stepsaheadglobalreaders.org Open in urlscan Pro
67.222.109.196 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.search.com/wr_clk?surl=http%3A%2F%2Fpoleninvest.icu/%2Ewp-admin/index.html#alison.livesey+jpmorgan.com
Effective URL:
https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com
Submission: On October 14 via api (October 14th 2019, 3:06:54 pm UTC) from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 19 HTTP transactions. The main IP is 67.222.109.196, located in Chatsworth, United States and belongs to IHNET - IHNetworks, LLC, US. The main domain is stepsaheadglobalreaders.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 13th 2019. Valid for: 3 months.

This is the only time stepsaheadglobalreaders.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.53.90.196 52.53.90.196	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	162.241.148.10 162.241.148.10	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer)
2	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	67.222.109.196 67.222.109.196	33494 (IHNET) (IHNET - IHNetworks)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	31.28.167.85 31.28.167.85	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
19	10

1 52.53.90.196 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-53-90-196.us-west-1.compute.amazonaws.com

www.search.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.241.148.10 (Provo, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: 162-241-148-10.unifiedlayer.com

poleninvest.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.222.109.196 (Chatsworth, United States)

ASN33494 (IHNET - IHNetworks, LLC, US)
PTR: rangers.unisonplatform.com

stepsaheadglobalreaders.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.28.167.85 (Zhytomyr, Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)

sendapidata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	googleapis.com ajax.googleapis.com fonts.googleapis.com translate.googleapis.com	154 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	30 KB
3	stepsaheadglobalreaders.org stepsaheadglobalreaders.org	527 KB
2	poleninvest.icu 1 redirects poleninvest.icu	2 KB
1	sendapidata.com sendapidata.com	238 B
1	google.com translate.google.com	1 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	7 KB
1	search.com 1 redirects www.search.com	733 B
19	8

	Domain	Requested by
4	translate.googleapis.com	translate.google.com translate.googleapis.com
3	fonts.gstatic.com	stepsaheadglobalreaders.org
3	stepsaheadglobalreaders.org	poleninvest.icu stepsaheadglobalreaders.org
2	www.gstatic.com	stepsaheadglobalreaders.org
2	ajax.googleapis.com	poleninvest.icu stepsaheadglobalreaders.org
2	poleninvest.icu	1 redirects
1	sendapidata.com	ajax.googleapis.com
1	fonts.googleapis.com	stepsaheadglobalreaders.org
1	translate.google.com	stepsaheadglobalreaders.org
1	stackpath.bootstrapcdn.com	stepsaheadglobalreaders.org
1	www.search.com	1 redirects
19	11

This site contains no links.

Subject Issuer	Validity	Valid
*.googleapis.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
stepsaheadglobalreaders.org cPanel, Inc. Certification Authority	`2019-10-13` - `2020-01-11`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
sendapidata.com Let's Encrypt Authority X3	`2019-10-03` - `2020-01-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com
Frame ID: B9BA8CD43A6A8A892C3F2BE96B5B1DEA
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.search.com/wr_clk?surl=http%3A%2F%2Fpoleninvest.icu/%2Ewp-admin/index.html HTTP 302
http://poleninvest.icu/.wp-admin/index.html Page URL
http://poleninvest.icu/.wp-admin/blocker.php?em=alison.livesey+jpmorgan.com HTTP 302
https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com Page URL

Page Statistics

19
Requests

95 %
HTTPS

64 %
IPv6

8
Domains

11
Subdomains

10
IPs

4
Countries

721 kB
Transfer

1039 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.search.com/wr_clk?surl=http%3A%2F%2Fpoleninvest.icu/%2Ewp-admin/index.html HTTP 302
http://poleninvest.icu/.wp-admin/index.html Page URL
http://poleninvest.icu/.wp-admin/blocker.php?em=alison.livesey+jpmorgan.com HTTP 302
https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.search.com/wr_clk?surl=http%3A%2F%2Fpoleninvest.icu/%2Ewp-admin/index.html HTTP 302
http://poleninvest.icu/.wp-admin/index.html

