urlscan.io logo urlscan.io
SecurityTrails logo

go.r1rcm.com Open in urlscan Pro
34.237.219.119  Public Scan

Go To Rescan Add Verdict Report
URL: https://go.r1rcm.com/webmail/1009102/516187006/83b9c199db30e0146e9066cfaedae4445cb4753cb1425ee7e0e260cd4ada5c14
Submission: On August 08 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 34.237.219.119, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is go.r1rcm.com.
TLS certificate: Issued by R10 on July 31st 2024. Valid for: 3 months.
This is the only time go.r1rcm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 10 34.237.219.119 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:235... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
13 4
Apex Domain
Subdomains		 Transfer
8 r1rcm.com
go.r1rcm.com
9 KB
7 pardot.com
storage.pardot.com — Cisco Umbrella Rank: 45171
pi.pardot.com — Cisco Umbrella Rank: 12600
46 KB
2 gstatic.com
fonts.gstatic.com
64 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
13 4
Domain Requested by
8 go.r1rcm.com 5 redirects pi.pardot.com
5 storage.pardot.com go.r1rcm.com
2 pi.pardot.com go.r1rcm.com
pi.pardot.com
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com go.r1rcm.com
13 5

This site contains no links.

Subject Issuer Validity Valid
go.r1rcm.com
R10		 2024-07-31 -
2024-10-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-06-05 -
2025-06-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://go.r1rcm.com/webmail/1009102/516187006/83b9c199db30e0146e9066cfaedae4445cb4753cb1425ee7e0e260cd4ada5c14
Frame ID: 067CA63FA4FF48AA7434E9515D514361
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access Your Guide Today: Improve Medicare Advantage Reimbursement

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

62 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

117 kB
Transfer

142 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://go.r1rcm.com/l/1009102/2024-02-13/mhlb/1009102/1707861010TjNEGu7D/blue_r1_banner.png HTTP 302
  • https://storage.pardot.com/1009102/1707861010TjNEGu7D/blue_r1_banner.png
Request Chain 2
  • https://go.r1rcm.com/l/1009102/2024-02-13/mhpt/1009102/1707862573SULQD0jb/divider_lg.png HTTP 302
  • https://storage.pardot.com/1009102/1707862573SULQD0jb/divider_lg.png
Request Chain 3
  • https://go.r1rcm.com/l/1009102/2024-02-08/m9ns/1009102/1707420274mTUm34rD/logo_blue.png HTTP 302
  • https://storage.pardot.com/1009102/1707420274mTUm34rD/logo_blue.png
Request Chain 4
  • https://go.r1rcm.com/l/1009102/2024-02-11/mcrd/1009102/1707669390n6Z8uZjG/footer_divider.png HTTP 302
  • https://storage.pardot.com/1009102/1707669390n6Z8uZjG/footer_divider.png
Request Chain 5
  • https://go.r1rcm.com/l/1009102/2024-02-13/mhlq/1009102/1707861782zhF5D4D7/email_hero_bkg.jpg HTTP 302
  • https://storage.pardot.com/1009102/1707861782zhF5D4D7/email_hero_bkg.jpg

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 83b9c199db30e0146e9066cfaedae4445cb4753cb1425ee7e0e260cd4ada5c14
go.r1rcm.com/webmail/1009102/516187006/ 		25 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.r1rcm.com/webmail/1009102/516187006/83b9c199db30e0146e9066cfaedae4445cb4753cb1425ee7e0e260cd4ada5c14
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
/
Resource Hash
159da603d3234563eac58b3ca8e5ecd1427d88712223f3f209486f2844acb68e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
4544
Content-Type
text/html; charset=utf-8
Date
Thu, 08 Aug 2024 19:13:25 GMT
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
pragma
no-cache
referrer-policy
no-referrer
vary
Accept-Encoding,User-Agent
x-pardot-rsp
0/0/1
x-robots-tag
nofollow, noindex
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Requested by
Host: go.r1rcm.com
URL: https://go.r1rcm.com/webmail/1009102/516187006/83b9c199db30e0146e9066cfaedae4445cb4753cb1425ee7e0e260cd4ada5c14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55371ec8c0e2fe23fcd61a0cc9084cf9387f39e593f775e03279654c7e041861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 08 Aug 2024 19:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 08 Aug 2024 18:02:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Aug 2024 19:13:25 GMT
blue_r1_banner.png
storage.pardot.com/1009102/1707861010TjNEGu7D/
Redirect Chain
  • https://go.r1rcm.com/l/1009102/2024-02-13/mhlb/1009102/1707861010TjNEGu7D/blue_r1_banner.png
  • https://storage.pardot.com/1009102/1707861010TjNEGu7D/blue_r1_banner.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.pardot.com/1009102/1707861010TjNEGu7D/blue_r1_banner.png
Requested by
Host: go.r1rcm.com
URL: https://go.r1rcm.com/webmail/1009102/516187006/83b9c199db30e0146e9066cfaedae4445cb4753cb1425ee7e0e260cd4ada5c14
Protocol
H2
Server
2600:9000:2359:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
178282dff7bd7293bfdb619a9b1e4c0dd3609f1d06980b5ca2520807d13fb9a2

