hefwa.site-ym.com Open in urlscan Pro
35.174.132.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
Submission: On July 15 via manual (July 15th 2024, 6:21:02 pm UTC) from US — Scanned from CA

Summary HTTP 47 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 47 HTTP transactions. The main IP is 35.174.132.21, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is hefwa.site-ym.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 23rd 2023. Valid for: a year.

This is the only time hefwa.site-ym.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	35.174.132.21 35.174.132.21	14618 (AMAZON-AES) (AMAZON-AES)
5	18.238.55.68 18.238.55.68	16509 (AMAZON-02) (AMAZON-02)
4	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2607:f8b0:400... 2607:f8b0:4004:c0b::5f	15169 (GOOGLE) (GOOGLE)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.253.122.99 172.253.122.99	15169 (GOOGLE) (GOOGLE)
1	13.249.190.48 13.249.190.48	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
1	35.153.145.98 35.153.145.98	14618 (AMAZON-AES) (AMAZON-AES)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
47	13

16 35.174.132.21 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-132-21.compute-1.amazonaws.com

hefwa.site-ym.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.238.55.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-68.jfk52.r.cloudfront.net

cdn.ymaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c0b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.99 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.190.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-190-48.bos50.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.153.145.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-145-98.compute-1.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	site-ym.com 1 redirects hefwa.site-ym.com	46 KB
11	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 641 fonts.googleapis.com — Cisco Umbrella Rank: 110	168 KB
5	ymaws.com cdn.ymaws.com — Cisco Umbrella Rank: 130350	689 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	13 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	305 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 441	1 KB
2	datadome.co js.datadome.co — Cisco Umbrella Rank: 6926 api-js.datadome.co — Cisco Umbrella Rank: 6331	29 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832	71 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 1453	19 KB
1	google.com www.google.com — Cisco Umbrella Rank: 10	961 B
47	10

	Domain	Requested by
16	hefwa.site-ym.com	1 redirects hefwa.site-ym.com
10	ajax.googleapis.com	hefwa.site-ym.com ajax.googleapis.com
5	cdn.ymaws.com	hefwa.site-ym.com
4	cdnjs.cloudflare.com	hefwa.site-ym.com
2	bam.nr-data.net	hefwa.site-ym.com
2	fonts.gstatic.com	fonts.googleapis.com
2	maxcdn.bootstrapcdn.com	hefwa.site-ym.com maxcdn.bootstrapcdn.com
1	js-agent.newrelic.com	hefwa.site-ym.com
1	api-js.datadome.co	hefwa.site-ym.com
1	www.gstatic.com	hefwa.site-ym.com
1	fonts.googleapis.com	hefwa.site-ym.com
1	js.datadome.co	hefwa.site-ym.com
1	www.google.com	hefwa.site-ym.com
47	13

This site contains links to these domains. Also see Links.

Domain
hefwa.org
ws.yourmembership.com
www.yourmembership.com

Subject Issuer	Validity	Valid
*.site-ym.com Go Daddy Secure Certificate Authority - G2	`2023-10-23` - `2024-11-23`	a year	crt.sh
*.ymaws.com Amazon RSA 2048 M03	`2023-08-28` - `2024-09-24`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.datadome.co Gandi RSA Domain Validation Secure Server CA 3	`2023-10-10` - `2024-11-09`	a year	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
Frame ID: 72A0F035553C268ABF52139A28883E44
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Higher Education Finacial Wellness Alliance

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/yui/|yui\.yahooapis\.com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

47
Requests

96 %
HTTPS

33 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

1342 kB
Transfer

2367 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://hefwa.org/
Title: Home

Search URL Search Domain Scan URL

URL: https://ws.yourmembership.com/Ams/SocialOAuth/facebook?Continue=%2fAms%2fFinalizeLogin%2ffacebook%3fReturnUrl%3dhttps%253a%252f%252fhefwa.site-ym.com%252fsocial%252fconnect.aspx%26ClientID%3d135251%26UseReturnUrl%3dTrue
Title: Login with Facebook

Search URL Search Domain Scan URL

URL: https://ws.yourmembership.com/Ams/SocialOAuth/linkedin?Continue=%2fAms%2fFinalizeLogin%2flinkedin%3fReturnUrl%3dhttps%253a%252f%252fhefwa.site-ym.com%252fsocial%252fconnect.aspx%26ClientID%3d135251%26UseReturnUrl%3dTrue
Title: Login with LinkedIn

Search URL Search Domain Scan URL

URL: http://www.yourmembership.com/
Title: YourMembership

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://hefwa.site-ym.com/graphics/logo.png HTTP 301
https://cdn.ymaws.com/hefwa.site-ym.com/graphics/logo.png

