

GET
H3 200 invision-mag-author-mugshot-150x150.jpg
invisionmag.com/wp-content/uploads/2018/11/ 8 KB
8 KB 14ms
14ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://invisionmag.com/wp-content/uploads/2018/11/invision-mag-author-mugshot-150x150.jpg
Requested by: Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d386b8939c3eb6cf8ab8282573ac30ef78dc9714795256f09d2627a56617de88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 553945
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7784
last-modified: Wed, 21 Oct 2020 14:36:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rn9NkAjKfL933bsVkpVvlUT3nh%2F3saQt5Ga5Jiue2JKkHfGuoVqGoJ4AKEN3A0ZeB1Z12dHDHGp72%2F3Kw9793ZijjhssoWIc69AhJvAVaNX9r6MaykKjdRApAbx2%2FQGBldArpwalU6Oi3TrzO5E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70e142eacd818ff2-FRA
expires: Sat, 10 Sep 2022 15:30:01 GMT

GET
H3 200 Screen-Shot-2022-03-29-at-7.22.22-PM-80x80.jpg
invisionmag.com/wp-content/uploads/2022/04/ 3 KB
3 KB 376ms
376ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://invisionmag.com/wp-content/uploads/2022/04/Screen-Shot-2022-03-29-at-7.22.22-PM-80x80.jpg
Requested by: Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c292c744b07d9abf2ef458dc804b581b6d2658a33d3dedb93c1ccc2434fdd70b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2769
last-modified: Thu, 28 Apr 2022 03:58:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3alVOOItD6s%2BcPkidkwz6tc0xchJuA34GWDYb3kts4hIM4Qg28xasUcOm8ZBhsYHVti2r7B77FP6eqC8Jn5sPGizifJYeA0aMKSgWRLQ8L8ssraRDt7a8nGTGdMq5ENz5Y0i94%2FDeL55b08QWI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70e142eaed918ff2-FRA
expires: Sat, 17 Sep 2022 01:22:26 GMT

GET
H3 200 overheard-optometry2-80x80.jpg
invisionmag.com/wp-content/uploads/2019/04/ 2 KB
3 KB 377ms
377ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://invisionmag.com/wp-content/uploads/2019/04/overheard-optometry2-80x80.jpg
Requested by: Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1add7b4ab4f1b6ebe16eaedee3ed009fe207c72b8022a34e51a2b8ea8e4a04b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2303
last-modified: Thu, 11 Apr 2019 08:02:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8gBkkENJQJ5K2%2Blmc4Oc%2B%2B%2F7kF398sxji99OuWcCWS2z8adeEymPxfv7mOLcG1nYVBXWU%2BNg9lCeLhGzKXtzdka8Ci69%2BeC0v2myeYy6NYd6jG0v7dTNjBHXqxqczqC0jUBxeL833VQ4dVVbCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70e142eaed928ff2-FRA
expires: Sat, 17 Sep 2022 01:22:26 GMT

GET
H3 200 Screen-Shot-2022-05-03-at-10.24.38-80x80.jpg
invisionmag.com/wp-content/uploads/2022/05/ 2 KB
3 KB 13ms
12ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://invisionmag.com/wp-content/uploads/2022/05/Screen-Shot-2022-05-03-at-10.24.38-80x80.jpg
Requested by: Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09c1228de80e3c63e9a13bf809fb07f8a4481db548701b4b0c597c422d055c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60931
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2284
last-modified: Tue, 03 May 2022 03:25:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTQTPfuzEOex%2B3n9Xti9zVmMOQiDEBkrFT5xRfQQc6DNijcQ7n5T01GdYKIhr2yUnUYJQpbOQZNUu8sB3jMja%2BWnzDLQpDUAN1cYvFBjhV2J8hKxFF0xeHD3SNfahwkfcU0tLN2H2%2BrfhcZB920%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70e142eaed938ff2-FRA
expires: Fri, 16 Sep 2022 08:26:55 GMT

