urlscan.io logo urlscan.io
SecurityTrails logo

plansponsorlink.com Open in urlscan Pro
20.188.72.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~
Effective URL: https://plansponsorlink.com/eps-liu
Submission: On February 01 via manual from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 20.188.72.30, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is plansponsorlink.com. The Cisco Umbrella rank of the primary domain is 322625.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 29th 2022. Valid for: a year.
This is the only time plansponsorlink.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 185.64.213.245 50152 (IMED)
7 20.188.72.30 8075 (MICROSOFT...)
1 52.249.61.193 ()
1 2606:2800:133... ()
20 5
Apex Domain
Subdomains		 Transfer
9 emailprotection.link
url.emailprotection.link — Cisco Umbrella Rank: 90427
399 KB
7 plansponsorlink.com
plansponsorlink.com — Cisco Umbrella Rank: 322625
1 MB
1 msecnd.net
az416426.vo.msecnd.net
1 pensionpro.com
coreapi.pensionpro.com
2 KB
0 google-analytics.com Failed
ssl.google-analytics.com Failed
20 5
Domain Requested by
9 url.emailprotection.link url.emailprotection.link
7 plansponsorlink.com url.emailprotection.link
plansponsorlink.com
1 az416426.vo.msecnd.net plansponsorlink.com
1 coreapi.pensionpro.com plansponsorlink.com
0 ssl.google-analytics.com Failed plansponsorlink.com
20 5

This site contains no links.

Subject Issuer Validity Valid
*.emailprotection.link
GeoTrust RSA CA 2018		 2022-07-27 -
2023-08-27		 a year crt.sh
*.plansponsorlink.com
Go Daddy Secure Certificate Authority - G2		 2022-12-29 -
2024-01-30		 a year crt.sh
*.pensionpro.com
Go Daddy Secure Certificate Authority - G2		 2022-10-30 -
2023-12-01		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://plansponsorlink.com/eps-liu
Frame ID: 39FC826B4570182BC8FEACE44AB34D55
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urq... Page URL
  2. https://plansponsorlink.com/eps-liu Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

90 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1638 kB
Transfer

5092 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~ Page URL
  2. https://plansponsorlink.com/eps-liu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
url.emailprotection.link/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
intermedia.co.uk
Software
nginx /
Resource Hash
753cbd5fdbe58f49141ee5fc725a24dfad6296aa959e1b8499151a3a5185d86a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Feb 2023 18:35:00 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex
new_style.css
url.emailprotection.link/new/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://url.emailprotection.link/new/css/new_style.css
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
intermedia.co.uk
Software
nginx /
Resource Hash
8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 18:35:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Jul 2022 14:18:22 GMT
Server
nginx
ETag
W/"62d025ae-1e80"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
X-Robots-Tag
noindex
new_screenshot.js
url.emailprotection.link/new/js/ 		1 KB
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://url.emailprotection.link/new/js/new_screenshot.js
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
intermedia.co.uk
Software
nginx /
Resource Hash
c92b1aece38d5bae7bfb72e26a5070d5663d40774c7aceb973631025d6e6e592

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 18:35:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Jul 2022 14:18:22 GMT
Server
nginx
ETag
W/"62d025ae-574"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
X-Robots-Tag
noindex
tooltipster.css
url.emailprotection.link/new/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://url.emailprotection.link/new/css/tooltipster.css
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
intermedia.co.uk
Software
nginx /
Resource Hash
ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 18:35:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Jul 2022 14:18:22 GMT
Server
nginx
ETag
W/"62d025ae-2965"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
X-Robots-Tag
noindex
jquery-1.9.1.js
url.emailprotection.link/new/js/libs/ 		142 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://url.emailprotection.link/new/js/libs/jquery-1.9.1.js
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
intermedia.co.uk
Software
nginx /
Resource Hash
6938c77be180b60f67086ac99a2692f9af393675279711f0dad73d541b675964