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request default.asp Show response
hefwa.site-ym.com/invoice/ 64 KB
25 KB 572ms
442ms Document
text/html 35.174.132.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-132-21.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

31c1504b2340f414e66ba02f213f60a4a39df88d07fbe4145984608c93ca748f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
cache-control: private
content-encoding: gzip
content-length: 24700
content-security-policy: frame-ancestors 'self'
content-type: text/html; Charset=utf-8
date: Mon, 15 Jul 2024 18:20:54 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-datadome: protected
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
cdn.ymaws.com/global/css/3.4.1/ 119 KB
119 KB 291ms
50ms Stylesheet
text/css 18.238.55.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ymaws.com/global/css/3.4.1/bootstrap.min.css
Requested by: Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-68.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: X4.t.6CDhOjDUD4pKza11SFaNT09xF3g
date: Mon, 15 Jul 2024 18:19:44 GMT
via: 1.1 f52a6d89da5cd85d46c2c4e4af9acf1e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P4
age: 74
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 06 Jun 2023 07:57:51 GMT
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 121457
last-modified: Tue, 25 Jul 2023 10:38:38 GMT
server: AmazonS3
etag: "7f89537eaf606bff49f5cc1a7c24dbca"
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: KnBja7Q7WRtFdN-kj3QGHZRJV16ylJarweKkV4iowEFBZhBAyKtm_Q==

GET
H3 200 jquery.smartmenus.bootstrap.css
cdnjs.cloudflare.com/ajax/libs/jquery.smartmenus/1.0.0/addons/bootstrap/ 4 KB
1 KB 155ms
106ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.smartmenus/1.0.0/addons/bootstrap/jquery.smartmenus.bootstrap.css

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d22af88c0f4aeddf80077218bd5926db794237cd5cae221a1f72810be08db45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 289232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 807
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-e30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H5N63YjCPAbKPEUPiB7jUfDejJqqopC9oM%2BjRw%2FSbnpPkpn4J50utVj4w%2FhEBYnHFncOWyHNo7YcMmT4WqmqChhhBDIT4X%2BwE5m1DoqVcUvjuIzQJcBjnOJLPvv9S9rkmEh71iqj"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a3bc4e73859a253-YYZ
expires: Sat, 05 Jul 2025 18:20:54 GMT

GET
H2 200 combined_v138.css
cdn.ymaws.com/hefwa.site-ym.com/css/20221025/sp/ 106 KB
107 KB 366ms
126ms Stylesheet
text/css 18.238.55.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ymaws.com/hefwa.site-ym.com/css/20221025/sp/combined_v138.css
Requested by: Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-68.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 935e990827ccacaf25cd00a23dc71e0bfc6ac98c2394a1e27d9aa618b2e41c84

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: XEsQfKhyZLqf0m.J0qjjGTPB4tWRAZ4d
date: Mon, 15 Jul 2024 18:20:46 GMT
via: 1.1 f52a6d89da5cd85d46c2c4e4af9acf1e.cloudfront.net (CloudFront)
last-modified: Fri, 22 Mar 2024 13:18:37 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 171
x-amz-server-side-encryption: AES256
etag: "ad157daba4406a3d2a4bdd992ded65bd"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 108619
x-amz-cf-id: F1QfgsWsbsfaEilM0ZRmNbu_MtIiHUS0JBZz2Nan4JrXCGlcDEo5mw==

GET
H2 200 container.css
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/container/assets/skins/sam/ 5 KB
1 KB 224ms
63ms Stylesheet
text/css 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/container/assets/skins/sam/container.css

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

250b8e9beb769ee52e03836896a992927c48c4cead9c8636cb6beb96d3bab335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 10:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1274
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jul 2025 10:53:33 GMT

GET
H2 200 yuimenu.css
hefwa.site-ym.com/global_graphics/skins/MemberCustomPageMenu/ 6 KB
2 KB 44ms
43ms Stylesheet
text/css 35.174.132.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hefwa.site-ym.com/global_graphics/skins/MemberCustomPageMenu/yuimenu.css

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-132-21.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

f2f4aabd6e47cd456d35645974506d9f63515bbc1e71d29b77101f150c280ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Jul 2024 21:21:42 GMT
x-content-type-options: nosniff
etag: "0b7b5ff8ecdda1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1680
x-xss-protection: 1; mode=block

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
7 KB 124ms
47ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 718
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6660636
cdn-cachedat: 10/31/2023 18:49:21
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"0831cba6a670e405168b84aa20798347"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8aca3b89adbdc47329e69ee47ac8e3d7
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8a3bc4e769eaac46-YYZ
cdn-requestpullsuccess: True