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 18:41:53 GMT
x-amz-version-id
FA2XZryG7C41qzVwzvYWGoRRdjY3_dJV
via
1.1 e53a38d449135904e00f29f17c559950.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
age
1893
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
1288
last-modified
Tue, 13 Feb 2024 21:50:11 GMT
server
AmazonS3
etag
"580d3cf39b708b57d45181eceec1840c"
content-type
image/png; charset=binary
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
xmCI5w2QcaCTxX5b0oyKJAKciUtuGcvRgcIr6NJGsmPIRGGKGBgwtQ==

Redirect headers

Date
Thu, 08 Aug 2024 19:13:25 GMT
content-encoding
gzip
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
vary
Accept-Encoding,User-Agent
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location
https://storage.pardot.com/1009102/1707861010TjNEGu7D/blue_r1_banner.png
Content-Type
text/html; charset=UTF-8
cache-control
max-age=600
Connection
keep-alive
x-robots-tag
none
Content-Length
144
expires
Thu, 08 Aug 2024 19:23:25 GMT
divider_lg.png
storage.pardot.com/1009102/1707862573SULQD0jb/
Redirect Chain
  • https://go.r1rcm.com/l/1009102/2024-02-13/mhpt/1009102/1707862573SULQD0jb/divider_lg.png
  • https://storage.pardot.com/1009102/1707862573SULQD0jb/divider_lg.png
90 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.pardot.com/1009102/1707862573SULQD0jb/divider_lg.png
Requested by
Host: go.r1rcm.com
URL: https://go.r1rcm.com/webmail/1009102/516187006/83b9c199db30e0146e9066cfaedae4445cb4753cb1425ee7e0e260cd4ada5c14
Protocol
H2
Server
2600:9000:2359:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d4a223d7dc69a36032a52688c224dd49547a2033211ff70c716ae0ab88a1dff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 18:41:55 GMT
x-amz-version-id
Bq1aoDMt_6jvjAE7Rbet6oFdBzgA2NEi
via
1.1 e53a38d449135904e00f29f17c559950.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
age
1892
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
90
last-modified
Tue, 13 Feb 2024 22:16:14 GMT
server
AmazonS3
etag
"ed25f09d3d99d3a84258b8026bb9419c"
content-type
image/png; charset=binary
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
sjxTYZsnAvpJPLREG0hGmrWu7wml7s8nPeo8Emzy4lScU9Omp_wnsQ==

Redirect headers

Date
Thu, 08 Aug 2024 19:13:26 GMT
content-encoding
gzip
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
vary
Accept-Encoding,User-Agent
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location
https://storage.pardot.com/1009102/1707862573SULQD0jb/divider_lg.png
Content-Type
text/html; charset=UTF-8
cache-control
max-age=600
Connection
keep-alive
x-robots-tag
none
Content-Length
144
expires
Thu, 08 Aug 2024 19:23:26 GMT
logo_blue.png
storage.pardot.com/1009102/1707420274mTUm34rD/
Redirect Chain
  • https://go.r1rcm.com/l/1009102/2024-02-08/m9ns/1009102/1707420274mTUm34rD/logo_blue.png
  • https://storage.pardot.com/1009102/1707420274mTUm34rD/logo_blue.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.pardot.com/1009102/1707420274mTUm34rD/logo_blue.png
Requested by
Host: go.r1rcm.com
URL: https://go.r1rcm.com/webmail/1009102/516187006/83b9c199db30e0146e9066cfaedae4445cb4753cb1425ee7e0e260cd4ada5c14
Protocol
H2
Server
2600:9000:2359:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd5263101b72d39cdab6b857f75d028daba2999605ea16201f1fda812af54e89