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 18:35:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Jul 2022 14:18:22 GMT
Server
nginx
ETag
W/"62d025ae-23758"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
X-Robots-Tag
noindex
jquery.tooltipster.min.js
url.emailprotection.link/new/js/libs/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://url.emailprotection.link/new/js/libs/jquery.tooltipster.min.js
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
intermedia.co.uk
Software
nginx /
Resource Hash
e337f687babe708a9f8e6642d7793ee3ed5eb4696cf11e28dd0682a858a591ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 18:35:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Jul 2022 14:18:22 GMT
Server
nginx
ETag
W/"62d025ae-43a9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
X-Robots-Tag
noindex
new_scanning.js
url.emailprotection.link/new/js/ 		947 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://url.emailprotection.link/new/js/new_scanning.js
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
intermedia.co.uk
Software
nginx /
Resource Hash
04ba8897950ca15879762ccae3323b8f0952259461c13c3e90d6d973b213133c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 18:35:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Jul 2022 14:18:22 GMT
Server
nginx
ETag
W/"62d025ae-3b3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
X-Robots-Tag
noindex
scanning_70.gif
url.emailprotection.link/new/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://url.emailprotection.link/new/images/scanning_70.gif
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
intermedia.co.uk
Software
nginx /
Resource Hash
b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://url.emailprotection.link/?bEQAQaO2_VGPFMIfIygqQxQ0D8cZGiRRMTmIBZ5SYcHJsVdLpKTZH-s9ZfPqfMDBGP4cY_h3urqTQg81f1P3aQw~~
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 18:35:00 GMT
Last-Modified
Thu, 14 Jul 2022 14:18:22 GMT
Server
nginx
ETag
"62d025ae-78dd"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
30941
notosans-regular.ttf
url.emailprotection.link/new/fonts/ 		306 KB
306 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://url.emailprotection.link/new/fonts/notosans-regular.ttf
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/new/css/new_style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS
intermedia.co.uk
Software
nginx /
Resource Hash
c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b