GET
H2 200 yahoo-dom-event.js Show response
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/yahoo-dom-event/ 37 KB
13 KB 220ms
64ms Script
text/javascript 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/yahoo-dom-event/yahoo-dom-event.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34e4be92ec5b080fa8861ec31ab78bf63baad3b2242b5975a38de8d2807857aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 10:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13289
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jul 2025 10:48:36 GMT

GET
H2 200 dragdrop-min.js Show response
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/dragdrop/ 23 KB
7 KB 226ms
76ms Script
text/javascript 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/dragdrop/dragdrop-min.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf10b3aa3041ae132b5bf14911d22da15d5559c2d8bfba867705e2ed5660d279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 10:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7014
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jul 2025 10:48:36 GMT

GET
H2 200 container-min.js Show response
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/container/ 75 KB
19 KB 237ms
88ms Script
text/javascript 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/container/container-min.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6510126cd65f46ec42cba4c112d83793aaf10551d79dae6dff8a3e8b62eb891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 10:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19857
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jul 2025 10:48:36 GMT

GET
H2 200 menu-min.js Show response
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/menu/ 57 KB
16 KB 213ms
64ms Script
text/javascript 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/menu/menu-min.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9864e0dd14beece0295cde2f45325b0f511400ea740d1b8c0c62ac710b19e202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 07:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 557503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15938
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 07:29:11 GMT

GET
H2 200 json-min.js Show response
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/json/ 5 KB
2 KB 237ms
88ms Script
text/javascript 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/json/json-min.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c6a26ce3e203ceae1433c8c1618f7c93d695131a53262ff72f8154421fde40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 19:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2238
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 19:17:31 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.3/ 88 KB
31 KB 298ms
151ms Script
text/javascript 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 16:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31191
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jul 2025 16:38:27 GMT

GET
H3 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ 10 KB
4 KB 140ms
107ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 215760
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3550
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aZWgWen4Q3kXpxyVDAtppgYzjrQTCNzoIeFc2aY8mwMX2OPf1fTk2pEzU1WPUSAJiIQdIRxJZWHYvPC2hKJPzX64B2y%2FBZlrknYDAjSmN7Sn1q1srwOV8kNJ4cZ%2FUGAUAh47DKFN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a3bc4e7385ca253-YYZ
expires: Sat, 05 Jul 2025 18:20:54 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/ 249 KB
66 KB 234ms
88ms Script
text/javascript 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 08:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 552934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67865
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 08:22:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 08:45:20 GMT

GET
H2 200 combined.js Show response
cdn.ymaws.com/global/js/20231109/frontend/ 411 KB
412 KB 375ms
151ms Script
application/x-javascript 18.238.55.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ymaws.com/global/js/20231109/frontend/combined.js
Requested by: Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-68.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b8adf9bdb532b2a85a96a99384797f25235c6bc7c5f647a66c42224a8b78808

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Sy7hHMOkt_WCoVBCkdT2PxIO_T9LMXvg
date: Mon, 15 Jul 2024 17:36:45 GMT
via: 1.1 f52a6d89da5cd85d46c2c4e4af9acf1e.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2024 19:40:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 2650
x-amz-server-side-encryption: AES256
etag: "1e9426764c8f13b90e08cc56801668ea"
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 420739
x-amz-cf-id: plslExYw1RvkiZ-5YKp41JLpcUzWivklzzbmNO2wLk60lAMy-_ILgQ==

GET
H2 200 bootstrap.min.js Show response
cdn.ymaws.com/global/js/3.4.1/ 39 KB
39 KB 427ms
203ms Script
application/x-javascript 18.238.55.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ymaws.com/global/js/3.4.1/bootstrap.min.js
Requested by: Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-68.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: zzC8TXVXtHoshBXewIUvQ1rPHy.AU8Js
date: Mon, 15 Jul 2024 17:22:27 GMT
via: 1.1 f52a6d89da5cd85d46c2c4e4af9acf1e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P4
age: 3509
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 06 Jun 2023 07:57:51 GMT
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 39680
last-modified: Tue, 25 Jul 2023 10:39:20 GMT
server: AmazonS3
etag: "2f34b630ffe30ba2ff2b91e3f3c322a1"
content-type: application/x-javascript
accept-ranges: bytes
x-amz-cf-id: EHvXVwIUiH0E1N4dgqzeGEdPrjkQEA5JzkDDjhwvHgo4Ezuog5y9Ag==

GET
H3 200 jquery.smartmenus.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.smartmenus/1.0.0/ 23 KB
7 KB 138ms
107ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.smartmenus/1.0.0/jquery.smartmenus.min.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f77319a0bd5d1f34c0331be9b59168f51afb97c53884b998d554a20e4f6b3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 271249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6108
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-5d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MnoboJD8P%2BftZcZwhb1K3ycT7rtJoRT4%2B8UiHIfphpZQqsNey8tJBFM2u5PT4DleiuPTK3heIEzd34l98PgYaCWvYD3EUCzH91KZLd2pkYMhNXX7J0CzPzUrghezsI6NulPnQ3ZC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a3bc4e7385da253-YYZ
expires: Sat, 05 Jul 2025 18:20:54 GMT