GET
H3 200 50th-Logo-color_blue-no-fill-80x80.jpg
invisionmag.com/wp-content/uploads/2022/05/ 1 KB
2 KB 14ms
13ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://invisionmag.com/wp-content/uploads/2022/05/50th-Logo-color_blue-no-fill-80x80.jpg
Requested by: Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee86aafc4b532cf296e9e4ce2764ddbbd899bc76b3f9e20d96f43b0bd701d8c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 115381
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1302
last-modified: Wed, 18 May 2022 10:21:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10G968vCxqAo0Gv8mW43U5gE5v4xUUlyjlei0UeYZofHI5GWMTn%2F7aCxOVsrMyXY%2F6CrTxn%2FC7oJ42MgJyVxKMpKEoHGuZ%2FtA7qZ6uSGJWRlWY60IH%2BRfhVNmHtBh8c%2BIFLMuQmnerZ1eYdhGlw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70e142eaed948ff2-FRA
expires: Thu, 15 Sep 2022 17:19:26 GMT

GET
H3 200 22-0516_Zohra-Fadli-Image-80x80.jpg
invisionmag.com/wp-content/uploads/2022/05/ 2 KB
3 KB 14ms
13ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://invisionmag.com/wp-content/uploads/2022/05/22-0516_Zohra-Fadli-Image-80x80.jpg
Requested by: Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23fe66cda69a7a39a96f74e73fa5cbc03f73d882dd2612864b0e5d10bf55ada3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103220
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2097
last-modified: Wed, 18 May 2022 10:08:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quCU4UyZ%2F6NaenNNCbewxSXEkKE2uGDtko7Y76Lrxkg5GtpR45omVfyXfMEgnAsL8mdeVtWit0OJXMew01akbA8UHZODPSovwbZBOz7HJypwn9IEya7lkpth3gC0vYp0dcC55vBejp%2BS1XZx2xg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70e142eaed968ff2-FRA
expires: Thu, 15 Sep 2022 20:42:06 GMT

GET
H3 200 court-legal-thumbnail-80x80.jpg
invisionmag.com/wp-content/uploads/2018/11/ 3 KB
3 KB 14ms
13ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://invisionmag.com/wp-content/uploads/2018/11/court-legal-thumbnail-80x80.jpg
Requested by: Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61e5416ad86fefb63a5fe84a1c30b6fc5b0e64d553090cb07741a9e24f8cc4cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61458
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2567
last-modified: Wed, 21 Oct 2020 14:36:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9LH3PUXhsdQ%2FkTv6%2BfqO1lxrBJy6HPxA1YD6Bgwi0T8Ii2XsG8P%2BbfM2RxVTUn59gWBuotcWXIXjp7uNueGfFYzTlr7%2B3WxO%2FHGXakzpLkHbkTExArvDHf281E2mazySXjnpcMlRga00EC0PkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70e142eaed978ff2-FRA
expires: Fri, 16 Sep 2022 08:18:08 GMT

GET
H3 200 computer-security-thumbnail-80x80.jpg
invisionmag.com/wp-content/uploads/2018/12/ 3 KB
3 KB 15ms
14ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://invisionmag.com/wp-content/uploads/2018/12/computer-security-thumbnail-80x80.jpg
Requested by: Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd0700e7f5e79adaef8891e6eb52780d0014fbc93e50cdaacab9b673bf6ca2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 203690
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2632
last-modified: Wed, 12 Dec 2018 22:29:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Duw6f9HKOd2un4b6YRdOeVUgKfQQmTKcQ06wEqv7O0XgY%2F3Y9yIvK6aqlBBGtpE0%2BZIHlkTYdBjMpQJ9idJAnazz%2FHZc5Dn1OiqFNyz1QrmthN6obzQDSD0jiMa4kI%2Fr1j3FGordoxD5wT7C4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70e142eaed988ff2-FRA
expires: Wed, 14 Sep 2022 16:47:35 GMT