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 18:41:52 GMT
x-amz-version-id
zb1KDsX8.nrQWy_QzXZYucboZHdSBv5q
via
1.1 e53a38d449135904e00f29f17c559950.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
age
1895
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
1200
last-modified
Thu, 08 Feb 2024 19:24:35 GMT
server
AmazonS3
etag
"e831881d8e6f900c2b0b24e4877d511d"
content-type
image/png; charset=binary
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
raqg-ZXCd-WkYdTm7sv5uY4Dp8huWQUDaSua_bJ6Oueu6wp6LL7ULg==

Redirect headers

Date
Thu, 08 Aug 2024 19:13:26 GMT
content-encoding
gzip
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
vary
Accept-Encoding,User-Agent
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location
https://storage.pardot.com/1009102/1707420274mTUm34rD/logo_blue.png
Content-Type
text/html; charset=UTF-8
cache-control
max-age=600
Connection
keep-alive
x-robots-tag
none
Content-Length
138
expires
Thu, 08 Aug 2024 19:23:26 GMT
footer_divider.png
storage.pardot.com/1009102/1707669390n6Z8uZjG/
Redirect Chain
  • https://go.r1rcm.com/l/1009102/2024-02-11/mcrd/1009102/1707669390n6Z8uZjG/footer_divider.png
  • https://storage.pardot.com/1009102/1707669390n6Z8uZjG/footer_divider.png
140 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.pardot.com/1009102/1707669390n6Z8uZjG/footer_divider.png
Requested by
Host: go.r1rcm.com
URL: https://go.r1rcm.com/webmail/1009102/516187006/83b9c199db30e0146e9066cfaedae4445cb4753cb1425ee7e0e260cd4ada5c14
Protocol
H2
Server
2600:9000:2359:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a803d3ad1f658f80eee4bd44f65dfd6f5ff52e6a7033ee18ec2438e841b1b4ac

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 18:41:53 GMT
x-amz-version-id
ZPnnSJSmCai6JLCKpDAgnElCxFejDYUJ
via
1.1 e53a38d449135904e00f29f17c559950.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
age
1894
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
140
last-modified
Sun, 11 Feb 2024 16:36:31 GMT
server
AmazonS3
etag
"4b8e2b58d39c65e83b512754e5c343d0"
content-type
image/png; charset=binary
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
CEezXDv5TAEJTttrShykUm5BNSsCUhbLdSlh1epVkWgkENQvIOkMzw==

Redirect headers

Date
Thu, 08 Aug 2024 19:13:26 GMT
content-encoding
gzip
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
vary
Accept-Encoding,User-Agent
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location
https://storage.pardot.com/1009102/1707669390n6Z8uZjG/footer_divider.png
Content-Type
text/html; charset=UTF-8
cache-control
max-age=600
Connection
keep-alive
x-robots-tag
none
Content-Length
142
expires
Thu, 08 Aug 2024 19:23:26 GMT
email_hero_bkg.jpg
storage.pardot.com/1009102/1707861782zhF5D4D7/
Redirect Chain
  • https://go.r1rcm.com/l/1009102/2024-02-13/mhlq/1009102/1707861782zhF5D4D7/email_hero_bkg.jpg
  • https://storage.pardot.com/1009102/1707861782zhF5D4D7/email_hero_bkg.jpg
36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.pardot.com/1009102/1707861782zhF5D4D7/email_hero_bkg.jpg
Requested by
Host: go.r1rcm.com
URL: https://go.r1rcm.com/webmail/1009102/516187006/83b9c199db30e0146e9066cfaedae4445cb4753cb1425ee7e0e260cd4ada5c14
Protocol
H2
Server
2600:9000:2359:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0c937b7be1366978fcf604d534c12c841e6fe2b9807fb28e691dc279874a30c

Request headers

Referer
https://go.r1rcm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 18:41:54 GMT
x-amz-version-id
uMHywH5SGvhMlBP61DQaQc3LllURaJLs
via
1.1 e53a38d449135904e00f29f17c559950.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
age
1893
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
37002
last-modified
Tue, 13 Feb 2024 22:03:03 GMT
server
AmazonS3
etag
"e9947590dc453641321b60af9df61494"
content-type
image/jpeg; charset=binary
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
hfi1ASYsdBXRADQaqSoNc2h_OwDFP0vl6cPDMKcIWa8HeYb_05ThAg==