GET
H3 200 jquery.smartmenus.bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.smartmenus/1.0.0/addons/bootstrap/ 2 KB
1 KB 211ms
183ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.smartmenus/1.0.0/addons/bootstrap/jquery.smartmenus.bootstrap.min.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d2d898ab68c7469bb7bcd94baf4da50658fb85da0cfcf58adaf7ac2e93c5f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 359606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 665
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-63a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F0rCzpJmbFCZWAldaYXmHRugnokb9meOBwGuHjI4jyjV3NtIc9zlOjkVEVFlBzz8sk%2B5lt8FdjSAvxcqGqjRjBFjSeHoPsWtYrxTIW15HNjK7%2FDDT3%2F3zuMqiMkzH5JO3YX5ODsA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a3bc4e7385fa253-YYZ
expires: Sat, 05 Jul 2025 18:20:54 GMT

GET
H2 200 AddTableLabels.js Show response
hefwa.site-ym.com/global_inc/site_templates/js/ 2 KB
1 KB 105ms
99ms Script
application/javascript 35.174.132.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hefwa.site-ym.com/global_inc/site_templates/js/AddTableLabels.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-132-21.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

356c0940f6089f957d8cf18f6d56b7bc2cb0ac07cacd378e40c3f9a81447748a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Jul 2024 21:21:44 GMT
x-content-type-options: nosniff
etag: "0e4e608fcdda1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 883
x-xss-protection: 1; mode=block

GET
H2

200

logo.png
cdn.ymaws.com/hefwa.site-ym.com/graphics/
Redirect Chain

https://hefwa.site-ym.com/graphics/logo.png
https://cdn.ymaws.com/hefwa.site-ym.com/graphics/logo.png

12 KB
13 KB

235ms
162ms

Image
image/png

18.238.55.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ymaws.com/hefwa.site-ym.com/graphics/logo.png
Requested by: Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
Protocol: H2
Server: 18.238.55.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-68.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50e4e5a7b749521342ec62a1246bace3553d99667eb405b4f3d42ab8e6b2d0b2

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 8jZxRm6yWKoEXwekIPiT2qLFxvUz.CJH
date: Mon, 15 Jul 2024 18:20:46 GMT
via: 1.1 f52a6d89da5cd85d46c2c4e4af9acf1e.cloudfront.net (CloudFront)
last-modified: Mon, 26 Feb 2024 18:30:09 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 1488
x-amz-server-side-encryption: AES256
etag: "8ab7e7cee6447a2d2748bde7a237f9a3"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 12484
x-amz-cf-id: 7MB8SFjiyj7iHxv8ch_Jalm2V5-fbuaFJ3dA4RUAZPVtObWWuB-aPg==

Redirect headers

date: Mon, 15 Jul 2024 18:20:54 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-powered-by: ASP.NET
content-type: text/html
location: https://cdn.ymaws.com/hefwa.site-ym.com/graphics/logo.png
content-length: 267
x-xss-protection: 1; mode=block

GET
H2 200 jquery-ui-custom.css
hefwa.site-ym.com/global_inc/ 35 KB
8 KB 117ms
116ms Stylesheet
text/css 35.174.132.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hefwa.site-ym.com/global_inc/jquery-ui-custom.css

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-132-21.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

6beb6659ea2b587f50a205663a3532e0ce389bf4fd4bb5c339c25cfc72c8e5c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Jul 2024 21:21:44 GMT
x-content-type-options: nosniff
etag: "0e4e608fcdda1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 7738
x-xss-protection: 1; mode=block

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
961 B 146ms
48ms Script
text/javascript 172.253.122.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f99.1e100.net

Software

GSE /

Resource Hash

2eb28b188c653e41693636cb0279d4040e8e77ffab2dd27f0f474e6d8f0ea202

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 15 Jul 2024 18:20:54 GMT

GET
H2 200 invoice_16x16.png
hefwa.site-ym.com/global_graphics/icons/ 305 B
564 B 53ms
53ms Image
image/png 35.174.132.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hefwa.site-ym.com/global_graphics/icons/invoice_16x16.png

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-132-21.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

38cad8e8a8a8b403943aa0d3b631febacb7804d886833539b671aef058952e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Wed, 03 Jul 2024 21:21:42 GMT
etag: "0b7b5ff8ecdda1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 305
x-xss-protection: 1; mode=block

