urlscan.io logo urlscan.io
SecurityTrails logo

ficatogether.com Open in urlscan Pro
35.240.1.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://damngood.business/
Effective URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Submission: On June 26 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 24 HTTP transactions. The main IP is 35.240.1.10, located in Brussels, Belgium and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is ficatogether.com.
TLS certificate: Issued by R3 on May 5th 2024. Valid for: 3 months.
This is the only time ficatogether.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.151.30.147 48254 (TWENTYI)
1 35.240.1.10 396982 (GOOGLE-CL...)
1 13.32.121.12 16509 (AMAZON-02)
1 151.101.2.137 54113 (FASTLY)
2 172.64.146.81 13335 (CLOUDFLAR...)
2 138.199.36.8 60068 (CDN77 _)
9 142.250.185.227 15169 (GOOGLE)
1 172.104.231.58 63949 (AKAMAI-LI...)
1 54.173.185.62 14618 (AMAZON-AES)
6 151.101.194.208 54113 (FASTLY)
24 9
1    185.151.30.147 (United Kingdom)

ASN48254 (TWENTYI, GB)
PTR: 185-151-30-147.ptr4.stackcp.net
damngood.business
1    35.240.1.10 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 10.1.240.35.bc.googleusercontent.com
ficatogether.com
1    13.32.121.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-12.fra60.r.cloudfront.net
cdn.firstpromoter.com
1    151.101.2.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    172.64.146.81 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
assets.calendly.com
calendly.com
2    138.199.36.8 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 138-199-36-8.bunnyinfra.net
cdn.convertri.com
9    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
1    172.104.231.58 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-231-58.ip.linodeusercontent.com
t.firstpromoter.com
1    54.173.185.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-185-62.compute-1.amazonaws.com
snowplow.convertri.com
6    151.101.194.208 (San Francisco, United States)

ASN54113 (FASTLY, US)
convertri.imgix.net
Apex Domain
Subdomains		 Transfer
9 gstatic.com
fonts.gstatic.com
249 KB
6 imgix.net
convertri.imgix.net — Cisco Umbrella Rank: 242143
65 KB
3 convertri.com
cdn.convertri.com — Cisco Umbrella Rank: 198191
snowplow.convertri.com — Cisco Umbrella Rank: 209064
124 KB
2 calendly.com
assets.calendly.com — Cisco Umbrella Rank: 16647
calendly.com — Cisco Umbrella Rank: 13360
4 KB
2 firstpromoter.com
cdn.firstpromoter.com — Cisco Umbrella Rank: 44117
t.firstpromoter.com — Cisco Umbrella Rank: 389711
3 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 816
33 KB
1 ficatogether.com
ficatogether.com
41 KB
1 damngood.business
damngood.business
273 B
24 8
Domain Requested by
9 fonts.gstatic.com ficatogether.com
6 convertri.imgix.net ficatogether.com
2 cdn.convertri.com ficatogether.com
1 calendly.com assets.calendly.com
1 snowplow.convertri.com ficatogether.com
1 t.firstpromoter.com cdn.firstpromoter.com
1 assets.calendly.com ficatogether.com
1 code.jquery.com ficatogether.com
1 cdn.firstpromoter.com ficatogether.com
1 ficatogether.com
1 damngood.business 1 redirects
24 11

This site contains links to these domains. Also see Links.

Domain
ensignchampplan.com
Subject Issuer Validity Valid
ficatogether.com
R3		 2024-05-05 -
2024-08-03		 3 months crt.sh
*.firstpromoter.com
Amazon RSA 2048 M03		 2023-11-21 -
2024-12-18		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
calendly.com
E1		 2024-05-31 -
2024-08-29		 3 months crt.sh
cdn.convertri.com
R3		 2024-05-15 -
2024-08-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
snowplow.convertri.com
Amazon RSA 2048 M02		 2023-12-27 -
2025-01-25		 a year crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-12-07 -
2025-01-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ficatogether.com/?ref=kjell76&fp_sid=email
Frame ID: 3493D995B1C0A934642649460437D29C
Requests: 23 HTTP requests in this frame