Redirect headers

Date
Thu, 08 Aug 2024 19:13:26 GMT
content-encoding
gzip
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
vary
Accept-Encoding,User-Agent
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
location
https://storage.pardot.com/1009102/1707861782zhF5D4D7/email_hero_bkg.jpg
Content-Type
text/html; charset=UTF-8
cache-control
max-age=600
Connection
keep-alive
x-robots-tag
none
Content-Length
144
expires
Thu, 08 Aug 2024 19:23:26 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.r1rcm.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 06:34:54 GMT
x-content-type-options
nosniff
age
131912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 06:34:54 GMT
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.r1rcm.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 15:04:15 GMT
x-content-type-options
nosniff
age
101351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29752
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:05:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 15:04:15 GMT
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: go.r1rcm.com
URL: https://go.r1rcm.com/webmail/1009102/516187006/83b9c199db30e0146e9066cfaedae4445cb4753cb1425ee7e0e260cd4ada5c14
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
/
Resource Hash
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 08 Aug 2024 19:13:27 GMT
content-encoding
gzip
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
last-modified
Thu, 08 Aug 2024 14:36:09 GMT
etag
"15f4-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1988
expires
Sat, 08 Aug 2026 19:13:27 GMT
favicon.ico
go.r1rcm.com/ 		0
359 B 		Other
General
Check archive.org
Download Go to
Full URL
https://go.r1rcm.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 08 Aug 2024 19:13:26 GMT
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
last-modified
Thu, 08 Aug 2024 14:36:08 GMT
etag
"0"
vary
User-Agent
Content-Type
image/vnd.microsoft.icon
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
0
expires
Sat, 08 Aug 2026 19:13:26 GMT
analytics
pi.pardot.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=71917&account_id=1010102&title=Access%20Your%20Guide%20Today%3A%20Improve%20Medicare%20Advantage%20Reimbursement&url=https%3A%2F%2Fgo.r1rcm.com%2Fwebmail%2F1009102%2F516187006%2F83b9c199db30e0146e9066cfaedae4445cb4753cb1425ee7e0e260cd4ada5c14&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
/
Resource Hash
c26c28991440b27d85a85f83b96204edbd0cbd93062ac0ae4dc1e81673140950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 08 Aug 2024 19:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
vary
Accept-Encoding,User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
1441
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics
go.r1rcm.com/ 		50 B
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.r1rcm.com/analytics?conly=true&visitor_id=168025729&visitor_id_sign=331fe03bc80186336f7858e39c90618d703576f4e8151329a476faa38ddadd16b89399696a3538baf70b88891967a9c1a01166be&pi_opt_in=&campaign_id=71917&account_id=1010102&title=Access%20Your%20Guide%20Today:%20Improve%20Medicare%20Advantage%20Reimbursement&url=https://go.r1rcm.com/webmail/1009102/516187006/83b9c199db30e0146e9066cfaedae4445cb4753cb1425ee7e0e260cd4ada5c14&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=71917&account_id=1010102&title=Access%20Your%20Guide%20Today%3A%20Improve%20Medicare%20Advantage%20Reimbursement&url=https%3A%2F%2Fgo.r1rcm.com%2Fwebmail%2F1009102%2F516187006%2F83b9c199db30e0146e9066cfaedae4445cb4753cb1425ee7e0e260cd4ada5c14&referrer=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
/
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 08 Aug 2024 19:13:27 GMT
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
vary
User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
50
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| piAId string| piCId string| piHostname function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi string| property function| piResponse

5 Cookies

Domain/Path Name / Value
.pardot.com/ Name: visitor_id1009102
Value: 168025729
.pardot.com/ Name: visitor_id1009102-hash
Value: 331fe03bc80186336f7858e39c90618d703576f4e8151329a476faa38ddadd16b89399696a3538baf70b88891967a9c1a01166be
pi.pardot.com/ Name: lpv1009102
Value: aHR0cHM6Ly9nby5yMXJjbS5jb20vd2VibWFpbC8xMDA5MTAyLzUxNjE4NzAwNi84M2I5YzE5OWRiMzBlMDE0NmU5MDY2Y2ZhZWRhZTQ0NDVjYjQ3NTNjYjE0MjVlZTdlMGUyNjBjZDRhZGE1YzE0
go.r1rcm.com/ Name: visitor_id1009102
Value: 168025729
go.r1rcm.com/ Name: visitor_id1009102-hash
Value: 331fe03bc80186336f7858e39c90618d703576f4e8151329a476faa38ddadd16b89399696a3538baf70b88891967a9c1a01166be