GET
H2 200 ssl-new.gif
hefwa.site-ym.com/global_graphics/ 1 KB
2 KB 53ms
52ms Image
image/gif 35.174.132.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hefwa.site-ym.com/global_graphics/ssl-new.gif

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-132-21.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

ca9e26c16ab9fb90136acbc25853a9ec528b7aac601edbcaf11d6de34185251f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Wed, 03 Jul 2024 21:21:42 GMT
etag: "0b7b5ff8ecdda1:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 1521
x-xss-protection: 1; mode=block

GET
H2 200 jquery.data.js Show response
hefwa.site-ym.com/global_inc/js/ 2 KB
1 KB 48ms
46ms Script
application/javascript 35.174.132.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hefwa.site-ym.com/global_inc/js/jquery.data.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-132-21.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

32fca7000806e43de3d5c96b46c07099cde770fa5454bec424fe2e02ac05e518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Jul 2024 21:21:44 GMT
x-content-type-options: nosniff
etag: "0e4e608fcdda1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 953
x-xss-protection: 1; mode=block

GET
H2 200 jquery.watermark.min.js Show response
hefwa.site-ym.com/global_inc/js/ 5 KB
3 KB 66ms
65ms Script
application/javascript 35.174.132.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hefwa.site-ym.com/global_inc/js/jquery.watermark.min.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-132-21.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

2de913e61982627c53045c493de9eff20098bec6b874c41673f5f2e8cf318bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Jul 2024 21:21:44 GMT
x-content-type-options: nosniff
etag: "0e4e608fcdda1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2357
x-xss-protection: 1; mode=block

GET
H2 200 facebook-icon.png
hefwa.site-ym.com/global_graphics/ 194 B
453 B 74ms
73ms Image
image/png 35.174.132.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hefwa.site-ym.com/global_graphics/facebook-icon.png

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-132-21.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

305505792bf92b6e8b4c067ae115348d2e8951617bad60943776caed64f3f501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Wed, 03 Jul 2024 21:21:42 GMT
etag: "0b7b5ff8ecdda1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 194
x-xss-protection: 1; mode=block

GET
H2 200 linkedin-icon.png
hefwa.site-ym.com/global_graphics/ 233 B
492 B 42ms
41ms Image
image/png 35.174.132.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hefwa.site-ym.com/global_graphics/linkedin-icon.png

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-132-21.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

e1d1c1d5a990f1f09272afef51a3cbe00c919f2c2c8179a84f906a8f6961cec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Wed, 03 Jul 2024 21:21:42 GMT
etag: "0b7b5ff8ecdda1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 233
x-xss-protection: 1; mode=block

GET
H2 200 securesubmit.png
hefwa.site-ym.com/global_graphics/icons/ 545 B
804 B 55ms
55ms Image
image/png 35.174.132.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hefwa.site-ym.com/global_graphics/icons/securesubmit.png

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-132-21.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

2bc71902d7a0e876114baf32b6a9da1e46a5dc9091d27a810ae5fe46e4885fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Wed, 03 Jul 2024 21:21:42 GMT
etag: "0b7b5ff8ecdda1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 545
x-xss-protection: 1; mode=block

GET
H2 200 pulse.asp Show response
hefwa.site-ym.com/ 0
558 B 58ms
57ms XHR
text/html 35.174.132.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hefwa.site-ym.com/pulse.asp

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-132-21.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VwUEUlVVDhABUVZSBwgCUlUF
Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
tracestate: 1090081@nr=0-1-3333366-1588688486-824b45f4774a2331----1721067654780
traceparent: 00-6255ca024da3f1c9474678df76633eb6-824b45f4774a2331-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzMzMzNjYiLCJhcCI6IjE1ODg2ODg0ODYiLCJpZCI6IjgyNGI0NWY0Nzc0YTIzMzEiLCJ0ciI6IjYyNTVjYTAyNGRhM2YxYzk0NzQ2NzhkZjc2NjMzZWI2IiwidGkiOjE3MjEwNjc2NTQ3ODAsInRrIjoiMTA5MDA4MSJ9fQ==
sec-ch-device-memory: 8

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-datadome: protected
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
x-powered-by: ASP.NET
content-type: text/html
cache-control: private
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 pulse.aspx Show response
hefwa.site-ym.com/ 0
510 B 55ms
54ms XHR
text/html 35.174.132.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hefwa.site-ym.com/pulse.aspx