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

index.html Show response
poleninvest.icu/.wp-admin/
Redirect Chain

https://www.search.com/wr_clk?surl=http%3A%2F%2Fpoleninvest.icu/%2Ewp-admin/index.html
http://poleninvest.icu/.wp-admin/index.html

4 KB
2 KB

393ms
202ms

Document
text/html

162.241.148.10
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: http://poleninvest.icu/.wp-admin/index.html
Protocol: HTTP/1.1
Server: 162.241.148.10 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS: 162-241-148-10.unifiedlayer.com
Software: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash: 883ca77fd12b2c2b460123c517c6e6c0f53479d72eb40a8929e81269b746d02d

Request headers

Host: poleninvest.icu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Date: Mon, 14 Oct 2019 15:07:41 GMT
Server: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 13 Oct 2019 20:28:52 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1781
Content-Type: text/html

Redirect headers

status: 302
date: Mon, 14 Oct 2019 15:06:35 GMT
content-type: text/html; charset=utf-8
content-length: 130
location: http://poleninvest.icu/.wp-admin/index.html
server: nginx/1.12.1
x-frame-options: SAMEORIGIN
x-powered-by: PHP 5.3.2
x-xss-protection: 1; mode=block
set-cookie: search_user=%7B%22keyword%22%3A%22%22%2C%22qsrc%22%3A%221%22%2C%22q%22%3A%22%22%2C%22src%22%3A%22organic%22%2C%22sid%22%3A%228095761%22%2C%22yt%22%3A%22%22%2C%22pid%22%3A%22%22%2C%22cid%22%3A%22%22%2C%22clickid%22%3A%22%22%2C%22click_id%22%3A%22%22%2C%22udv%22%3A%22%22%2C%22ude%22%3A%22%22%2C%22udvo%22%3A%22%22%2C%22kwid%22%3A%22%22%2C%22agid%22%3A%22%22%2C%22mode%22%3A%22store1_organic_%22%2C%22gch%22%3A%22%22%2C%22tc%22%3A363%2C%22qm%22%3A%22%22%2C%22ag%22%3A%22%22%2C%22au%22%3A%22%22%2C%22tt%22%3A%22%22%2C%22type%22%3A%22%22%2C%22qWordCount%22%3A1%2C%22op%22%3A%22st_organic_%22%7D; Path=/ connect.sid=s%3AnGTMg0Utjrinl5IpP6spt6GHdfhNID5R.GBLPoC3tKo%2FNeyXkXJWcveqsYt%2Bd6duuOznga8W5UjU; Path=/; HttpOnly
vary: Accept, Accept-Encoding

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: poleninvest.icu
URL: http://poleninvest.icu/.wp-admin/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://poleninvest.icu/.wp-admin/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 11 Oct 2019 15:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259321
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Oct 2020 15:04:35 GMT

GET
H/1.1

200
OK

Primary Request / Show response
stepsaheadglobalreaders.org/client/
Redirect Chain

http://poleninvest.icu/.wp-admin/blocker.php?em=alison.livesey+jpmorgan.com
https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com

7 KB
7 KB

516ms
193ms

Document
text/html

67.222.109.196
IHNetworks

General

Check archive.org

Show headers Download Go to

Full URL

https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com

Requested by

Host: poleninvest.icu
URL: http://poleninvest.icu/.wp-admin/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.222.109.196 Chatsworth, United States, ASN33494 (IHNET - IHNetworks, LLC, US),

Reverse DNS

rangers.unisonplatform.com

Software

Apache /

Resource Hash

25878a975009821c76913614b05900a703845056799cebba2e35a20d4c9a52f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Host: stepsaheadglobalreaders.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://poleninvest.icu/.wp-admin/index.html
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://poleninvest.icu/.wp-admin/index.html

Response headers

Date: Mon, 14 Oct 2019 15:05:58 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Last-Modified: Sun, 13 Oct 2019 21:02:33 GMT
Accept-Ranges: bytes
Content-Length: 6884
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