Frame: https://calendly.com/affordacare-insurance/champion-health-demo-call?embed_domain=ficatogether.com&embed_type=Inline&hide_gdpr_banner=1&utm_source=kjell76
Frame ID: 927ABE355B502DACE2A9B31A5B4CE82C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FICA Together

Page URL History Show full URLs

  1. https://damngood.business/ HTTP 302
    https://ficatogether.com/?ref=kjell76&fp_sid=email Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • https://assets\.calendly\.com/assets/external/widget\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

9
IPs

4
Countries

519 kB
Transfer

1521 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://damngood.business/ HTTP 302
    https://ficatogether.com/?ref=kjell76&fp_sid=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ficatogether.com/
Redirect Chain
  • https://damngood.business/
  • https://ficatogether.com/?ref=kjell76&fp_sid=email
410 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.240.1.10 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.1.240.35.bc.googleusercontent.com
Software
/
Resource Hash
2aadb68fe3f4101b595a23612e13a7bc34048e17b25f4ceb229e628717719a5b

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 26 Jun 2024 11:11:37 GMT
vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 26 Jun 2024 11:11:36 GMT
location
https://ficatogether.com/?ref=kjell76&fp_sid=email
server
Apache
x-cdn-cache-status
MISS
x-cdn-node-is-at-origin
1
x-origin-cache-status
MISS
x-powered-by
PHP/7.4.33
x-provided-by
StackCDN
x-via
LHR2
fpr.js
cdn.firstpromoter.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.firstpromoter.com/fpr.js
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-12.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
428fefa036de5a227b40945c94be22b37a89516bc6b8a5c0dd09b88e17fd9ddf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 07:59:20 GMT
content-encoding
gzip
via
1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
last-modified
Mon, 07 Feb 2022 04:29:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
11538
etag
W/"d53f26ce71a7333d477b01f52bdade3e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Tv0hpm7-MZ05szaXp_DNNjKn2o2su_Jtj_9xFyRcNBuJTSypgPDo8A==
jquery-latest.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.min.js
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 11:11:37 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
532397
x-cache
HIT, HIT
content-length
33202
x-served-by
cache-lga21983-LGA, cache-lhr-egll1980065-LHR
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1719400298.880656,VS0,VE0
etag
W/"28feccc0-1762a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
21776, 4014
widget.js
assets.calendly.com/assets/external/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.calendly.com/assets/external/widget.js
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.81 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f80ce7415f7fb5c4bf1d8eed31652b1246241e4e3cef6cbf6c853b9a7e16dde0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 11:11:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 20 Jun 2024 18:49:15 GMT
cf-bgj
minify
server
cloudflare
age
161
etag
W/"ef3bf711963c747494cae07900aacd7c"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=300
cf-ray
899cc1f5bb2088bf-LHR
expires
Thu, 27 Jun 2024 11:11:38 GMT
jquery-1.12.2.min.js
cdn.convertri.com/ 		393 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.convertri.com/jquery-1.12.2.min.js?v=2024-01-09-10-30-55
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.8 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
138-199-36-8.bunnyinfra.net
Software
BunnyCDN-DE1-1048 /
Resource Hash
592e43252d016f384776187b747facf1b631dc566ef55bb22dc511da4c0d0f3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 11:11:38 GMT
content-encoding
br
cdn-edgestorageid
1054
x-amz-request-id
5Q8WKT9Y0T8HKBP7
x-amz-server-side-encryption
AES256
cdn-cachedat
06/25/2024 10:44:28
cdn-pullzone
408079
x-amz-id-2
HGvebH4lu+MvVrrSOhINrQZMwKrgFG5+tHPkm+foCfMjqXYF7p3ClDMrdl2fvPyf4Y7EbCNtwhM=
last-modified
Tue, 25 Jun 2024 10:44:03 GMT
server
BunnyCDN-DE1-1048
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"a16a0a6a2c16739e47632f5cd41c29f8"
vary
Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control
max-age=604800
cdn-requestid
c7954a7c075654c8121ddb36c1cb5182