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-132-21.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VwUEUlVVDhABUVZSBwgCUlUF
Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
tracestate: 1090081@nr=0-1-3333366-1588688486-1be7ba1f0ed9d666----1721067654782
traceparent: 00-3c5cb52e5357ba2b57dc32b4a22d242c-1be7ba1f0ed9d666-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzMzMzNjYiLCJhcCI6IjE1ODg2ODg0ODYiLCJpZCI6IjFiZTdiYTFmMGVkOWQ2NjYiLCJ0ciI6IjNjNWNiNTJlNTM1N2JhMmI1N2RjMzJiNGEyMmQyNDJjIiwidGkiOjE3MjEwNjc2NTQ3ODIsInRrIjoiMTA5MDA4MSJ9fQ==
sec-ch-device-memory: 8

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-datadome: protected
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
cache-control: private
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 51ms
50ms Script
text/javascript 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 12:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jul 2025 12:36:17 GMT

GET
H2 200 tags.js Show response
js.datadome.co/ 156 KB
29 KB 138ms
42ms Script
text/javascript 13.249.190.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.190.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-190-48.bos50.r.cloudfront.net

Software

Apache /

Resource Hash

8cf6a7d8c30bb848a4d109bbd0841a3d7f95dd48a82883e4cb81aae99d353469

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
via: 1.1 2574113324d650faba7c1b899a948b40.cloudfront.net (CloudFront)
date: Mon, 15 Jul 2024 17:48:24 GMT
x-amz-cf-pop: BOS50-C2
age: 1950
x-cache: Hit from cloudfront
content-length: 29034
last-modified: Mon, 15 Jul 2024 13:05:24 GMT
server: Apache
etag: "26f8d-61d48e1dd7485-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: 4uci3VEaUwV9cPNeDPM9NWF99k4o_HBO51JqRz8z_3cKNVBJlCb3YA==
expires: Mon, 15 Jul 2024 18:48:24 GMT

GET
H2 200 sprite.png
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/assets/skins/sam/ 4 KB
4 KB 38ms
36ms Image
image/png 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/assets/skins/sam/sprite.png

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/container/assets/skins/sam/container.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f4fbd79ef5a544eb28ea9472c8ee20d220939a3faed242871568782c1984cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/container/assets/skins/sam/container.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 09:56:38 GMT
x-content-type-options: nosniff
age: 203056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3745
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jul 2025 09:56:38 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
64 KB 121ms
90ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin: https://hefwa.site-ym.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 845
cdn-cachedat: 10/31/2023 18:51:25
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 64464
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5a3a8e2acbabef07ac931f6c3c1741f2
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8a3bc4eb4ba3ab6a-YYZ
cdn-requestpullsuccess: True

GET
H2 200 BreadCrumbService.aspx Show response
hefwa.site-ym.com/global_engine/ajax/ 0
510 B 53ms
52ms XHR
text/html 35.174.132.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hefwa.site-ym.com/global_engine/ajax/BreadCrumbService.aspx?url=%2Finvoice%2Fdefault.asp%3Fid%3DA9768A01-0B5B-4130-8DA5-B6BCAB7F62AB&ref=

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-132-21.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: VwUEUlVVDhABUVZSBwgCUlUF
tracestate: 1090081@nr=0-1-3333366-1588688486-9eb922682d9dcbe0----1721067654907
traceparent: 00-5280ee01750647b1ea596168ae7a84fd-9eb922682d9dcbe0-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzMzMzNjYiLCJhcCI6IjE1ODg2ODg0ODYiLCJpZCI6IjllYjkyMjY4MmQ5ZGNiZTAiLCJ0ciI6IjUyODBlZTAxNzUwNjQ3YjFlYTU5NjE2OGFlN2E4NGZkIiwidGkiOjE3MjEwNjc2NTQ5MDcsInRrIjoiMTA5MDA4MSJ9fQ==
sec-ch-device-memory: 8
Accept: text/html, */*; q=0.01
Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 15 Jul 2024 18:20:54 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-datadome: protected
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
cache-control: private
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 55 KB
2 KB 74ms
61ms Stylesheet
text/css 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,600,400italic,600italic,700,700italic,800,800italic&subset=latin

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jul 2024 18:20:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 18:20:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jul 2024 18:20:55 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-80zvSY9h4i8O-ocN2P5qTJk/ 524 KB
208 KB 343ms
37ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-80zvSY9h4i8O-ocN2P5qTJk/recaptcha__en.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

298bafa05900a3bc3d44e4b7406618e73c3ddec2878fcb761b04f4ee9983b7de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
Origin: https://hefwa.site-ym.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 17:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 212421
x-xss-protection: 0
last-modified: Mon, 08 Jul 2024 19:45:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Jul 2025 17:45:37 GMT

GET
BLOB 200
OK 8b16ab67-1b89-42fb-81fe-c5bde60c0f92
https://hefwa.site-ym.com/ 597 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hefwa.site-ym.com/8b16ab67-1b89-42fb-81fe-c5bde60c0f92
Requested by: Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 597
Content-Type: application/javascript