GET
H3 200 0689-80x80.jpg
invisionmag.com/wp-content/uploads/2021/03/ 2 KB
2 KB 14ms
14ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://invisionmag.com/wp-content/uploads/2021/03/0689-80x80.jpg
Requested by: Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddfb0c78d99f035d9cf2af9569319406ab3cc0bbeae3339ff4242bde331b047f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60931
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1679
last-modified: Mon, 28 Mar 2022 17:42:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FMnCccuSGSs3m0L4Q7UZ02CAc4GFfTHJ9z55lqp%2FiIwYAiu4Ybd7DikHxLQ98fmKdpeg7pYPzoMTqYvSJjWV9aFbcbUL0HlIwZ2JAk8LxQUMyjmphLpip2U3uT87TcD7KZKvwdWVwfx7FURtig%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70e142eaed998ff2-FRA
expires: Fri, 16 Sep 2022 08:26:55 GMT

GET
H3 200 INVISION-Robbery-80x80.jpg
invisionmag.com/wp-content/uploads/2022/05/ 2 KB
3 KB 15ms
14ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://invisionmag.com/wp-content/uploads/2022/05/INVISION-Robbery-80x80.jpg
Requested by: Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 232475847eddc1e345b21c7b353e2a4b0cdd2a3641cf7303280b7bdfa4bdd211

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 115381
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2136
last-modified: Thu, 12 May 2022 00:43:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxPoo61Fr4q2h6NxMOfbxymHi2Bfo%2FpK3IE%2FJJ%2F8I0z5iaBXnAHRkgGOLQAdRoz7njsVoXFLqokKS%2BMA%2Bd9B4iN8msqFJ7gFw9vijbfffN3JwYDvyPFshXEz1zqpS9ELdivxdYFxw8QbOcUtjQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70e142eaed9a8ff2-FRA
expires: Thu, 15 Sep 2022 17:19:26 GMT

GET
H3 200 97964-80x80.jpg
invisionmag.com/wp-content/uploads/2022/05/ 2 KB
3 KB 13ms
13ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://invisionmag.com/wp-content/uploads/2022/05/97964-80x80.jpg
Requested by: Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b75b8503a0bd65c3acd2c6b74f7b0af7fe9ecb01052455774293299c5bfa122

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60931
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2079
last-modified: Wed, 04 May 2022 21:02:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnusUixZ9t64imxqx%2Bb1rsAu%2BsyoYGHcy%2BYM7CdZ%2FfhXwjreE%2BMGZ3tTN7vmi4viQylMK7AAAzmr%2BnbJ5Sfp3LK5acddFeeG5JhRJyymrDkTUxjLCERS8kpBN899Uc%2ByJ2elRFeoQ5%2BZOebzUKU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 70e142eaed9b8ff2-FRA
expires: Fri, 16 Sep 2022 08:26:55 GMT

POST
H/1.1 204
No Content _csp
player.vimeo.com/ Frame 3B1D 0
1 KB 140ms
140ms Other
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/_csp

Requested by

Host: invisionmag.com
URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://i.vimeocdn.com https://f.vimeocdn.com; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://player.vimeo.com/video/705599020?h=5f8ab223f4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/csp-report

Response headers

Date: Fri, 20 May 2022 01:22:27 GMT
Via: 1.1 varnish
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
X-Cache: MISS
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
x-host: player-v085-fxjwd
Connection: keep-alive
Vary: Accept-Encoding
x-xss-protection: 1; mode=block
X-Served-By: cache-fra19163-FRA
X-Player-Backend: p
Server: cloudflare
X-Timer: S1653009748.774758,VS0,VE108
x-backend-proxy: playproxy5
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
Content-Type: text/html; charset=UTF-8
expires: Fri, 15 Dec 1985 19:30:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: player-v085-fxjwd
content-security-policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://i.vimeocdn.com https://f.vimeocdn.com; report-uri /_csp
Accept-Ranges: bytes
CF-RAY: 70e142eb7aec90ac-FRA
X-Cache-Hits: 0