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
va9B4kDNxMZdWfMOD5VnSKzeRhf_.ttf
fonts.gstatic.com/s/firasans/v17/ 		65 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnSKzeRhf_.ttf
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
e41f1260abb309ddaa289f5605cbb3fc0199d078578953b69660a6b980c50b37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Origin
https://ficatogether.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 14:47:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31856
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 14:47:27 GMT
va9B4kDNxMZdWfMOD5VnLK3eRhf_.ttf
fonts.gstatic.com/s/firasans/v17/ 		65 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf_.ttf
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
d27567ae28c8861ed15cf9da82611f54fd99ad9ac428ad3ab79148ca90918038
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Origin
https://ficatogether.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 05:25:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31979
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Jun 2025 05:25:01 GMT
va9E4kDNxMZdWfMOD5Vvl4jO.ttf
fonts.gstatic.com/s/firasans/v17/ 		60 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jO.ttf
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
29175a622496eabd8794f2562fc9ae48d61fadc46d858816b510c3397d9037e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Origin
https://ficatogether.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 05:25:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30590
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Jun 2025 05:25:01 GMT
xn76YHIn1mWmVKl8ZtAM9NrJfN5GJV4yd88.ttf
fonts.gstatic.com/s/rasa/v22/ 		55 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rasa/v22/xn76YHIn1mWmVKl8ZtAM9NrJfN5GJV4yd88.ttf
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
81d3c82804c539334aaafa239a06b412ac2e45ca3d3d43003dcab4beb18c4593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Origin
https://ficatogether.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 22:27:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30932
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 22:27:04 GMT
xn76YHIn1mWmVKl8ZtAM9NrJfN4YJV4yd88.ttf
fonts.gstatic.com/s/rasa/v22/ 		55 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rasa/v22/xn76YHIn1mWmVKl8ZtAM9NrJfN4YJV4yd88.ttf
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
860b1130a4aa8a03cb31ba9b0a9e2dbfb725298783c1e78b445bfe8c6619a8a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Origin
https://ficatogether.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 23:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30015
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:28:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 23:50:23 GMT
xn76YHIn1mWmVKl8ZtAM9NrJfN6YIl4yd88.ttf
fonts.gstatic.com/s/rasa/v22/ 		55 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rasa/v22/xn76YHIn1mWmVKl8ZtAM9NrJfN6YIl4yd88.ttf
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
794e00b1295a67d358e79d3a7c680a78f37e8d50256d031c3ce1717675b54e78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Origin
https://ficatogether.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 11:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31138
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:29:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Jun 2025 11:11:38 GMT
va9B4kDNxMZdWfMOD5VnPKreRhf_.ttf
fonts.gstatic.com/s/firasans/v17/ 		59 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnPKreRhf_.ttf
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
ccfaf1cc3dcb781ec947a249c28dfecf2bf5bbcef352821e8ec6058c41e9c0df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Origin
https://ficatogether.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 05:26:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30219
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Jun 2025 05:26:08 GMT
Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_ObXbMZhKg.ttf
fonts.gstatic.com/s/josefinsans/v32/ 		27 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/josefinsans/v32/Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_ObXbMZhKg.ttf
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