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 120ms
36ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,600,400italic,600italic,700,700italic,800,800italic&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hefwa.site-ym.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 03:40:22 GMT
x-content-type-options: nosniff
age: 571233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 03:40:22 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
49 KB 168ms
85ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,600,400italic,600italic,700,700italic,800,800italic&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hefwa.site-ym.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 05:30:23 GMT
x-content-type-options: nosniff
age: 478232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50296
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jul 2025 05:30:23 GMT

POST
H2 200 / Show response
api-js.datadome.co/js/ 232 B
410 B 320ms
45ms XHR
application/json 35.153.145.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.153.145.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-145-98.compute-1.amazonaws.com
Software: DataDome /
Resource Hash: 78b134eba8dfe5f8ca24f5c59004ba825dcd262108c967ddc0ff5aa1bb82f242

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 18:20:55 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 232
expires: 0

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
19 KB 141ms
27ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1216.min.js

Requested by

Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: MElzWumrf8lREc3kORDlSWHVtEZAK4m8
content-encoding: br
via: 1.1 varnish
date: Mon, 15 Jul 2024 18:20:55 GMT
strict-transport-security: max-age=300
x-amz-request-id: MNW0B9K8649NEMFE
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 19141
x-amz-id-2: wAtUHIrH4xvU9ijDDlPyrpr21S4m7kpvIYCoPNuHD0jb+3I2/5x+yeJBJ8yFr2fuFJGQ0/5rsHx7WMgclzVlLg==
x-served-by: cache-yul1970038-YUL
last-modified: Wed, 18 Oct 2023 21:31:16 GMT
server: AmazonS3
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 31374

GET
H2 200 favicon.ico
hefwa.site-ym.com/ 198 B
459 B 45ms
45ms Other
image/x-icon 35.174.132.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hefwa.site-ym.com/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.132.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-132-21.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-device-memory: 8

Response headers

date: Mon, 15 Jul 2024 18:20:55 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Wed, 03 Jul 2024 21:21:42 GMT
etag: "0b7b5ff8ecdda1:0"
x-powered-by: ASP.NET
content-type: image/x-icon
accept-ranges: bytes
content-length: 198
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK NRJS-7d472678909500711f3 Show response
bam.nr-data.net/1/ 79 B
697 B 227ms
91ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-7d472678909500711f3?a=1570095414&v=1216.487a282&to=NVFWZUdYC0JTBkFfVwwbYUNcFgxfRApcVV1NUFFXVEwJRRwERkY%3D&rst=2470&ck=1&ref=https://hefwa.site-ym.com/invoice/default.asp&ap=394&be=652&fe=2274&dc=1277&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1721067653533,%22n%22:0,%22f%22:1,%22dn%22:60,%22dne%22:60,%22c%22:60,%22s%22:97,%22ce%22:133,%22rq%22:133,%22rp%22:575,%22rpe%22:608,%22dl%22:583,%22di%22:1278,%22ds%22:1278,%22de%22:1337,%22dc%22:2270,%22l%22:2270,%22le%22:2279%7D,%22navigation%22:%7B%7D%7D&fp=1440&fcp=1440&jsonp=NREUM.setToken
Requested by: Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c909725b0ea7da9994f16e47a4142783410c5aa25cdd7770f85dc61eb8a170c

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 18:20:56 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
access-control-expose-headers: Date
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 8a3bc4f30b03ab5a-YYZ
timing-allow-origin: *

POST
H/1.1 200
OK NRJS-7d472678909500711f3 Show response
bam.nr-data.net/events/1/ 24 B
405 B 95ms
91ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-7d472678909500711f3?a=1570095414&v=1216.487a282&to=NVFWZUdYC0JTBkFfVwwbYUNcFgxfRApcVV1NUFFXVEwJRRwERkY%3D&rst=2722&ck=1&ref=https://hefwa.site-ym.com/invoice/default.asp
Requested by: Host: hefwa.site-ym.com
URL: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://hefwa.site-ym.com/invoice/default.asp?id=A9768A01-0B5B-4130-8DA5-B6BCAB7F62AB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 15 Jul 2024 18:20:56 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://hefwa.site-ym.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 8a3bc4f3abe4ab5a-YYZ
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