GET
H2 200 1424594272-cc8acf843113a5caaee49177c8cf9c2d74e0036beb2872e26fff112061ed34f7-d.jpg
i.vimeocdn.com/video/ Frame 3B1D 1 KB
2 KB 36ms
8ms Image
image/jpeg 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1424594272-cc8acf843113a5caaee49177c8cf9c2d74e0036beb2872e26fff112061ed34f7-d.jpg?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/705599020?h=5f8ab223f4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3babad72ccf3f1c7943e975d88f878aed079937479b3e528ed285290df9d2845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 782505
x-viewmaster-lossless-format: lossy
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1392
viewmaster-server: viewmaster-us-east1-k0q5
x-served-by: cache-dfw18629-DFW, cache-fra19149-FRA
x-timer: S1653009748.786039,VS0,VE1
etag: 6e607228101c16229f79bc93da2d7f2b
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 player.de-DE.js Show response
f.vimeocdn.com/p/4.1.2/js/ Frame 3B1D 838 KB
198 KB 35ms
9ms Script
application/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.1.2/js/player.de-DE.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/705599020?h=5f8ab223f4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cdfbd1ddb58d0376b700ce5f050a1bf461c0eaaba9b3c95af35e74c7cb64d810

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 193568
x-served-by: cache-iad-kiad7000078-IAD, cache-fra19167-FRA
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
content-encoding: br
cache-control: max-age=1209600
accept-ranges: bytes
x-timer: S1653009748.786760,VS0,VE0
content-length: 202720
x-cache-hits: 1, 92

GET
H2 200 player.css
f.vimeocdn.com/p/4.1.2/css/ Frame 3B1D 212 KB
20 KB 35ms
9ms Stylesheet
text/css 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.1.2/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/705599020?h=5f8ab223f4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 110858e7ef049461f66cbd749aea3da80d10c72449856c6964f23713c89015bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 193570
x-served-by: cache-iad-kcgs7200161-IAD, cache-fra19167-FRA
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=1209600
accept-ranges: bytes
x-timer: S1653009748.786775,VS0,VE0
content-length: 20793
x-cache-hits: 1, 87920

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 3B1D 2 KB
1 KB 35ms
10ms Script
application/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/705599020?h=5f8ab223f4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 613758
x-timer: S1653009748.786742,VS0,VE0
x-served-by: cache-iad-kjyo7100113-IAD, cache-fra19167-FRA
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 997
x-cache-hits: 1, 66054

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame 3B1D 0
989 B 174ms
151ms Ping
text/plain 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=cec9f60461cfc30c373e53566cfb620a67ecbaaf1653009747

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 01:22:27 GMT
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
Vary: User-Agent
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kjyo7100051-IAD, cache-hhn4034-HHN
x-vimeo-device: d
Server: cloudflare
X-Timer: S1653009748.835124,VS0,VE130
x-frame-options: sameorigin
x-backend-proxy: webproxy5
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Thu, 19 May 2022 13:22:27 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-v1137-9rjdh
x-ua-compatible: IE=edge
Accept-Ranges: bytes
CF-RAY: 70e142ebe9979bd7-FRA
X-Cache-Hits: 0, 0

POST
H2 200 player-test-impression
fresnel.vimeocdn.com/add/ Frame 3B1D 0
40 B 128ms
104ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.1.2/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 20 May 2022 01:22:27 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 1424594272-cc8acf843113a5caaee49177c8cf9c2d74e0036beb2872e26fff112061ed34f7-d
i.vimeocdn.com/video/ Frame 3B1D 19 KB
20 KB 8ms
8ms Image
image/avif 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1424594272-cc8acf843113a5caaee49177c8cf9c2d74e0036beb2872e26fff112061ed34f7-d?mw=800&mh=445
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/705599020?h=5f8ab223f4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3acc2b1dc52232ae2c9b24d1666bd9e5cf9fc818eea8120c383e99f55b9aefe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:27 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 701860
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
access-control-max-age: 86400
x-backend-server: varnish
content-length: 19890
viewmaster-server: viewmaster-us-central1-7dnc
x-served-by: cache-dfw18656-DFW, cache-fra19149-FRA
x-timer: S1653009748.897642,VS0,VE1
etag: bf6cdee37823cb0271961fa8bd60976f
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 3B1D 0
142 B 120ms
103ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=cec9f60461cfc30c373e53566cfb620a67ecbaaf1653009747
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.1.2/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 20 May 2022 01:22:27 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200 spinner.gif
cdn.omeda.com/hosted/images/dragon/generic/ Frame A58B 9 KB
9 KB 620ms
120ms Image
image/gif 205.162.42.5
QTS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.omeda.com/hosted/images/dragon/generic/spinner.gif