Redirect headers

Date: Mon, 14 Oct 2019 15:07:42 GMT
Server: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7
X-Powered-By: PHP/7.1.27
Upgrade: h2,h2c
Connection: Upgrade
Location: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 25ms
10ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: stepsaheadglobalreaders.org
URL: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Sec-Fetch-Mode: cors
Referer: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com
Origin: https://stepsaheadglobalreaders.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 15:06:37 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H/1.1 200
OK style.css
stepsaheadglobalreaders.org/client/css/ 4 KB
4 KB 164ms
163ms Stylesheet
text/css 67.222.109.196
IHNetworks

General

Check archive.org

Show headers Download Go to

Full URL

https://stepsaheadglobalreaders.org/client/css/style.css

Requested by

Host: stepsaheadglobalreaders.org
URL: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.222.109.196 Chatsworth, United States, ASN33494 (IHNET - IHNetworks, LLC, US),

Reverse DNS

rangers.unisonplatform.com

Software

Apache /

Resource Hash

c250e64b0e563b8c3b0dbeb037e2955e23a88a2cd50d6193b7af6bef2059979d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 15:05:59 GMT
Last-Modified: Fri, 11 Oct 2019 19:17:57 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3905

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: stepsaheadglobalreaders.org
URL: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 15:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259322
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Oct 2020 15:04:35 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 2 KB
1 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:81e::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: stepsaheadglobalreaders.org
URL: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

43d855853a948c2e7fb7d9f2bca86f8797626ae5cddaf68062ea9cd6c06790a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Oct 2019 15:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 727
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
860 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:818::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap

Requested by

Host: stepsaheadglobalreaders.org
URL: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

69027204f18bef3a3126cad6b61a5a480f8c3f1b7cf29b5739df72a18039b1b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 14 Oct 2019 15:06:38 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 14 Oct 2019 15:06:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 14 Oct 2019 15:06:38 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

99b27633e72d0a0efc23402c62b01cc0ec5ff40821cd1a84c89a1ef31773612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 14:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 May 2019 20:15:00 GMT
server: sffe
age: 2497
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3619
x-xss-protection: 0
expires: Mon, 14 Oct 2019 15:25:01 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 3 KB
2 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e61816e7c0be10882ec227cb672cb9bf0236f48fe160331472257e468203b6eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 14:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Oct 2019 12:45:00 GMT
server: sffe
age: 2878
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1528
x-xss-protection: 0
expires: Mon, 14 Oct 2019 15:18:40 GMT

GET
H/1.1 200
OK bg.jpg
stepsaheadglobalreaders.org/client/images/ 515 KB
516 KB 162ms
162ms Image
image/jpeg 67.222.109.196
IHNetworks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stepsaheadglobalreaders.org/client/images/bg.jpg

Requested by

Host: stepsaheadglobalreaders.org
URL: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.222.109.196 Chatsworth, United States, ASN33494 (IHNET - IHNetworks, LLC, US),

Reverse DNS

rangers.unisonplatform.com

Software

Apache /

Resource Hash

a1fb84a7224296e21706ea3eb797d31bd6364cdc5cdd2bed19cc14a78abbbf92

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://stepsaheadglobalreaders.org/client/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 15:05:59 GMT
Last-Modified: Fri, 11 Oct 2019 16:15:17 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 527585

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: stepsaheadglobalreaders.org
URL: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap
Origin: https://stepsaheadglobalreaders.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 08 Oct 2019 17:59:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 508043
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
expires: Wed, 07 Oct 2020 17:59:15 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2

Requested by

Host: stepsaheadglobalreaders.org
URL: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap
Origin: https://stepsaheadglobalreaders.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 08 Oct 2019 18:01:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:53 GMT
server: sffe
age: 507906
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9192
x-xss-protection: 0
expires: Wed, 07 Oct 2020 18:01:32 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: stepsaheadglobalreaders.org
URL: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap
Origin: https://stepsaheadglobalreaders.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 19:39:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 242830
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9016
x-xss-protection: 0
expires: Sat, 10 Oct 2020 19:39:28 GMT