1861fe06b419cdc33208031b73d7bb93d3f76964402fd2944b3aabbb705c9d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Origin
https://ficatogether.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 22:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16060
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:50:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 22:09:58 GMT
KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v30/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Origin
https://ficatogether.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 11:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20776
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Jun 2025 11:01:35 GMT
tr
t.firstpromoter.com/ 		99 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.firstpromoter.com/tr
Requested by
Host: cdn.firstpromoter.com
URL: https://cdn.firstpromoter.com/fpr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.104.231.58 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-104-231-58.ip.linodeusercontent.com
Software
nginx / cloud66
Resource Hash
c3a95213bf75b92b2c7be6ae604dec3ab3e063fed5a76a52a84b1b1b2a79a95f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ficatogether.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Wed, 26 Jun 2024 11:11:38 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
X-Powered-By
cloud66
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
b83d70fd-6be4-4710-9c74-0717ba6314a1
X-Runtime
0.031710
Server
nginx
ETag
W/"c3a95213bf75b92b2c7be6ae604dec3a"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
X-Frame-Options
SAMEORIGIN
Vary
Origin,Accept-Encoding
cdn.min.css
cdn.convertri.com/ 		67 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.convertri.com/cdn.min.css?v=2024-01-09-10-30-55
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.8 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
138-199-36-8.bunnyinfra.net
Software
BunnyCDN-DE1-1048 /
Resource Hash
4a9e5fa6d886f98d64d71b026e6e5fe57a3c207da288bbb63ee8a19803ec09f6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 11:11:38 GMT
content-encoding
br
cdn-edgestorageid
1055
x-amz-request-id
5Q8H4NB5W084DA45
x-amz-server-side-encryption
AES256
cdn-cachedat
06/25/2024 10:44:28
cdn-pullzone
408079
x-amz-id-2
pa3AUNcIxxqU0u63krHjtwXp1d2sBqxZG00SDTGCCh1ucesMYi9gBw66kGsmfcclJn0yFpLjw7I=
last-modified
Tue, 25 Jun 2024 10:44:08 GMT
server
BunnyCDN-DE1-1048
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"91bf7fad9eda26930ae8c633102e65e0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=604800
cdn-requestid
bbb770ba1f659dd8308392ff65e7a466
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
i
snowplow.convertri.com/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://snowplow.convertri.com/i?stm=1719400298742&e=pv&url=https%3A%2F%2Fficatogether.com%2F%3Fref%3Dkjell76%26fp_sid%3Demail&page=FICA%20Together&tv=js-2.7.0&tna=cvt-cookies-enabled&aid=cvt&p=web&tz=Europe%2FLondon&lang=en-GB&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=ff9a99d3-ffd7-48d3-bf04-d0e6a125bdc6&dtm=1719400298725&vp=1600x1200&ds=1600x6990&vid=1&sid=77dae998-5399-466d-a5a7-b50c3d7f9bd1&duid=c6cbc169-0789-49f4-8522-4b20fc5b6a79&fp=224471102
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.185.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-185-62.compute-1.amazonaws.com
Software
spray-can/1.3.3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 11:11:39 GMT
access-control-allow-credentials
true
content-type
image/gif
server
spray-can/1.3.3
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
champion-health-demo-call
calendly.com/affordacare-insurance/ Frame 927A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://calendly.com/affordacare-insurance/champion-health-demo-call?embed_domain=ficatogether.com&embed_type=Inline&hide_gdpr_banner=1&utm_source=kjell76
Requested by
Host: assets.calendly.com
URL: https://assets.calendly.com/assets/external/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.81 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://ficatogether.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
899cc2015e4223d7-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 26 Jun 2024 11:11:40 GMT
link
<https://assets.calendly.com/assets/booking/css/booking-bafa2983.css>; rel=preload; as=style; nopush
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
ALLOWALL