Requested by

Host: smartworkmedia.dragonforms.com
URL: https://smartworkmedia.dragonforms.com/init.do?omedasite=INV_nlshort

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.162.42.5 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

cdn.omeda.com

Software

Apache /

Resource Hash

056dd44aece96c67e45ba421d734f125e1497bbdb3b70194b7aadb8a68d10085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smartworkmedia.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 03:22:28 CEST
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Oct 2016 22:45:12 CEST
Server: Apache
ETag: W/"8851-1476132312178"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 loading.do Show response
smartworkmedia.dragonforms.com/ Frame A58B 20 KB
6 KB 128ms
128ms Document
text/html 204.180.130.190
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://smartworkmedia.dragonforms.com/loading.do?omedasite=INV_nlshort

Requested by

Host: smartworkmedia.dragonforms.com
URL: https://smartworkmedia.dragonforms.com/init.do?omedasite=INV_nlshort

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.190 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

d33a1dafe7906b76f80a64739454ad0a7a27c849333926571eb2b91e4fa55c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://smartworkmedia.dragonforms.com/init.do?omedasite=INV_nlshort
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 20 May 2022 01:22:28 GMT
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 site_9b.css
hostedcontent.dragonforms.com/hosted/images/dragon/generic/9/ Frame A58B 20 KB
21 KB 622ms
117ms Stylesheet
text/css 205.162.42.5
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hostedcontent.dragonforms.com/hosted/images/dragon/generic/9/site_9b.css

Requested by

Host: smartworkmedia.dragonforms.com
URL: https://smartworkmedia.dragonforms.com/loading.do?omedasite=INV_nlshort

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.162.42.5 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

cdn.omeda.com

Software

Apache /

Resource Hash

77a400a6c6a31ac15bfd8d48a684f2f1bab3bb5f4563934a9d13f8380c8560dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smartworkmedia.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 03:22:29 CEST
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Jan 2020 14:12:06 CET
Server: Apache
ETag: W/"20920-1578661926619"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ Frame A58B 84 KB
29 KB 38ms
14ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: smartworkmedia.dragonforms.com
URL: https://smartworkmedia.dragonforms.com/loading.do?omedasite=INV_nlshort
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://smartworkmedia.dragonforms.com/
Origin: https://smartworkmedia.dragonforms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:29 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e4a"
vary: Accept-Encoding
x-hw: 1653009749.dop135.fr8.t,1653009749.cds238.fr8.hn,1653009749.cds130.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H/1.1 200 conditional.js Show response
smartworkmedia.dragonforms.com/js/ Frame A58B 33 KB
33 KB 475ms
120ms Script
application/javascript 204.180.130.190
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://smartworkmedia.dragonforms.com/js/conditional.js

Requested by

Host: smartworkmedia.dragonforms.com
URL: https://smartworkmedia.dragonforms.com/loading.do?omedasite=INV_nlshort

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.190 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

a52c334226cfb0fa9f6d2a5c6ada715b5babcf6ae09575c95b5a139b0ec04d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smartworkmedia.dragonforms.com/loading.do?omedasite=INV_nlshort
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 01:22:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Apr 2022 15:30:58 GMT
Server: Apache
ETag: W/"33376-1650468658000"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 dragonCampaign.js Show response
smartworkmedia.dragonforms.com/js/ Frame A58B 13 KB
13 KB 477ms
122ms Script
application/javascript 204.180.130.190
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://smartworkmedia.dragonforms.com/js/dragonCampaign.js

Requested by

Host: smartworkmedia.dragonforms.com
URL: https://smartworkmedia.dragonforms.com/loading.do?omedasite=INV_nlshort