Request headers

Referer
https://url.emailprotection.link/new/css/new_style.css
Origin
https://url.emailprotection.link
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 18:35:01 GMT
Last-Modified
Thu, 14 Jul 2022 14:18:22 GMT
Server
nginx
ETag
"62d025ae-4c738"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
313144
Primary Request eps-liu
plansponsorlink.com/ 		37 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plansponsorlink.com/eps-liu
Requested by
Host: url.emailprotection.link
URL: https://url.emailprotection.link/new/js/new_scanning.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.72.30 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
649e501491615cd58748310e11f54a2996b2f72a98efbe67df35fad0d3588759
Security Headers
Name Value
Content-Security-Policy default-src 'self'; upgrade-insecure-requests; connect-src 'self' dc.services.visualstudio.com *.pensionpro.com; style-src 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; style-src-elem 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' appcenter.intuit.com www.googletagmanager.com ajax.googleapis.com cdn.polyfill.io ssl.google-analytics.com cdnjs.cloudflare.com az416426.vo.msecnd.net js.braintreegateway.com; img-src 'self' *.pensionpro.com kendo.cdn.telerik.com data: ssl.google-analytics.com; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com data:; frame-ancestors 'self'; frame-src 'self' player.vimeo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://url.emailprotection.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Length
18201
Content-Security-Policy
default-src 'self'; upgrade-insecure-requests; connect-src 'self' dc.services.visualstudio.com *.pensionpro.com; style-src 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; style-src-elem 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' appcenter.intuit.com www.googletagmanager.com ajax.googleapis.com cdn.polyfill.io ssl.google-analytics.com cdnjs.cloudflare.com az416426.vo.msecnd.net js.braintreegateway.com; img-src 'self' *.pensionpro.com kendo.cdn.telerik.com data: ssl.google-analytics.com; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com data:; frame-ancestors 'self'; frame-src 'self' player.vimeo.com;
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Feb 2023 18:35:03 GMT
Expires
-1
Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
styles.css
plansponsorlink.com/dist/ 		350 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plansponsorlink.com/dist/styles.css?version=1.33.686.0
Requested by
Host: plansponsorlink.com
URL: https://plansponsorlink.com/eps-liu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.72.30 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2a74867b51c3443f803eef7a92d767493a849f1f5550e18ab2921079a46342c6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; upgrade-insecure-requests; connect-src 'self' dc.services.visualstudio.com *.pensionpro.com; style-src 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; style-src-elem 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' appcenter.intuit.com www.googletagmanager.com ajax.googleapis.com cdn.polyfill.io ssl.google-analytics.com cdnjs.cloudflare.com az416426.vo.msecnd.net js.braintreegateway.com; img-src 'self' *.pensionpro.com kendo.cdn.telerik.com data: ssl.google-analytics.com; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com data:; frame-ancestors 'self'; frame-src 'self' player.vimeo.com;
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://plansponsorlink.com/eps-liu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 18:35:04 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 27 Jan 2023 04:17:56 GMT
Content-Security-Policy
default-src 'self'; upgrade-insecure-requests; connect-src 'self' dc.services.visualstudio.com *.pensionpro.com; style-src 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; style-src-elem 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' appcenter.intuit.com www.googletagmanager.com ajax.googleapis.com cdn.polyfill.io ssl.google-analytics.com cdnjs.cloudflare.com az416426.vo.msecnd.net js.braintreegateway.com; img-src 'self' *.pensionpro.com kendo.cdn.telerik.com data: ssl.google-analytics.com; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com data:; frame-ancestors 'self'; frame-src 'self' player.vimeo.com;
ETag
"0b2ea54632d91:0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60442
styles
coreapi.pensionpro.com/firm/785/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coreapi.pensionpro.com/firm/785/styles?v=638108733037292127
Requested by
Host: plansponsorlink.com
URL: https://plansponsorlink.com/eps-liu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.249.61.193 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
69ea10436c7a49640b0a5bedcf9a1b8aa8dc22c04c967f1a58be22a24a4e39b4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; upgrade-insecure-requests; connect-src 'self' dc.services.visualstudio.com *.pensionpro.com vortex.data.microsoft.com; style-src 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; style-src-elem 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data: use.fontawesome.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' appcenter.intuit.com www.googletagmanager.com ajax.googleapis.com cdn.polyfill.io ssl.google-analytics.com cdnjs.cloudflare.com az416426.vo.msecnd.net js.braintreegateway.com use.fontawesome.com; img-src 'self' * data:; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com data: use.fontawesome.com; frame-ancestors 'self' localhost;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://plansponsorlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Feb 2023 18:35:04 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; upgrade-insecure-requests; connect-src 'self' dc.services.visualstudio.com *.pensionpro.com vortex.data.microsoft.com; style-src 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; style-src-elem 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data: use.fontawesome.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' appcenter.intuit.com www.googletagmanager.com ajax.googleapis.com cdn.polyfill.io ssl.google-analytics.com cdnjs.cloudflare.com az416426.vo.msecnd.net js.braintreegateway.com use.fontawesome.com; img-src 'self' * data:; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com data: use.fontawesome.com; frame-ancestors 'self' localhost;