x-request-id
64194b6fd14882433e9d0992ab0e4b32
x-runtime
0.312115
ensign-banner-1.jpg
convertri.imgix.net/7eedd182-c931-11eb-abef-0697e5ca793e/3aefbaa8f76b067eb8922d3b9e296c353ccb20f1/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://convertri.imgix.net/7eedd182-c931-11eb-abef-0697e5ca793e/3aefbaa8f76b067eb8922d3b9e296c353ccb20f1/ensign-banner-1.jpg?auto=compress,format&fit=clip&w=1600
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.208 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
c1f45a4bc8314d725cdbeccec21258037dd6cecbb92245215834b67995af4e76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 11:11:39 GMT
x-content-type-options
nosniff
age
1305964
x-cache
HIT, HIT, HIT
x-imgix-id
91ca644126aadaa67bacdf82e73db0ff47a8fc8f
cross-origin-resource-policy
cross-origin
content-length
33453
x-served-by
cache-sjc10082-SJC, cache-fra-etou8220085-FRA, cache-lcy-eglc8600058-LCY
last-modified
Tue, 11 Jun 2024 08:25:35 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
timing-allow-origin
*
7eedd182-c931-11eb-abef-0697e5ca793e%2F223b9214c4b23ae23fe0f3615b62daa4e86d19a6%2Foceanpoint%20icon.png
convertri.imgix.net/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://convertri.imgix.net/7eedd182-c931-11eb-abef-0697e5ca793e%2F223b9214c4b23ae23fe0f3615b62daa4e86d19a6%2Foceanpoint%20icon.png?auto=compress,format&fit=scale&w=480&h=480
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.208 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
31d3829a0c398dcc142682bb1aedaefc0e8bcf8f1cebd9da6847b3dbd79da6c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 11:11:39 GMT
x-content-type-options
nosniff
age
753201
x-cache
HIT, HIT, HIT
x-imgix-id
75043fdda8c1c9d0413510f706044b68b48c9bff
cross-origin-resource-policy
cross-origin
content-length
12576
x-served-by
cache-sjc10067-SJC, cache-fra-etou8220124-FRA, cache-lcy-eglc8600058-LCY
last-modified
Mon, 17 Jun 2024 17:58:17 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
timing-allow-origin
*
7eedd182-c931-11eb-abef-0697e5ca793e%2F022315f08e03b0d2d8679310164e52e39d27e145%2Fficatogether%20blue%20white.png
convertri.imgix.net/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://convertri.imgix.net/7eedd182-c931-11eb-abef-0697e5ca793e%2F022315f08e03b0d2d8679310164e52e39d27e145%2Fficatogether%20blue%20white.png?auto=format&fit=scale&w=156&h=79
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.208 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
08b269e08a5fe848cf2a97cb27b16675d663d7a8bba54a8c0fa1b732706fec30
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 11:11:39 GMT
x-content-type-options
nosniff
age
531323
x-cache
HIT, HIT, HIT
x-imgix-id
b49c915277708b01452da8e99daf463023dbc57b
cross-origin-resource-policy
cross-origin
content-length
6338
x-served-by
cache-sjc1000104-SJC, cache-fra-eddf8230067-FRA, cache-lcy-eglc8600058-LCY
last-modified
Thu, 20 Jun 2024 07:36:16 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
timing-allow-origin
*
7eedd182-c931-11eb-abef-0697e5ca793e%2F5a9bcbdf946434fdf004948ee4698d5bc7f98b89%2Fc78463adec0e00342086f13af4b47787_555_80.webp
convertri.imgix.net/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://convertri.imgix.net/7eedd182-c931-11eb-abef-0697e5ca793e%2F5a9bcbdf946434fdf004948ee4698d5bc7f98b89%2Fc78463adec0e00342086f13af4b47787_555_80.webp?auto=compress,format&fit=scale&w=463&h=480
Requested by
Host: ficatogether.com
URL: https://ficatogether.com/?ref=kjell76&fp_sid=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.208 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
bb40c3e6e2d533a2a9e09375c71627df184b00fc820148621896d9def995d62f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 11:11:39 GMT
x-content-type-options
nosniff
age
455898
x-cache
MISS, HIT, HIT
x-imgix-id
5413de6a1fb24b944d24e1bb2832264803fc2525
cross-origin-resource-policy
cross-origin
content-length
9938
x-served-by
cache-sjc1000127-SJC, cache-fra-etou8220108-FRA, cache-lcy-eglc8600058-LCY
last-modified
Fri, 21 Jun 2024 04:33:21 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
timing-allow-origin
*
7eedd182-c931-11eb-abef-0697e5ca793e%2F223b9214c4b23ae23fe0f3615b62daa4e86d19a6%2Foceanpoint%20icon.png