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.190 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

0dbc0190864fe5c6e0bd63e7b5233f94265ee535dc3c3e2031f27a251bbb2f60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smartworkmedia.dragonforms.com/loading.do?omedasite=INV_nlshort
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 01:22:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Aug 2021 17:56:04 GMT
Server: Apache
ETag: W/"13235-1630346164000"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 generic.css
smartworkmedia.dragonforms.com/style/ Frame A58B 2 KB
1 KB 238ms
125ms Stylesheet
text/css 204.180.130.190
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://smartworkmedia.dragonforms.com/style/generic.css

Requested by

Host: smartworkmedia.dragonforms.com
URL: https://smartworkmedia.dragonforms.com/loading.do?omedasite=INV_nlshort

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.190 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

a75268aabd3efca2333dda30048a44d566fca0fa0c70f87249784d6c4dbaaa50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smartworkmedia.dragonforms.com/loading.do?omedasite=INV_nlshort
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 01:22:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Jun 2021 15:35:48 GMT
Server: Apache
ETag: W/"2478-1623339348000"
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 1036.css
hostedcontent.dragonforms.com/hosted/images/dragon/12250/ Frame A58B 1 KB
1 KB 731ms
108ms Stylesheet
text/css 205.162.42.5
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hostedcontent.dragonforms.com/hosted/images/dragon/12250/1036.css

Requested by

Host: smartworkmedia.dragonforms.com
URL: https://smartworkmedia.dragonforms.com/loading.do?omedasite=INV_nlshort

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.162.42.5 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

cdn.omeda.com

Software

Apache /

Resource Hash

02263439ffccdbe8f9ff3b5a4947653af1e6a0a44d203b267b6246606cbf8ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smartworkmedia.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 03:22:28 CEST
X-Content-Type-Options: nosniff
Last-Modified: Tue, 30 Oct 2018 15:42:47 CET
Server: Apache
ETag: W/"1074-1540910567079"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 olyticsLinkAssistance.js Show response
smartworkmedia.dragonforms.com/js/ Frame A58B 4 KB
4 KB 478ms
122ms Script
application/javascript 204.180.130.190
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://smartworkmedia.dragonforms.com/js/olyticsLinkAssistance.js

Requested by

Host: smartworkmedia.dragonforms.com
URL: https://smartworkmedia.dragonforms.com/loading.do?omedasite=INV_nlshort

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.190 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

f88e771cd7aeeb1241c61b165090b9d197534d937e2bd53a62631a738439a2e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smartworkmedia.dragonforms.com/loading.do?omedasite=INV_nlshort
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 01:22:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Nov 2018 20:46:06 GMT
Server: Apache
ETag: W/"3961-1542401166000"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ Frame A58B 271 KB
73 KB 905ms
122ms Script
application/javascript 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Host: smartworkmedia.dragonforms.com
URL: https://smartworkmedia.dragonforms.com/loading.do?omedasite=INV_nlshort

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

a054aa97d11e81c0b049b5eeb2bda656aece2bf407995fd19e4a459ce60cec28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smartworkmedia.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 01:22:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 Jan 2022 16:42:56 GMT
Server: Apache
ETag: W/"277838-1642524176000"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Accept-Ranges: bytes
vary: accept-encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 20 May 2022 07:22:30 GMT

GET
H/1.1 200 evaluateConditionalContent.do;jsessionid=E1B95547EEFE84B7730037104EE84279 Show response
smartworkmedia.dragonforms.com/ Frame A58B 180 B
435 B 114ms
114ms XHR
text/x-json 204.180.130.190
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://smartworkmedia.dragonforms.com/evaluateConditionalContent.do;jsessionid=E1B95547EEFE84B7730037104EE84279?opt103447=1&demo103448=&demo103449=&demo103450=&demo103451=&demo103452=&dragon_pagenumber=1&jsessionid=E1B95547EEFE84B7730037104EE84279&timestemp=1653009749869

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.190 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