x-site-version
1.0.0.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
X-Frame-Options
deny
Cache-Control
no-cache
Connection
keep-alive
Expires
-1
jquery.min.js
plansponsorlink.com/node_modules/jquery/dist/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plansponsorlink.com/node_modules/jquery/dist/jquery.min.js
Requested by
Host: plansponsorlink.com
URL: https://plansponsorlink.com/eps-liu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.72.30 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
Security Headers
Name Value
Content-Security-Policy default-src 'self'; upgrade-insecure-requests; connect-src 'self' dc.services.visualstudio.com *.pensionpro.com; style-src 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; style-src-elem 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' appcenter.intuit.com www.googletagmanager.com ajax.googleapis.com cdn.polyfill.io ssl.google-analytics.com cdnjs.cloudflare.com az416426.vo.msecnd.net js.braintreegateway.com; img-src 'self' *.pensionpro.com kendo.cdn.telerik.com data: ssl.google-analytics.com; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com data:; frame-ancestors 'self'; frame-src 'self' player.vimeo.com;
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://plansponsorlink.com/eps-liu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 18:35:04 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 27 Jan 2023 04:18:06 GMT
Content-Security-Policy
default-src 'self'; upgrade-insecure-requests; connect-src 'self' dc.services.visualstudio.com *.pensionpro.com; style-src 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; style-src-elem 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' appcenter.intuit.com www.googletagmanager.com ajax.googleapis.com cdn.polyfill.io ssl.google-analytics.com cdnjs.cloudflare.com az416426.vo.msecnd.net js.braintreegateway.com; img-src 'self' *.pensionpro.com kendo.cdn.telerik.com data: ssl.google-analytics.com; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com data:; frame-ancestors 'self'; frame-src 'self' player.vimeo.com;
ETag
"093e05a632d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31148
kendo.all.min.js
plansponsorlink.com/assets/js/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://plansponsorlink.com/assets/js/kendo.all.min.js
Requested by
Host: plansponsorlink.com
URL: https://plansponsorlink.com/eps-liu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.72.30 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; upgrade-insecure-requests; connect-src 'self' dc.services.visualstudio.com *.pensionpro.com; style-src 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; style-src-elem 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' appcenter.intuit.com www.googletagmanager.com ajax.googleapis.com cdn.polyfill.io ssl.google-analytics.com cdnjs.cloudflare.com az416426.vo.msecnd.net js.braintreegateway.com; img-src 'self' *.pensionpro.com kendo.cdn.telerik.com data: ssl.google-analytics.com; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com data:; frame-ancestors 'self'; frame-src 'self' player.vimeo.com;
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://plansponsorlink.com/eps-liu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 18:35:04 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 27 Jan 2023 04:17:08 GMT
Content-Security-Policy
default-src 'self'; upgrade-insecure-requests; connect-src 'self' dc.services.visualstudio.com *.pensionpro.com; style-src 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; style-src-elem 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' appcenter.intuit.com www.googletagmanager.com ajax.googleapis.com cdn.polyfill.io ssl.google-analytics.com cdnjs.cloudflare.com az416426.vo.msecnd.net js.braintreegateway.com; img-src 'self' *.pensionpro.com kendo.cdn.telerik.com data: ssl.google-analytics.com; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com data:; frame-ancestors 'self'; frame-src 'self' player.vimeo.com;
ETag
"07a4e38632d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1146317
scripts.js
plansponsorlink.com/dist/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plansponsorlink.com/dist/scripts.js?version=1.33.686.0
Requested by
Host: plansponsorlink.com
URL: https://plansponsorlink.com/eps-liu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.72.30 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5c60bcc8b21729623618b3704de95db1bdb25605a8fa064bcdf988641864e17e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; upgrade-insecure-requests; connect-src 'self' dc.services.visualstudio.com *.pensionpro.com; style-src 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; style-src-elem 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' appcenter.intuit.com www.googletagmanager.com ajax.googleapis.com cdn.polyfill.io ssl.google-analytics.com cdnjs.cloudflare.com az416426.vo.msecnd.net js.braintreegateway.com; img-src 'self' *.pensionpro.com kendo.cdn.telerik.com data: ssl.google-analytics.com; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com data:; frame-ancestors 'self'; frame-src 'self' player.vimeo.com;
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://plansponsorlink.com/eps-liu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 18:35:04 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 27 Jan 2023 04:17:56 GMT