convertri.imgix.net/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://convertri.imgix.net/7eedd182-c931-11eb-abef-0697e5ca793e%2F223b9214c4b23ae23fe0f3615b62daa4e86d19a6%2Foceanpoint%20icon.png?auto=compress%2Cformat&fit=clip&w=48&fm=png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.208 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
aec5249ba68c5b8fa6d29b15ca3871e532fd6e5566a427cdc13cd535f212e37f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 11:11:42 GMT
x-content-type-options
nosniff
age
1448933
x-cache
HIT, HIT, HIT
x-imgix-id
ac5de5626fef2ce5c4149eebae59e4c7794e7988
cross-origin-resource-policy
cross-origin
content-length
1780
x-served-by
cache-sjc1000084-SJC, cache-fra-etou8220126-FRA, cache-lcy-eglc8600058-LCY
last-modified
Sun, 09 Jun 2024 16:42:49 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
timing-allow-origin
*
7eedd182-c931-11eb-abef-0697e5ca793e%2F223b9214c4b23ae23fe0f3615b62daa4e86d19a6%2Foceanpoint%20icon.png
convertri.imgix.net/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://convertri.imgix.net/7eedd182-c931-11eb-abef-0697e5ca793e%2F223b9214c4b23ae23fe0f3615b62daa4e86d19a6%2Foceanpoint%20icon.png?auto=compress%2Cformat&fit=clip&w=32&fm=png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.208 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
bf6484ff17c7e86352c780ece8e215530bbe4e40e519bcd72473e65e0d8a6d19
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ficatogether.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 11:11:42 GMT
x-content-type-options
nosniff
age
1020771
x-cache
HIT, HIT, HIT
x-imgix-id
1d53ec3d375e10f119412cd657c1957d79938fdb
cross-origin-resource-policy
cross-origin
content-length
1241
x-served-by
cache-sjc1000132-SJC, cache-fra-eddf8230048-FRA, cache-lcy-eglc8600058-LCY
last-modified
Fri, 14 Jun 2024 15:38:51 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| documentClassList object| CONVERTRI_CONSTANTS object| convertriParameters object| warningMessages object| submitMessages object| dataLayer object| ConvertriScriptConsent function| fpr function| $ function| jQuery function| getUrlParameter object| FPROM boolean| fprom_loaded object| Calendly string| _cvt_gsi function| needsJQuery function| convertriLoadDeferredStyles function| raf function| manageIframesState object| UrlUtils function| CheckoutValidationErrorRenderer function| AnalyticsUtils function| ClickAnalyticsEventBuilder function| OpenCheckoutAnalyticsEventBuilder function| PurchaseAnalyticsEventBuilder function| PurchaseAnalyticsLegacyEventBuilder function| SubmitFormAnalyticsEventBuilder function| GmtDataLayerTracker function| AnalyticsEvent function| ClickAnalyticsEvent function| OpenCheckoutAnalyticsEvent function| PurchaseAnalyticsLegacyEvent function| PurchaseAnalyticsEvent function| SubmitFormAnalyticsEvent function| convertriCheckoutApiFactory function| convertriFormApiFactory function| convertriCheckoutFormApiFactory function| convertriCheckoutFormValidatorFactory function| jQueryToPromise function| orderDataFactory function| PaypalBasePaymentButton function| PaypalException function| PaypalOneTimePaymentButtonConfigFactory function| PaypalOneTimePaymentButton function| convertToPaypalOrder function| PaypalButtonConfigFactory function| PaypalSubscriptionButtonConfigFactory function| PaypalSubscriptionButton function| ShippingZonesHelper function| StripeElements function| CheckoutModalCustomValidatorFactory function| uniqueSelector function| visibilityChanged function| yall object| ConvertriCheckoutCurrencies object| ConvertriCheckoutEvents object| ConvertriCheckoutModalEvents object| ConvertriProductSelectionModalEvents function| ConvertriAnalytics object| CheckoutCoupons object| ConvertriAbandonedCartHandler object| ConvertriCheckoutController object| formWidgetCartInfo object| BlankFormValidator object| CheckoutHelpers object| PromiseHelpers object| ConvertriCheckoutPaymentDetailsForm object| ConvertriCheckoutModal object| ConvertriPreCheckoutProductSelection object| ConvertriCheckoutModalRenderer object| ConvertriCheckoutModalPreviewRenderer object| MobileDetector object| QueryArgBag function| ViewportResizer object| GlobalSnowplowNamespace function| ConvertriAnalyticsSnowplow function| Cookies object| doT function| ES6Promise object| Snowplow function| UAParser object| fbEventInfo object| fbPixelProxy function| getPresentCoupon function| handleCheckoutResponse object| match object| jQuery1122038544182380519887