7b68f1c5740bd22df0a8b2412c1c6dccbeb10a177f1b7e88034a01981676e190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://smartworkmedia.dragonforms.com/loading.do?omedasite=INV_nlshort
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 01:22:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Content-Type: text/x-json;charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 evaluateConditionalContent.do;jsessionid=E1B95547EEFE84B7730037104EE84279 Show response
smartworkmedia.dragonforms.com/ Frame A58B 180 B
435 B 111ms
111ms XHR
text/x-json 204.180.130.190
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.190 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

7b68f1c5740bd22df0a8b2412c1c6dccbeb10a177f1b7e88034a01981676e190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://smartworkmedia.dragonforms.com/loading.do?omedasite=INV_nlshort
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 01:22:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Content-Type: text/x-json;charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame A58B 0
0 53ms
31ms Fetch
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smartworkmedia.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 01:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 4619207355439942988
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 20 May 2022 01:22:31 GMT

HEAD
H2 200 gpt.js
www.googletagservices.com/tag/js/ Frame A58B 0
0 37ms
14ms Fetch
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smartworkmedia.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1220 / 880 of 1000 / last-modified: 1652997910"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 20 May 2022 01:22:31 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vimeo.com/	1970-01-20 03:10:11	Name: __cf_bm Value: iGgdUwZDr8GkU4aTMc9Sb4miC4o4WKHGd5HPY4aJN.Q-1653009747-0-AVBTuU0zDYklsnZYN7BgniRKfLPlVccBfCbfS79Ei8ntdZAJsw2KMu7HHHuc6jh3cGaDt+Qt9nd47tmV6gh1ffY=
.vimeo.com/	1970-01-20 20:41:21	Name: vuid Value: pl1682008980.1608947603
smartworkmedia.dragonforms.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: E1B95547EEFE84B7730037104EE84279
.dragonforms.com/	1970-01-20 03:10:16	Name: oly_enc_id Value: null