277 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hefwa.site-ym.com/	1969-12-31 23:59:59	Name: YmSessionId Value: 1a1629fa-7582-45ff-848f-08aeebe86822
hefwa.site-ym.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDQAAASBRQ Value: MLKGOHKCOBNGMCLBBFMFNOPD
hefwa.site-ym.com/	1969-12-31 23:59:59	Name: PulseOff Value: 0
hefwa.site-ym.com/	1969-12-31 23:59:59	Name: PulseLC Value: 1721067654779
hefwa.site-ym.com/	1969-12-31 23:59:59	Name: PulseLH Value: 1721067654779
hefwa.site-ym.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDQACAQCQQ Value: MBICMAKCHPBIMAHNBGOJKGDG
.site-ym.com/	1970-01-21 06:50:03	Name: datadome Value: VzDKroF3~0G51n2BiJjhsWXhlQMPvsGvuzLzidfshyMsaZv~ujR3lVUOhzDnSlSfuj2~jtTfoKSL0hBWh_CTvvbeOHN5RkZFRl5hxmJ_EGFj9vyDNfpOnS4Z62Yfbega
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: dab95d9f5b8b000c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api-js.datadome.co
bam.nr-data.net
cdn.ymaws.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
hefwa.site-ym.com
js-agent.newrelic.com
js.datadome.co
maxcdn.bootstrapcdn.com
www.google.com
www.gstatic.com
104.17.24.14
104.18.11.207
13.249.190.48
162.247.241.14
172.253.122.99
18.238.55.68
2602:816:5001::39
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c1d::5e
35.153.145.98
35.174.132.21
0c909725b0ea7da9994f16e47a4142783410c5aa25cdd7770f85dc61eb8a170c
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
1b8adf9bdb532b2a85a96a99384797f25235c6bc7c5f647a66c42224a8b78808
250b8e9beb769ee52e03836896a992927c48c4cead9c8636cb6beb96d3bab335
298bafa05900a3bc3d44e4b7406618e73c3ddec2878fcb761b04f4ee9983b7de
2bc71902d7a0e876114baf32b6a9da1e46a5dc9091d27a810ae5fe46e4885fe3
2de913e61982627c53045c493de9eff20098bec6b874c41673f5f2e8cf318bd6
2eb28b188c653e41693636cb0279d4040e8e77ffab2dd27f0f474e6d8f0ea202
305505792bf92b6e8b4c067ae115348d2e8951617bad60943776caed64f3f501
31c1504b2340f414e66ba02f213f60a4a39df88d07fbe4145984608c93ca748f
32fca7000806e43de3d5c96b46c07099cde770fa5454bec424fe2e02ac05e518
34e4be92ec5b080fa8861ec31ab78bf63baad3b2242b5975a38de8d2807857aa
356c0940f6089f957d8cf18f6d56b7bc2cb0ac07cacd378e40c3f9a81447748a
38cad8e8a8a8b403943aa0d3b631febacb7804d886833539b671aef058952e20
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d2d898ab68c7469bb7bcd94baf4da50658fb85da0cfcf58adaf7ac2e93c5f4b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4f77319a0bd5d1f34c0331be9b59168f51afb97c53884b998d554a20e4f6b3a0
50e4e5a7b749521342ec62a1246bace3553d99667eb405b4f3d42ab8e6b2d0b2
53f4fbd79ef5a544eb28ea9472c8ee20d220939a3faed242871568782c1984cf
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
6beb6659ea2b587f50a205663a3532e0ce389bf4fd4bb5c339c25cfc72c8e5c6
6d22af88c0f4aeddf80077218bd5926db794237cd5cae221a1f72810be08db45
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
78b134eba8dfe5f8ca24f5c59004ba825dcd262108c967ddc0ff5aa1bb82f242
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8cf6a7d8c30bb848a4d109bbd0841a3d7f95dd48a82883e4cb81aae99d353469
935e990827ccacaf25cd00a23dc71e0bfc6ac98c2394a1e27d9aa618b2e41c84
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
9864e0dd14beece0295cde2f45325b0f511400ea740d1b8c0c62ac710b19e202
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d
bf10b3aa3041ae132b5bf14911d22da15d5559c2d8bfba867705e2ed5660d279
ca9e26c16ab9fb90136acbc25853a9ec528b7aac601edbcaf11d6de34185251f
e1d1c1d5a990f1f09272afef51a3cbe00c919f2c2c8179a84f906a8f6961cec6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6510126cd65f46ec42cba4c112d83793aaf10551d79dae6dff8a3e8b62eb891
f2f4aabd6e47cd456d35645974506d9f63515bbc1e71d29b77101f150c280ac0
f9c6a26ce3e203ceae1433c8c1618f7c93d695131a53262ff72f8154421fde40

hefwa.site-ym.com Open in urlscan Pro 35.174.132.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

96 %HTTPS

33 %IPv6

10 Domains

13 Subdomains

13 IPs

2 Countries

1342 kBTransfer

2367 kBSize

8 Cookies

4 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hefwa.site-ym.com Open in urlscan Pro
35.174.132.21 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

96 %
HTTPS

33 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

1342 kB
Transfer

2367 kB
Size

8
Cookies

47 HTTP transactions
0 data transactions