Content-Security-Policy
default-src 'self'; upgrade-insecure-requests; connect-src 'self' dc.services.visualstudio.com *.pensionpro.com; style-src 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; style-src-elem 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' appcenter.intuit.com www.googletagmanager.com ajax.googleapis.com cdn.polyfill.io ssl.google-analytics.com cdnjs.cloudflare.com az416426.vo.msecnd.net js.braintreegateway.com; img-src 'self' *.pensionpro.com kendo.cdn.telerik.com data: ssl.google-analytics.com; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com data:; frame-ancestors 'self'; frame-src 'self' player.vimeo.com;
ETag
"0b2ea54632d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5238
runtime.js
plansponsorlink.com/dist/ 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://plansponsorlink.com/dist/runtime.js?version=1.33.686.0
Requested by
Host: plansponsorlink.com
URL: https://plansponsorlink.com/eps-liu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.72.30 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; upgrade-insecure-requests; connect-src 'self' dc.services.visualstudio.com *.pensionpro.com; style-src 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; style-src-elem 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' appcenter.intuit.com www.googletagmanager.com ajax.googleapis.com cdn.polyfill.io ssl.google-analytics.com cdnjs.cloudflare.com az416426.vo.msecnd.net js.braintreegateway.com; img-src 'self' *.pensionpro.com kendo.cdn.telerik.com data: ssl.google-analytics.com; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com data:; frame-ancestors 'self'; frame-src 'self' player.vimeo.com;
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://plansponsorlink.com/eps-liu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 18:35:04 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 27 Jan 2023 04:17:56 GMT
Content-Security-Policy
default-src 'self'; upgrade-insecure-requests; connect-src 'self' dc.services.visualstudio.com *.pensionpro.com; style-src 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; style-src-elem 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' appcenter.intuit.com www.googletagmanager.com ajax.googleapis.com cdn.polyfill.io ssl.google-analytics.com cdnjs.cloudflare.com az416426.vo.msecnd.net js.braintreegateway.com; img-src 'self' *.pensionpro.com kendo.cdn.telerik.com data: ssl.google-analytics.com; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com data:; frame-ancestors 'self'; frame-src 'self' player.vimeo.com;
ETag
"0b2ea54632d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1480
polyfills.js
plansponsorlink.com/dist/ 		33 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://plansponsorlink.com/dist/polyfills.js?version=1.33.686.0
Requested by
Host: plansponsorlink.com
URL: https://plansponsorlink.com/eps-liu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.188.72.30 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; upgrade-insecure-requests; connect-src 'self' dc.services.visualstudio.com *.pensionpro.com; style-src 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; style-src-elem 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' appcenter.intuit.com www.googletagmanager.com ajax.googleapis.com cdn.polyfill.io ssl.google-analytics.com cdnjs.cloudflare.com az416426.vo.msecnd.net js.braintreegateway.com; img-src 'self' *.pensionpro.com kendo.cdn.telerik.com data: ssl.google-analytics.com; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com data:; frame-ancestors 'self'; frame-src 'self' player.vimeo.com;
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://plansponsorlink.com/eps-liu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 18:35:04 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 27 Jan 2023 04:17:21 GMT
Content-Security-Policy
default-src 'self'; upgrade-insecure-requests; connect-src 'self' dc.services.visualstudio.com *.pensionpro.com; style-src 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; style-src-elem 'self' 'unsafe-inline' appcenter.intuit.com *.pensionpro.com fonts.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' appcenter.intuit.com www.googletagmanager.com ajax.googleapis.com cdn.polyfill.io ssl.google-analytics.com cdnjs.cloudflare.com az416426.vo.msecnd.net js.braintreegateway.com; img-src 'self' *.pensionpro.com kendo.cdn.telerik.com data: ssl.google-analytics.com; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com data:; frame-ancestors 'self'; frame-src 'self' player.vimeo.com;
ETag
"801ee40632d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11972
main.js
plansponsorlink.com/dist/ 		0
0
ga.js
ssl.google-analytics.com/ 		0
0
truncated
/ 		23 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40cb0c3f6212d6785326627303993b20ff21504fcc6bf87c9706a06f7d42d9c1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: plansponsorlink.com
URL: https://plansponsorlink.com/eps-liu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd -, , ASN (),
Reverse DNS
Software
ECAcc (lha/8D4C) /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://plansponsorlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Feb 2023 18:35:04 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1733
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (lha/8D4C)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a8158689-901e-008b-7c67-36eac9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Wed, 01 Feb 2023 19:05:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
plansponsorlink.com
URL
https://plansponsorlink.com/dist/main.js?version=1.33.686.0
Domain
ssl.google-analytics.com
URL
https://ssl.google-analytics.com/ga.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

0 Cookies