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://invisionmag.com/data-breach-hits-eye-clinic-in-seattle-area/(Line 1354) Message: Allow attribute will take precedence over 'allowfullscreen'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.omeda.com
code.jquery.com
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
hostedcontent.dragonforms.com
i.vimeocdn.com
invisionmag.com
olytics.omeda.com
pagead2.googlesyndication.com
player.vimeo.com
smartworkmedia.dragonforms.com
vimeo.com
www.googletagservices.com
151.101.14.109
162.159.128.61
162.159.138.60
2001:4de0:ac18::1:a:1a
204.180.130.159
204.180.130.190
205.162.42.5
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a06:98c1:3121::a
34.120.202.204
003cf2c7fabbd37f108e4f2c30ed0b4e86ae4e7fcdeac64bb8ed4d491adbb583
02263439ffccdbe8f9ff3b5a4947653af1e6a0a44d203b267b6246606cbf8ce0
056dd44aece96c67e45ba421d734f125e1497bbdb3b70194b7aadb8a68d10085
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
09c1228de80e3c63e9a13bf809fb07f8a4481db548701b4b0c597c422d055c05
0d5538b6bf43abc973e459c38e06b238168a8fc2fc5a5d6ffa64a75bae46bc34
0dbc0190864fe5c6e0bd63e7b5233f94265ee535dc3c3e2031f27a251bbb2f60
0e4275835ffb333a0e4f522fec029b223208757a92f0ddf82508b1ab937aa102
110858e7ef049461f66cbd749aea3da80d10c72449856c6964f23713c89015bd
140ee2462b736e743b7f9b2dd82f41ecfa63f17a818739fec426067500edb49c
232475847eddc1e345b21c7b353e2a4b0cdd2a3641cf7303280b7bdfa4bdd211
23a13f579a421695af30c628a6021c8ae5c1a41aa612b5420061577140635ce6
23fe66cda69a7a39a96f74e73fa5cbc03f73d882dd2612864b0e5d10bf55ada3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29441e2ed7e703d12623ef364fc2519e07da518fdba4cc6986126e1f5c4759aa
2b85175c21358b9c4e67033cef7ea98ed3f508ded187fd5a627bf9c77c0f74fb
3babad72ccf3f1c7943e975d88f878aed079937479b3e528ed285290df9d2845
3d7128bc5d2a1894037ef6f93c594ed0f3522022892c6d0c36cf94dca2685d88
3e858d72f8da26509ac78dc79362db7db0b5a4a5cc9f3154012222b4ea929ca8
5390e9facc0ddb3ebb2236c1c797ba47be28e4173b948f172d133e4f8ce5748e
5ba9da5bbade4ae4151df3df74a6053c9e98bfc0750a702f0eef67ad3129f8c7
61e5416ad86fefb63a5fe84a1c30b6fc5b0e64d553090cb07741a9e24f8cc4cb
7362df145ffb1c4d7d9c6ba5de7d6b53d330b433564258440b72fe1a25f731c2
77a400a6c6a31ac15bfd8d48a684f2f1bab3bb5f4563934a9d13f8380c8560dd
7b68f1c5740bd22df0a8b2412c1c6dccbeb10a177f1b7e88034a01981676e190
7bd0700e7f5e79adaef8891e6eb52780d0014fbc93e50cdaacab9b673bf6ca2e
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
854077e257a6b1b0a462dd0eaee23d0dc6e70e4af61d0999997b281e9312a8f0
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
9b75b8503a0bd65c3acd2c6b74f7b0af7fe9ecb01052455774293299c5bfa122
a054aa97d11e81c0b049b5eeb2bda656aece2bf407995fd19e4a459ce60cec28
a2123f408e24aef68f451ccbe5370ec3c92354c75d3e58188d31e6b9618edafb
a52c334226cfb0fa9f6d2a5c6ada715b5babcf6ae09575c95b5a139b0ec04d54
a75268aabd3efca2333dda30048a44d566fca0fa0c70f87249784d6c4dbaaa50
b1d9687609572008b1c058d5cff51d96dab45ff0ad7eeefc8541660b036d1391
bf6d3b14e59a8c0b41c3e58a77040d0ae174bb716093b7f4a1f211a34ef8d8a6
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c292c744b07d9abf2ef458dc804b581b6d2658a33d3dedb93c1ccc2434fdd70b
cdfbd1ddb58d0376b700ce5f050a1bf461c0eaaba9b3c95af35e74c7cb64d810
d1a36023a08c74591bd777c344a8d5e21b9200275cd8a131592df75cf867ff8a
d33a1dafe7906b76f80a64739454ad0a7a27c849333926571eb2b91e4fa55c98
d386b8939c3eb6cf8ab8282573ac30ef78dc9714795256f09d2627a56617de88
d52f1f1c0e3e9e237c7604afefa8d784064f688c76293e3f1102dab32a830925
ddfb0c78d99f035d9cf2af9569319406ab3cc0bbeae3339ff4242bde331b047f
e29046c63169796f2fa316ef20a80b088b7264ea6392cc4b2383af80d2760f20
e3acc2b1dc52232ae2c9b24d1666bd9e5cf9fc818eea8120c383e99f55b9aefe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3
ebb47fd79ee856806fec5c85f947b3a908cbe3cfef92099fa4c9b481f092f6f7
ee86aafc4b532cf296e9e4ce2764ddbbd899bc76b3f9e20d96f43b0bd701d8c7
f1add7b4ab4f1b6ebe16eaedee3ed009fe207c72b8022a34e51a2b8ea8e4a04b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f88e771cd7aeeb1241c61b165090b9d197534d937e2bd53a62631a738439a2e6

invisionmag.com Open in urlscan Pro 2a06:98c1:3121::a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

100 %HTTPS

46 %IPv6

10 Domains

15 Subdomains

14 IPs

4 Countries

929 kBTransfer

2632 kBSize

4 Cookies

12 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

invisionmag.com Open in urlscan Pro
2a06:98c1:3121::a Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

100 %
HTTPS

46 %
IPv6

10
Domains

15
Subdomains

14
IPs

4
Countries

929 kB
Transfer

2632 kB
Size

4
Cookies

56 HTTP transactions
5 data transactions