7 Cookies

Domain/Path Name / Value
ficatogether.com/ Name: _sp_ses.3f1a
Value: *
ficatogether.com/ Name: _sp_id.3f1a
Value: c6cbc169-0789-49f4-8522-4b20fc5b6a79.1719400299.1.1719400299.1719400299.77dae998-5399-466d-a5a7-b50c3d7f9bd1
.ficatogether.com/ Name: _fprom_ref
Value: kjell76
.ficatogether.com/ Name: _fprom_tid
Value: 466c7a06-e8ba-4bbf-8d43-caa4c7dae4ea
.calendly.com/ Name: __cf_bm
Value: bB_v7BFeA1kvNf8e2UMFgKkoUZy25n88GDcLqt6cxoU-1719400300-1.0.1.1-wD48lwMgkZ4FaG89FYQMvKficTivCTtHww0lNHmYRSyPqA93SXaKs1Y1gqxti3zyjAQ666cjAy0mFe3AAuF2jw
.calendly.com/ Name: _cfuvid
Value: 5OWBWm0_jGUR1UlRvhf5DWe7suW4DWJG8kq82SpSuW0-1719400300807-0.0.1.1-604800000
.calendly.com/ Name: __cfruid
Value: 23b00fd0d869f07968c67cb8c6b2ea4ab7ca43bd-1719400301

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.calendly.com
calendly.com
cdn.convertri.com
cdn.firstpromoter.com
code.jquery.com
convertri.imgix.net
damngood.business
ficatogether.com
fonts.gstatic.com
snowplow.convertri.com
t.firstpromoter.com
13.32.121.12
138.199.36.8
142.250.185.227
151.101.194.208
151.101.2.137
172.104.231.58
172.64.146.81
185.151.30.147
35.240.1.10
54.173.185.62
08b269e08a5fe848cf2a97cb27b16675d663d7a8bba54a8c0fa1b732706fec30
1861fe06b419cdc33208031b73d7bb93d3f76964402fd2944b3aabbb705c9d48
29175a622496eabd8794f2562fc9ae48d61fadc46d858816b510c3397d9037e3
2aadb68fe3f4101b595a23612e13a7bc34048e17b25f4ceb229e628717719a5b
31d3829a0c398dcc142682bb1aedaefc0e8bcf8f1cebd9da6847b3dbd79da6c4
428fefa036de5a227b40945c94be22b37a89516bc6b8a5c0dd09b88e17fd9ddf
4a9e5fa6d886f98d64d71b026e6e5fe57a3c207da288bbb63ee8a19803ec09f6
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
592e43252d016f384776187b747facf1b631dc566ef55bb22dc511da4c0d0f3d
794e00b1295a67d358e79d3a7c680a78f37e8d50256d031c3ce1717675b54e78
81d3c82804c539334aaafa239a06b412ac2e45ca3d3d43003dcab4beb18c4593
860b1130a4aa8a03cb31ba9b0a9e2dbfb725298783c1e78b445bfe8c6619a8a9
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
aec5249ba68c5b8fa6d29b15ca3871e532fd6e5566a427cdc13cd535f212e37f
bb40c3e6e2d533a2a9e09375c71627df184b00fc820148621896d9def995d62f
bf6484ff17c7e86352c780ece8e215530bbe4e40e519bcd72473e65e0d8a6d19
c1f45a4bc8314d725cdbeccec21258037dd6cecbb92245215834b67995af4e76
c3a95213bf75b92b2c7be6ae604dec3ab3e063fed5a76a52a84b1b1b2a79a95f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ccfaf1cc3dcb781ec947a249c28dfecf2bf5bbcef352821e8ec6058c41e9c0df
d27567ae28c8861ed15cf9da82611f54fd99ad9ac428ad3ab79148ca90918038
e41f1260abb309ddaa289f5605cbb3fc0199d078578953b69660a6b980c50b37
f80ce7415f7fb5c4bf1d8eed31652b1246241e4e3cef6cbf6c853b9a7e16dde0