POST
H/1.1 200
OK t.php Show response
sendapidata.com/email-list/webmail/webmail2/ 2 B
238 B 470ms
171ms XHR
text/html 31.28.167.85
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sendapidata.com/email-list/webmail/webmail2/t.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.28.167.85 Zhytomyr, Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: nginx / PHP/5.6.38
Resource Hash: dbd3a49d0d906b4ed9216b73330d2fb080ef2f758c12f3885068222e5e17151c

Request headers

Accept: text/html, */*; q=0.01
Referer: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 14 Oct 2019 15:06:38 GMT
Server: nginx
X-Powered-By: PHP/5.6.38
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 2

GET
H2 200 element_main.js Show response
translate.googleapis.com/element/TE_20190916_00/e/js/element/ 239 KB
86 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20190916_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3fa99d88ac410da01b545aac3fa9e4125908e748a462a39434aff420230655f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 14:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3493
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 88005
x-xss-protection: 0
last-modified: Mon, 16 Sep 2019 09:48:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Oct 2020 14:08:25 GMT

GET
H2 200 l Show response
translate.googleapis.com/translate_a/ 3 KB
1 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=_callbacks____0k1qjw5v5

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20190916_00/e/js/element/element_main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2ddc1460fc7b72a18f2870325adbce9664257147d5f4b5755043133eec8e3086

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s00ex8MRXpq7o+JHxE/ptg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', script-src 'nonce-s00ex8MRXpq7o+JHxE/ptg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateApiHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-s00ex8MRXpq7o+JHxE/ptg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', script-src 'nonce-s00ex8MRXpq7o+JHxE/ptg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateApiHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
status: 200
date: Mon, 14 Oct 2019 15:06:38 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
895 B 6ms
6ms Image
image/png 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: stepsaheadglobalreaders.org
URL: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 03:54:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 299500
vary: Origin
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 825
x-xss-protection: 0
expires: Sat, 10 Oct 2020 03:54:58 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: stepsaheadglobalreaders.org
URL: https://stepsaheadglobalreaders.org/client/?e=alison.livesey@jpmorgan.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 07:01:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 29091
vary: Origin
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1847
x-xss-protection: 0
expires: Tue, 13 Oct 2020 07:01:47 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
poleninvest.icu
sendapidata.com
stackpath.bootstrapcdn.com
stepsaheadglobalreaders.org
translate.google.com
translate.googleapis.com
www.gstatic.com
www.search.com
162.241.148.10
2001:4de0:ac19::1:b:1b
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:818::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:81e::200e
2a00:1450:4001:81f::200a
31.28.167.85
52.53.90.196
67.222.109.196
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
25878a975009821c76913614b05900a703845056799cebba2e35a20d4c9a52f5
2ddc1460fc7b72a18f2870325adbce9664257147d5f4b5755043133eec8e3086
3fa99d88ac410da01b545aac3fa9e4125908e748a462a39434aff420230655f6
43d855853a948c2e7fb7d9f2bca86f8797626ae5cddaf68062ea9cd6c06790a8
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
69027204f18bef3a3126cad6b61a5a480f8c3f1b7cf29b5739df72a18039b1b7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
883ca77fd12b2c2b460123c517c6e6c0f53479d72eb40a8929e81269b746d02d
99b27633e72d0a0efc23402c62b01cc0ec5ff40821cd1a84c89a1ef31773612d
a1fb84a7224296e21706ea3eb797d31bd6364cdc5cdd2bed19cc14a78abbbf92
c250e64b0e563b8c3b0dbeb037e2955e23a88a2cd50d6193b7af6bef2059979d
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
dbd3a49d0d906b4ed9216b73330d2fb080ef2f758c12f3885068222e5e17151c
e61816e7c0be10882ec227cb672cb9bf0236f48fe160331472257e468203b6eb

stepsaheadglobalreaders.org Open in urlscan Pro 67.222.109.196 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

19 Requests

95 %HTTPS

64 %IPv6

8 Domains

11 Subdomains

10 IPs

4 Countries

721 kBTransfer

1039 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Indicators

stepsaheadglobalreaders.org Open in urlscan Pro
67.222.109.196 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

95 %
HTTPS

64 %
IPv6

8
Domains

11
Subdomains

10
IPs

4
Countries

721 kB
Transfer

1039 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions