www.marcus.com Open in urlscan Pro
104.19.156.86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sailthru.perkspot.com/click/18217599.6924864/aHR0cHM6Ly9lbWFpbC5wZXJrc3BvdC5jb20vZS92My9jbGljay9vZmZlci8xNDAwOTUyLzEwL...
Effective URL:
https://www.marcus.com/us/en/personal-loans/perkspot-offer?prd=pl&chl=ag&schl=PRK&lid=Email&arid=4341625
Submission Tags: falconsandbox
Submission: On November 12 via api (November 12th 2020, 3:34:32 am UTC) from US

Summary HTTP 60 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 18 domains to perform 60 HTTP transactions. The main IP is 104.19.156.86, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.marcus.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 10th 2020. Valid for: a year.

This is the only time www.marcus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.226.166.212 3.226.166.212	14618 (AMAZON-AES) (AMAZON-AES)
2 16	23.96.203.178 23.96.203.178	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	152.199.21.2 152.199.21.2	15133 (EDGECAST) (EDGECAST)
2	2620:1ec:bdf::10 2620:1ec:bdf::10	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.224.93.81 13.224.93.81	16509 (AMAZON-02) (AMAZON-02)
1	99.84.158.177 99.84.158.177	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	13.224.93.93 13.224.93.93	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81e::2008	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
4	75.2.40.13 75.2.40.13	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 2	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	104.18.71.113 104.18.71.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.45.77.86 52.45.77.86	14618 (AMAZON-AES) (AMAZON-AES)
2	51.140.6.23 51.140.6.23	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.19.156.86 104.19.156.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	22

1 3.226.166.212 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-166-212.compute-1.amazonaws.com

sailthru.perkspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 23.96.203.178 (Chicago, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

email.perkspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
evicore.perkspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.21.2 (United States)

ASN15133 (EDGECAST, US)

hello.myfonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::10 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

psprods3ep.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.93.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-81.zrh50.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.158.177 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-158-177.txl52.r.cloudfront.net

cdn.rollbar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.93.93 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-93.zrh50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 75.2.40.13 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.70.113 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

assets.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.71.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.45.77.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.140.6.23 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.51.111 (United States)

ASN13335 (CLOUDFLARENET, US)

perkspot.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.156.86 (United States)

ASN13335 (CLOUDFLARENET, US)

www.marcus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	perkspot.com 3 redirects sailthru.perkspot.com email.perkspot.com evicore.perkspot.com	624 KB
11	zdassets.com static.zdassets.com ekr.zdassets.com	567 KB
4	zendesk.com 1 redirects assets.zendesk.com perkspot.zendesk.com	3 KB
4	sail-personalize.com api.sail-personalize.com	910 B
4	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	42 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	19 KB
3	marcus.com www.marcus.com	402 KB
3	google.de www.google.de	753 B
3	google.com 1 redirects www.google.com	985 B
3	google-analytics.com www.google-analytics.com	20 KB
2	visualstudio.com dc.services.visualstudio.com	236 B
2	azureedge.net psprods3ep.azureedge.net	33 KB
1	googleadservices.com www.googleadservices.com	12 KB
1	msecnd.net az416426.vo.msecnd.net	37 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	rollbar.com cdn.rollbar.com	22 KB
1	sail-horizon.com ak.sail-horizon.com	43 KB
1	myfonts.net hello.myfonts.net	162 B
60	18

	Domain	Requested by
15	evicore.perkspot.com	1 redirects evicore.perkspot.com
10	static.zdassets.com	evicore.perkspot.com assets.zendesk.com static.zdassets.com
4	api.sail-personalize.com	ak.sail-horizon.com
3	www.marcus.com	evicore.perkspot.com www.marcus.com
3	perkspot.zendesk.com	assets.zendesk.com static.zdassets.com
3	heapanalytics.com	evicore.perkspot.com
3	www.google.de	evicore.perkspot.com
3	www.google.com	1 redirects evicore.perkspot.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com evicore.perkspot.com
3	stats.g.doubleclick.net	1 redirects evicore.perkspot.com az416426.vo.msecnd.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	psprods3ep.azureedge.net	evicore.perkspot.com
1	ekr.zdassets.com	assets.zendesk.com
1	assets.zendesk.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	az416426.vo.msecnd.net	evicore.perkspot.com
1	www.googletagmanager.com	evicore.perkspot.com
1	cdn.heapanalytics.com	evicore.perkspot.com
1	cdn.rollbar.com	evicore.perkspot.com
1	ak.sail-horizon.com	evicore.perkspot.com
1	hello.myfonts.net	evicore.perkspot.com
1	email.perkspot.com	1 redirects
1	sailthru.perkspot.com	1 redirects
60	24

This site contains no links.

Subject Issuer	Validity	Valid
*.perkspot.com Go Daddy Secure Certificate Authority - G2	`2020-07-29` - `2021-08-02`	a year	crt.sh
hello.myfonts.net DigiCert SHA2 Secure Server CA	`2019-06-03` - `2021-06-07`	2 years	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 05	`2020-10-22` - `2021-10-17`	a year	crt.sh
ak.sail-horizon.com Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
cdn.rollbar.com Amazon	`2020-06-11` - `2021-07-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2020-09-24` - `2021-10-26`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
api.sail-personalize.com Amazon	`2020-06-30` - `2021-07-30`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
ssl911790.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-10-28` - `2021-05-06`	6 months	crt.sh
heapanalytics.com Amazon	`2020-01-21` - `2021-02-21`	a year	crt.sh
in.applicationinsights.azure.com Microsoft IT TLS CA 4	`2020-04-30` - `2022-04-30`	2 years	crt.sh
perkspot.zendesk.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
www.marcus.com DigiCert SHA2 Extended Validation Server CA	`2020-08-10` - `2021-08-26`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.marcus.com/us/en/personal-loans/perkspot-offer?prd=pl&chl=ag&schl=PRK&lid=Email&arid=4341625
Frame ID: C5937C1CE936FBA8D4A41057B969D33C
Requests: 48 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: 7F3329F9BD5CC20187D98591DF031924
Requests: 3 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.492ded05748ff62832e3.js
Frame ID: B6A41856677348D334CB7F74D49DB160
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://sailthru.perkspot.com/click/18217599.6924864/aHR0cHM6Ly9lbWFpbC5wZXJrc3BvdC5jb20vZS92My9jbGljay9vZ... HTTP 302
https://email.perkspot.com/e/v3/click/offer/1400952/10-08-19-email-marcusbygoldmansachs?email=jcrummey%... HTTP 302
https://evicore.perkspot.com/auth/email?sid=ba79832f-71e5-4a19-b62b-31c3efc56e08&auth=53ac050f1618f287fe0... HTTP 302
https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=we... Page URL
https://www.marcus.com/us/en/personal-loans/perkspot-offer?prd=pl&chl=ag&schl=PRK&lid=Email&arid=43... Page URL

Page Statistics

60
Requests

100 %
HTTPS

36 %
IPv6

18
Domains

24
Subdomains

22
IPs

4
Countries

1929 kB
Transfer

5720 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sailthru.perkspot.com/click/18217599.6924864/aHR0cHM6Ly9lbWFpbC5wZXJrc3BvdC5jb20vZS92My9jbGljay9vZmZlci8xNDAwOTUyLzEwLTA4LTE5LWVtYWlsLW1hcmN1c2J5Z29sZG1hbnNhY2hzP2VtYWlsPWpjcnVtbWV5JTQwY2FyZWNvcmVuYXRpb25hbC5jb20mZW1haWxCbGFzdElkPTE4MjE3NTk5JmVudGl0eUVtYWlsVHlwZUNvZGU9d2Vla2x5Ymxhc3QmdXNlcklkPTQzNDE2MjUmY29tbXVuaXR5aWQ9NzI2JmF1dGg9MGRlNGI3NzRmZTNjMDFhNzI1YWY2OTg4MGZhOGU1NmYmY29tbXVuaXR5bmFtZT1ldmlDb3JlJTIwaGVhbHRoY2FyZQ/567b16eea79328b1198b4598D8edb4ea4 HTTP 302
https://email.perkspot.com/e/v3/click/offer/1400952/10-08-19-email-marcusbygoldmansachs?email=jcrummey%40carecorenational.com&emailBlastId=18217599&entityEmailTypeCode=weeklyblast&userId=4341625&communityid=726&auth=0de4b774fe3c01a725af69880fa8e56f&communityname=eviCore%20healthcare HTTP 302
https://evicore.perkspot.com/auth/email?sid=ba79832f-71e5-4a19-b62b-31c3efc56e08&auth=53ac050f1618f287fe02fb581a305183&redirectUrl=%2foffer%2f1400952%2f10-08-19-email-marcusbygoldmansachs%3futm_medium%3demail%26utm_id%3dweeklyblast&furtherRedirect= HTTP 302
https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast Page URL
https://www.marcus.com/us/en/personal-loans/perkspot-offer?prd=pl&chl=ag&schl=PRK&lid=Email&arid=4341625 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://sailthru.perkspot.com/click/18217599.6924864/aHR0cHM6Ly9lbWFpbC5wZXJrc3BvdC5jb20vZS92My9jbGljay9vZmZlci8xNDAwOTUyLzEwLTA4LTE5LWVtYWlsLW1hcmN1c2J5Z29sZG1hbnNhY2hzP2VtYWlsPWpjcnVtbWV5JTQwY2FyZWNvcmVuYXRpb25hbC5jb20mZW1haWxCbGFzdElkPTE4MjE3NTk5JmVudGl0eUVtYWlsVHlwZUNvZGU9d2Vla2x5Ymxhc3QmdXNlcklkPTQzNDE2MjUmY29tbXVuaXR5aWQ9NzI2JmF1dGg9MGRlNGI3NzRmZTNjMDFhNzI1YWY2OTg4MGZhOGU1NmYmY29tbXVuaXR5bmFtZT1ldmlDb3JlJTIwaGVhbHRoY2FyZQ/567b16eea79328b1198b4598D8edb4ea4 HTTP 302
https://email.perkspot.com/e/v3/click/offer/1400952/10-08-19-email-marcusbygoldmansachs?email=jcrummey%40carecorenational.com&emailBlastId=18217599&entityEmailTypeCode=weeklyblast&userId=4341625&communityid=726&auth=0de4b774fe3c01a725af69880fa8e56f&communityname=eviCore%20healthcare HTTP 302
https://evicore.perkspot.com/auth/email?sid=ba79832f-71e5-4a19-b62b-31c3efc56e08&auth=53ac050f1618f287fe02fb581a305183&redirectUrl=%2foffer%2f1400952%2f10-08-19-email-marcusbygoldmansachs%3futm_medium%3demail%26utm_id%3dweeklyblast&furtherRedirect= HTTP 302
https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Request Chain 28

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=30407577&utmhn=evicore.perkspot.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=You%27re%20on%20your%20way%20to%20saving%20at%20Marcus%20By%20Goldman%20Sachs%C2%AE%20%7C%20Welcome%20to%20Your%20eviCore%20Employee%20Perks%20Program&utmhid=825681666&utmr=-&utmp=%2Foffer%2F1400952%2F10-08-19-email-marcusbygoldmansachs%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&utmht=1605152056006&utmac=UA-652375-6&utmcc=__utma%3D4386151.1756154414.1605152056.1605152056.1605152056.1%3B%2B__utmz%3D4386151.1605152056.1.1.utmcid%3Dweeklyblast%7Cutmccn%3D(not%2520set)%7Cutmcmd%3Demail%3B&utmjid=1342228917&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-652375-6&cid=1756154414.1605152056&jid=1342228917&_v=5.7.2dc&z=30407577 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-652375-6&cid=1756154414.1605152056&jid=1342228917&_v=5.7.2dc&z=30407577&slf_rd=1&random=2518078860

Request Chain 36

https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
https://static.zdassets.com/ekr/asset_composer.js

60 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set 10-08-19-email-marcusbygoldmansachs Show response
evicore.perkspot.com/offer/1400952/
Redirect Chain

https://sailthru.perkspot.com/click/18217599.6924864/aHR0cHM6Ly9lbWFpbC5wZXJrc3BvdC5jb20vZS92My9jbGljay9vZmZlci8xNDAwOTUyLzEwLTA4LTE5LWVtYWlsLW1hcmN1c2J5Z29sZG1hbnNhY2hzP2VtYWlsPWpjcnVtbWV5JTQwY2Fy...
https://email.perkspot.com/e/v3/click/offer/1400952/10-08-19-email-marcusbygoldmansachs?email=jcrummey%40carecorenational.com&emailBlastId=18217599&entityEmailTypeCode=weeklyblast&userId=4341625&co...
https://evicore.perkspot.com/auth/email?sid=ba79832f-71e5-4a19-b62b-31c3efc56e08&auth=53ac050f1618f287fe02fb581a305183&redirectUrl=%2foffer%2f1400952%2f10-08-19-email-marcusbygoldmansachs%3futm_med...
https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

32 KB
12 KB

1036ms
1036ms

Document
text/html

23.96.203.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.203.178 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

7ba336a9da988c3696213523bf238de5d5b044ac2b837171308c77bd898ea1c3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.perkspot.com
X-Content-Security-Policy	frame-ancestors *.perkspot.com
X-Frame-Options	SAMEORIGIN

Request headers

Host: evicore.perkspot.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: sailthru_hid=59be8051f34adff9578b84d58ae543ea567b16eea79328b1198b459872cdee7b63aadc00aa0510956f85b8ba; sailthru_bid=18217599.6924864; TiPMix=14.8707724711256; x-ms-routing-name=self; PerkSpot4=AE399168E1290B81B5ACB561A4F0E8FCCC76EE98CE7B652978C85524F34702C6CFF72F8D3706294D27F66B5549612BFC982E886158EC0532F07AFD4ACDBABF9BCDECC07CAFA86AFA82734AA87D7C2F868D6984B0C2A59BDDECD95AE6A6703328FFAEF2DCD05EBB7CE74F3A0B3DE8E30BEFAF5AB003E1E052D16BE932C0BB3FFDED4092A9EE8AC06914B347D84840DFC1D0A80ADC8C673F3541F01433B472875E8C929C0B5C7CAC213FFA5D42644308B87098BAF1CBBA114E771C2957EA21A1A7; SessionHolder=6511b395-10cf-4392-ae47-dd58065932f7; ps_sid=6511b395-10cf-4392-ae47-dd58065932f7; ARRAffinity=7883d528e2f2fd79a0b584d02a135ee13688e9825dc3f8bbaea9b4d05eb7eb03; ARRAffinitySameSite=7883d528e2f2fd79a0b584d02a135ee13688e9825dc3f8bbaea9b4d05eb7eb03
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private
Content-Length: 11276
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: SessionHolder=6511b395-10cf-4392-ae47-dd58065932f7; expires=Thu, 12-Nov-2020 03:54:14 GMT; path=/; secure; HttpOnly ps_sid=6511b395-10cf-4392-ae47-dd58065932f7; expires=Thu, 12-Nov-2020 03:54:14 GMT; path=/; secure; HttpOnly SessionHolder=6511b395-10cf-4392-ae47-dd58065932f7; expires=Thu, 12-Nov-2020 03:54:14 GMT; path=/; secure; HttpOnly ps_sid=6511b395-10cf-4392-ae47-dd58065932f7; expires=Thu, 12-Nov-2020 03:54:14 GMT; path=/; secure; HttpOnly
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: frame-ancestors *.perkspot.com
Content-Security-Policy: frame-ancestors *.perkspot.com
Date: Thu, 12 Nov 2020 03:34:15 GMT

Redirect headers

Cache-Control: private
Content-Length: 235
Content-Type: text/html; charset=utf-8
Location: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
Set-Cookie: TiPMix=14.8707724711256; path=/; HttpOnly; Domain=evicore.perkspot.com; Max-Age=3600; Secure x-ms-routing-name=self; path=/; HttpOnly; Domain=evicore.perkspot.com; Max-Age=3600; Secure PerkSpot4=AE399168E1290B81B5ACB561A4F0E8FCCC76EE98CE7B652978C85524F34702C6CFF72F8D3706294D27F66B5549612BFC982E886158EC0532F07AFD4ACDBABF9BCDECC07CAFA86AFA82734AA87D7C2F868D6984B0C2A59BDDECD95AE6A6703328FFAEF2DCD05EBB7CE74F3A0B3DE8E30BEFAF5AB003E1E052D16BE932C0BB3FFDED4092A9EE8AC06914B347D84840DFC1D0A80ADC8C673F3541F01433B472875E8C929C0B5C7CAC213FFA5D42644308B87098BAF1CBBA114E771C2957EA21A1A7; domain=perkspot.com; path=/ SessionHolder=6511b395-10cf-4392-ae47-dd58065932f7; expires=Thu, 12-Nov-2020 03:54:13 GMT; path=/; secure; HttpOnly ps_sid=6511b395-10cf-4392-ae47-dd58065932f7; expires=Thu, 12-Nov-2020 03:54:13 GMT; path=/; secure; HttpOnly ARRAffinity=7883d528e2f2fd79a0b584d02a135ee13688e9825dc3f8bbaea9b4d05eb7eb03;Path=/;HttpOnly;Secure;Domain=evicore.perkspot.com ARRAffinitySameSite=7883d528e2f2fd79a0b584d02a135ee13688e9825dc3f8bbaea9b4d05eb7eb03;Path=/;HttpOnly;SameSite=None;Secure;Domain=evicore.perkspot.com
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: frame-ancestors *.perkspot.com
Content-Security-Policy: frame-ancestors *.perkspot.com
Date: Thu, 12 Nov 2020 03:34:13 GMT

GET
H2 200 2b1ecf
hello.myfonts.net/count/ 0
162 B 82ms
23ms Stylesheet
text/css 152.199.21.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/2b1ecf
Requested by: Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8A8E) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:15 GMT
last-modified: Fri, 17 Apr 2020 15:38:14 GMT
server: ECAcc (ama/8A8E)
age: 17583664
etag: "3364556309"
status: 200
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 0
expires: Thu, 12 Nov 2020 03:34:14 GMT

GET
H/1.1 200
OK core
evicore.perkspot.com/Content/css/ 198 KB
54 KB 163ms
162ms Stylesheet
text/css 23.96.203.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://evicore.perkspot.com/Content/css/core?v=20.11.17160.1

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.203.178 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

94c6483dadce933e499cc7f0a7cbd22d2565bbaf160f19086d55bd2e2df69f7b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.perkspot.com
X-Content-Security-Policy	frame-ancestors *.perkspot.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 12 Nov 2020 03:34:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Expires: -1
Cache-Control: no-cache
Content-Security-Policy: frame-ancestors *.perkspot.com
Content-Length: 55078
X-Content-Security-Policy: frame-ancestors *.perkspot.com

GET
H/1.1 200
OK perxcss.css
evicore.perkspot.com/Content/sass/ 468 KB
52 KB 374ms
129ms Stylesheet
text/css 23.96.203.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://evicore.perkspot.com/Content/sass/perxcss.css?v=20.11.17160.1

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.203.178 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

6dc11ffa71a58b4ed12bf0880155a3e1ad635075da99a5a8d863a22fff2aeedc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.perkspot.com
X-Content-Security-Policy	frame-ancestors *.perkspot.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors *.perkspot.com
Content-Encoding: gzip
ETag: "8063454f6ab8d61:0"
Last-Modified: Wed, 11 Nov 2020 20:36:19 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Thu, 12 Nov 2020 03:34:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 52427
X-Content-Security-Policy: frame-ancestors *.perkspot.com

GET
H/1.1 200
OK community-css
evicore.perkspot.com/ 40 KB
8 KB 451ms
176ms Stylesheet
text/css 23.96.203.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://evicore.perkspot.com/community-css

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.203.178 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

6d8b8be980fc843b9d6c23f7cdaee15395e42df438f2fb7e36f0f792d650ef7d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.perkspot.com
X-Content-Security-Policy	frame-ancestors *.perkspot.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors *.perkspot.com
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: private
Date: Thu, 12 Nov 2020 03:34:15 GMT
Content-Disposition: attachment; filename=global.css
Content-Length: 7988
X-Content-Security-Policy: frame-ancestors *.perkspot.com

GET
H/1.1 200
OK insights Show response
evicore.perkspot.com/bundles/ 4 KB
3 KB 494ms
127ms Script
text/javascript 23.96.203.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://evicore.perkspot.com/bundles/insights?v=BYC8KfJNNFadC6mBN8WA9SN_bH3bqkPFtSQg0hXgWI01

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.203.178 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

5efd1cdc9fe57d8ee4c5ee8839c2deb5a4c0a6f0eae362825bf0c94785c01632

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.perkspot.com
X-Content-Security-Policy	frame-ancestors *.perkspot.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 12 Nov 2020 03:34:14 GMT
Content-Encoding: gzip
Vary: User-Agent,Accept-Encoding
Last-Modified: Thu, 12 Nov 2020 03:34:15 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 12 Nov 2021 03:34:15 GMT
Cache-Control: public
Content-Security-Policy: frame-ancestors *.perkspot.com
Content-Length: 2610
X-Content-Security-Policy: frame-ancestors *.perkspot.com

GET
H2 200 logo_726.png
psprods3ep.azureedge.net/cdn.perkspot.com/images/communities/ 14 KB
14 KB 511ms
389ms Image
image/png 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://psprods3ep.azureedge.net/cdn.perkspot.com/images/communities/logo_726.png
Requested by: Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b75e967e2e39ecc9ce5848be574575e65ea14d7cc9f77584803c0e3182c0bf93

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-createdby: not-implemented
date: Thu, 12 Nov 2020 03:34:15 GMT
x-amz-meta-uploader: S3StorageService
x-azure-ref-originshield: 0N62sXwAAAAB81NxnmhCqRKRinZOFXuN9TE9OMjFFREdFMDIxNgA3MDdkMDFjYy1lNDQ0LTQxOWItODc1OS0wOGMyN2U0MmQyNTY=
x-amz-request-id: EC3FE2BD4388D3BE
x-cache: TCP_MISS
status: 200
content-length: 14295
x-amz-id-2: 52kiuDwkxiQbj7UIXkZMcX/ZoO4ZEO//oKjizTjc7TQ47LiNNvlgu9vH6RGElQDB1RMGlwzwpFw=
last-modified: Thu, 03 Dec 2015 16:51:22 GMT
server: AmazonS3
etag: "9044f9cd52056a919d014b63c83f3e6e"
x-azure-ref: 0N62sXwAAAAC3C5Rtc0FwRIVGJRBOwpqtRlJBRURHRTEwMTQANzA3ZDAxY2MtZTQ0NC00MTliLTg3NTktMDhjMjdlNDJkMjU2
content-type: image/png
cache-control: public, max-age=18000
accept-ranges: bytes

GET
H2 200 logo_42179.png
psprods3ep.azureedge.net/cdn.perkspot.com/images/merchants/ 18 KB
19 KB 705ms
583ms Image
image/png 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://psprods3ep.azureedge.net/cdn.perkspot.com/images/merchants/logo_42179.png
Requested by: Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 907511c357b6d55e24b4ec8162a0aaf71d416bfb5cf0c2a655777397e325adef

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-createdby: not-implemented
date: Thu, 12 Nov 2020 03:34:16 GMT
x-amz-meta-uploader: api
x-azure-ref-originshield: 0N62sXwAAAABBYTMRIGjwSpjVoagUoFjjTE9OMjFFREdFMDEwNgA3MDdkMDFjYy1lNDQ0LTQxOWItODc1OS0wOGMyN2U0MmQyNTY=
x-amz-request-id: F77034E3D5B79D7B
x-cache: TCP_MISS
status: 200
content-length: 18914
x-amz-id-2: ZUgwhKLFzL49X6NoO51Xxj+75gdmzcmKZTrHSIlO2j9S632yVhK8b43JVhlvBhJGYXJFz5/kNV8=
last-modified: Wed, 26 Feb 2020 21:20:40 GMT
server: AmazonS3
etag: "4ec346fbe41b6bb6d399620b4f07fed6"
x-azure-ref: 0N62sXwAAAADBnkufEvKhSJuFpd37R+XeRlJBRURHRTEwMTQANzA3ZDAxY2MtZTQ0NC00MTliLTg3NTktMDhjMjdlNDJkMjU2
content-type: image/png
cache-control: public, max-age=172800
accept-ranges: bytes

GET
H/1.1 200
OK jquery Show response
evicore.perkspot.com/bundles/ 823 KB
312 KB 135ms
135ms Script
text/javascript 23.96.203.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://evicore.perkspot.com/bundles/jquery?v=aOwU12IdhBeV4vecsRw13tOiwrsBJ1onmmjdL6xtfUM1

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.203.178 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

a1aeb484e79436d8269c715c514c1a6b66ae4f950ab9d2952d438a2fcab02884

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.perkspot.com
X-Content-Security-Policy	frame-ancestors *.perkspot.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors *.perkspot.com
Content-Encoding: gzip
Vary: User-Agent,Accept-Encoding
Last-Modified: Thu, 12 Nov 2020 03:34:15 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 12 Nov 2021 03:34:15 GMT
Cache-Control: public
Transfer-Encoding: chunked
Date: Thu, 12 Nov 2020 03:34:14 GMT
X-Content-Security-Policy: frame-ancestors *.perkspot.com

GET
H/1.1 200
OK jqueryval Show response
evicore.perkspot.com/bundles/ 40 KB
16 KB 132ms
131ms Script
text/javascript 23.96.203.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://evicore.perkspot.com/bundles/jqueryval?v=YzRBe6gfD164-CLYW2zoB8py-eOZPLHUgoPct44VgDo1

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.203.178 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

40f2d552c0db3ead874ec52bf624d9ec88007d8b659cd7189fecc3ff19d3d248

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.perkspot.com
X-Content-Security-Policy	frame-ancestors *.perkspot.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 12 Nov 2020 03:34:15 GMT
Content-Encoding: gzip
Vary: User-Agent,Accept-Encoding
Last-Modified: Thu, 12 Nov 2020 03:34:15 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 12 Nov 2021 03:34:15 GMT
Cache-Control: public
Content-Security-Policy: frame-ancestors *.perkspot.com
Content-Length: 15663
X-Content-Security-Policy: frame-ancestors *.perkspot.com

GET
H/1.1 200
OK bootstrap Show response
evicore.perkspot.com/bundles/ 41 KB
14 KB 140ms
138ms Script
text/javascript 23.96.203.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://evicore.perkspot.com/bundles/bootstrap?v=7jtbseVPa_P_wxk-ANB0JbEiqz4vMc1fIXNwp0ieQEk1

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.203.178 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

60035f8d3292fc0b3155089baabc76fce2178f8d104ef606e4e31cbe0a2803b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.perkspot.com
X-Content-Security-Policy	frame-ancestors *.perkspot.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 12 Nov 2020 03:34:15 GMT
Content-Encoding: gzip
Vary: User-Agent,Accept-Encoding
Last-Modified: Thu, 12 Nov 2020 03:34:15 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 12 Nov 2021 03:34:15 GMT
Cache-Control: public
Content-Security-Policy: frame-ancestors *.perkspot.com
Content-Length: 14262
X-Content-Security-Policy: frame-ancestors *.perkspot.com

GET
H/1.1 200
OK modernizr Show response
evicore.perkspot.com/bundles/ 11 KB
6 KB 129ms
126ms Script
text/javascript 23.96.203.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://evicore.perkspot.com/bundles/modernizr?v=K-FFpFNtIXPUlQamnX3qHX_A5r7TM2xbAgcuEmpm3O41

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.203.178 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

9f0fab72c8a1fea1df1d6c5d128115031a8c44ccbc7f37e314acee6acb98779b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.perkspot.com
X-Content-Security-Policy	frame-ancestors *.perkspot.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 12 Nov 2020 03:34:15 GMT
Content-Encoding: gzip
Vary: User-Agent,Accept-Encoding
Last-Modified: Thu, 12 Nov 2020 03:34:15 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 12 Nov 2021 03:34:15 GMT
Cache-Control: public
Content-Security-Policy: frame-ancestors *.perkspot.com
Content-Length: 5284
X-Content-Security-Policy: frame-ancestors *.perkspot.com

GET
H/1.1 200
OK perkspot.interstitial Show response
evicore.perkspot.com/bundles/ 285 B
754 B 359ms
131ms Script
text/javascript 23.96.203.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://evicore.perkspot.com/bundles/perkspot.interstitial?v=t7AmW2sLYmtuXd_Ef0RYYqquwW8mSfQBRb6_PPlosA41

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.203.178 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

89c69b70386c8e4a1be1f0dfe4b485807c2ac88bfe195de3a254a855f36d8c0c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.perkspot.com
X-Content-Security-Policy	frame-ancestors *.perkspot.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 12 Nov 2020 03:34:16 GMT
Content-Encoding: gzip
Vary: User-Agent,Accept-Encoding
Last-Modified: Thu, 12 Nov 2020 03:34:16 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 12 Nov 2021 03:34:16 GMT
Cache-Control: public
Content-Security-Policy: frame-ancestors *.perkspot.com
Content-Length: 296
X-Content-Security-Policy: frame-ancestors *.perkspot.com

GET
H/1.1 200
OK addtohomescreen Show response
evicore.perkspot.com/bundles/ 9 KB
4 KB 413ms
129ms Script
text/javascript 23.96.203.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://evicore.perkspot.com/bundles/addtohomescreen?v=dQY7ReEN3P6AvpTV4mVTeWSR8WQitK0nH1fxax2VNoA1

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.203.178 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

65e4d18477e0e194ae2b3848fe053621a40508eeb817ab8c832b8005edd2c6af

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.perkspot.com
X-Content-Security-Policy	frame-ancestors *.perkspot.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 12 Nov 2020 03:34:16 GMT
Content-Encoding: gzip
Vary: User-Agent,Accept-Encoding
Last-Modified: Thu, 12 Nov 2020 03:34:16 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 12 Nov 2021 03:34:16 GMT
Cache-Control: public
Content-Security-Policy: frame-ancestors *.perkspot.com
Content-Length: 3536
X-Content-Security-Policy: frame-ancestors *.perkspot.com

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 120 KB
43 KB 136ms
49ms Script
application/javascript 13.224.93.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-81.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d79a41844504ccb8bd40dcc91e68cd0467e012021852e634567cf0e7b9afba79

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:24:25 GMT
content-encoding: gzip
last-modified: Mon, 21 Sep 2020 17:42:51 GMT
server: AmazonS3
age: 591
etag: "1cc94de012ba79d45eadd015c82acf31"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=600; must-revalidate
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: nOyg4MJoWTKnjPz__HRWFizPft0zA9K7iVSDUTM0oRBGfbmMZXN8ww==
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)

GET
H/1.1 200
OK rollbar.min.js Show response
cdn.rollbar.com/rollbarjs/refs/tags/v2.18.0/ 72 KB
22 KB 599ms
508ms Script
application/javascript 99.84.158.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.18.0/rollbar.min.js
Requested by: Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.158.177 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-158-177.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55f321e4a81f17977a71b1dd2f848c0b10639c8a0ebf64452ccc658fe80e9f7a

Request headers

Origin: https://evicore.perkspot.com
Referer: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 12 Nov 2020 03:34:17 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: TXL52-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Tue, 07 Jul 2020 19:10:26 GMT
Server: AmazonS3
ETag: W/"b4eb6c864526098f8ea9da4024246fdb"
Vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 a3dc4a768d48247641f8ad7f08326d38.cloudfront.net (CloudFront)
Cache-Control: max-age=30672000,public
X-Amz-Cf-Id: akLF2mqPQRNtGn4dR81X1FDSHQjTUk7T-tsBC5ajF8fCC29dy5DE4Q==

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 122ms
33ms Script
text/javascript 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 571
date: Thu, 12 Nov 2020 03:24:44 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Thu, 12 Nov 2020 05:24:44 GMT

GET
H2 200 heap-1214792821.js Show response
cdn.heapanalytics.com/js/ 105 KB
41 KB 130ms
47ms Script
application/javascript 13.224.93.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/heap-1214792821.js
Requested by: Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-93.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: d1866c162d81d89e48ae09ab05b1ef3d79133a6c83de088e5121fbae1aea04f4

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:32:59 GMT
content-encoding: gzip
server: nginx
age: 76
etag: W/"1a39b-vFSZE9UfBjzNtSLEw6U50A"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=120
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: Y4dR3HbcSuhkLM6EH1VqXqCf_xysze5G0j5S_ZAI2oSyXpCLq61TDw==
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 85 KB
33 KB 28ms
25ms Script
application/javascript 2a00:1450:4001:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-578DK6

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d1719c78f1345c8a53e6a96587f55fef0ceae022324f949b2f098ed3f4623bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:15 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33668
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 12 Nov 2020 03:34:15 GMT

GET
H/1.1 200
OK 35A1AD_0_0.woff2
evicore.perkspot.com/Content/fonts/ 28 KB
28 KB 210ms
123ms Font
font/woff2 23.96.203.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://evicore.perkspot.com/Content/fonts/35A1AD_0_0.woff2

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/Content/sass/perxcss.css?v=20.11.17160.1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.203.178 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

42ae1eb8cc55b4e2382e02323c96a40e80432d3e810bce85f10c75ddacbd2e2b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.perkspot.com
X-Content-Security-Policy	frame-ancestors *.perkspot.com
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://evicore.perkspot.com
Referer: https://evicore.perkspot.com/Content/sass/perxcss.css?v=20.11.17160.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors *.perkspot.com
Last-Modified: Wed, 11 Nov 2020 20:36:18 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "9b2974f6ab8d61:0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Date: Thu, 12 Nov 2020 03:34:15 GMT
Accept-Ranges: bytes
Content-Length: 28718
X-Content-Security-Policy: frame-ancestors *.perkspot.com

GET
H/1.1 200
OK fontawesome-webfont.woff2
evicore.perkspot.com/Content/fonts/ 69 KB
69 KB 250ms
128ms Font
font/woff2 23.96.203.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://evicore.perkspot.com/Content/fonts/fontawesome-webfont.woff2?v=4.6.1

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/Content/css/core?v=20.11.17160.1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.203.178 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.perkspot.com
X-Content-Security-Policy	frame-ancestors *.perkspot.com
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://evicore.perkspot.com
Referer: https://evicore.perkspot.com/Content/css/core?v=20.11.17160.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors *.perkspot.com
Last-Modified: Wed, 11 Nov 2020 20:36:18 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "5465224f6ab8d61:0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Date: Thu, 12 Nov 2020 03:34:15 GMT
Accept-Ranges: bytes
Content-Length: 70728
X-Content-Security-Policy: frame-ancestors *.perkspot.com

GET
H/1.1 200
OK 35A1AD_3_0.woff2
evicore.perkspot.com/Content/fonts/ 41 KB
41 KB 262ms
126ms Font
font/woff2 23.96.203.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://evicore.perkspot.com/Content/fonts/35A1AD_3_0.woff2

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/Content/sass/perxcss.css?v=20.11.17160.1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.203.178 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

255733aa26ecbe1a2608fc086d6b510fafce3647ad1ddf22392c390a1306e640

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.perkspot.com
X-Content-Security-Policy	frame-ancestors *.perkspot.com
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://evicore.perkspot.com
Referer: https://evicore.perkspot.com/Content/sass/perxcss.css?v=20.11.17160.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors *.perkspot.com
Last-Modified: Wed, 11 Nov 2020 20:36:18 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "68fd244f6ab8d61:0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Date: Thu, 12 Nov 2020 03:34:15 GMT
Accept-Ranges: bytes
Content-Length: 42010
X-Content-Security-Policy: frame-ancestors *.perkspot.com

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ 124 KB
37 KB 30ms
7ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/bundles/insights?v=BYC8KfJNNFadC6mBN8WA9SN_bH3bqkPFtSQg0hXgWI01
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F5B) /
Resource Hash: 9dbbe78a9fe127367c7859fe6c87cb7728a134047bb9e56bd7c180408110bfda

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 12 Nov 2020 03:34:15 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-12 17:27:04
content-md5: D4iMWmgUjs++kp3KwoO+kA==
age: 163
x-cache: HIT
status: 200
x-ms-meta-aijssdksrc: [scripts]/b/ai.2.5.9.min.js
content-length: 37648
x-ms-lease-status: unlocked
last-modified: Fri, 23 Oct 2020 22:15:24 GMT
server: ECAcc (frc/8F5B)
x-ms-meta-aijssdkver: 2.5.9
etag: 0x8D877A123F6C85D
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 60ca9b1e-c01e-006e-41a4-b8c249000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable
x-ms-version: 2009-09-19
expires: Thu, 12 Nov 2020 04:04:15 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 103ms
40ms Script
text/javascript 172.217.16.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-578DK6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s11-in-f162.1e100.net

Software

cafe /

Resource Hash

30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11761
x-xss-protection: 0
server: cafe
etag: 8854462785499610041
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 12 Nov 2020 03:34:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-578DK6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6290
date: Thu, 12 Nov 2020 01:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 12 Nov 2020 03:49:25 GMT

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 289 B
455 B 142ms
141ms Fetch
application/json 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=utm_medium%3Demail&page=utm_id%3Dweeklyblast&messageId=18217599.6924864&userIdKey=hid&userIdValue=59be8051f34adff9578b84d58ae543ea567b16eea79328b1198b459872cdee7b63aadc00aa0510956f85b8ba
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: 7558462ab5ef574d3ea7bd23a4781f723a1738175eccc98e58d6362b01a7b2b6

Request headers

accept: application/json
Referer: https://evicore.perkspot.com/
x-lib-version: v1.0.1
authorization: Bearer 294681006d1c69c4a7d06d0165dc3500
x-referring-url: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 12 Nov 2020 03:34:16 GMT
content-encoding: gzip
allowedorigins: *
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 196
allowedmethods: GET,OPTIONS

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 306ms
108ms Other
text/plain 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=utm_medium%3Demail&page=utm_id%3Dweeklyblast&messageId=18217599.6924864&userIdKey=hid&userIdValue=59be8051f34adff9578b84d58ae543ea567b16eea79328b1198b459872cdee7b63aadc00aa0510956f85b8ba
Protocol: H2
Server: 75.2.40.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Origin: https://evicore.perkspot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Thu, 12 Nov 2020 03:34:16 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: https://evicore.perkspot.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow: HEAD,GET,OPTIONS

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 925
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 12 Nov 2020 04:18:51 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=30407577&utmhn=evicore.perkspot.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-652375-6&cid=1756154414.1605152056&jid=1342228917&_v=5.7.2dc&z=30407577
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-652375-6&cid=1756154414.1605152056&jid=1342228917&_v=5.7.2dc&z=30407577&slf_rd=1&random=2518078860

42 B
494 B

37ms
17ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-652375-6&cid=1756154414.1605152056&jid=1342228917&_v=5.7.2dc&z=30407577&slf_rd=1&random=2518078860

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 03:34:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Nov 2020 03:34:16 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-652375-6&cid=1756154414.1605152056&jid=1342228917&_v=5.7.2dc&z=30407577&slf_rd=1&random=2518078860
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
109 B 23ms
16ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-652375-6&cid=1756154414.1605152056&jid=1855653388&uid=4341625&gjid=1404434889&_gid=1488320483.1605152056&_u=aGBCgAAjAAAAAE~&z=1671055293

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 12 Nov 2020 03:34:16 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://evicore.perkspot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
190 B 6ms
6ms Image
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=825681666&t=pageview&_s=1&dl=https%3A%2F%2Fevicore.perkspot.com%2Foffer%2F1400952%2F10-08-19-email-marcusbygoldmansachs%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&ul=en-us&de=UTF-8&dt=You%27re%20on%20your%20way%20to%20saving%20at%20Marcus%20By%20Goldman%20Sachs%C2%AE%20%7C%20Welcome%20to%20Your%20eviCore%20Employee%20Perks%20Program&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=4386151.1756154414.1605152056.1605152056.1605152056.1&_utmz=4386151.1605152056.1.1.utmcid%3Dweeklyblast%7Cutmccn%3D(not%2520set)%7Cutmcmd%3Demail&_utmht=1605152056029&_u=aGBCgAAj~&jid=1855653388&gjid=1404434889&cid=1756154414.1605152056&uid=4341625&tid=UA-652375-6&_gid=1488320483.1605152056&gtm=2wgas1578DK6&z=1110486359

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 22:35:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17932
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/978685899/ 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/978685899/?random=1605152056043&cv=9&fst=1605152056043&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgas1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fevicore.perkspot.com%2Foffer%2F1400952%2F10-08-19-email-marcusbygoldmansachs%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&tiba=You%27re%20on%20your%20way%20to%20saving%20at%20Marcus%20By%20Goldman%20Sachs%C2%AE%20%7C%20Welcome%20to%20Your%20eviCore%20Employee%20Perks%20Program&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b28c55dc3a54af31aa02d3bf288d8f399f210fefba8c4c12ced5878dba8b59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1142
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
504 B 46ms
31ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-652375-6&cid=1756154414.1605152056&jid=1855653388&_u=aGBCgAAjAAAAAE~&z=37555556

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 03:34:16 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 38ms
18ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-652375-6&cid=1756154414.1605152056&jid=1855653388&_u=aGBCgAAjAAAAAE~&z=37555556

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 03:34:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/978685899/ 42 B
112 B 47ms
34ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/978685899/?random=1605152056043&cv=9&fst=1605150000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgas1&sendb=1&frm=0&url=https%3A%2F%2Fevicore.perkspot.com%2Foffer%2F1400952%2F10-08-19-email-marcusbygoldmansachs%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&tiba=You%27re%20on%20your%20way%20to%20saving%20at%20Marcus%20By%20Goldman%20Sachs%C2%AE%20%7C%20Welcome%20to%20Your%20eviCore%20Employee%20Perks%20Program&async=1&fmt=3&is_vtc=1&random=550506650&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 03:34:16 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/978685899/ 42 B
153 B 39ms
21ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/978685899/?random=1605152056043&cv=9&fst=1605150000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgas1&sendb=1&frm=0&url=https%3A%2F%2Fevicore.perkspot.com%2Foffer%2F1400952%2F10-08-19-email-marcusbygoldmansachs%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&tiba=You%27re%20on%20your%20way%20to%20saving%20at%20Marcus%20By%20Goldman%20Sachs%C2%AE%20%7C%20Welcome%20to%20Your%20eviCore%20Employee%20Perks%20Program&async=1&fmt=3&is_vtc=1&random=550506650&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 03:34:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/ Frame 7F33
Redirect Chain

https://assets.zendesk.com/embeddable_framework/main.js
https://static.zdassets.com/ekr/asset_composer.js

24 KB
7 KB

73ms
31ms

Script
application/javascript

104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: AB5DCC73C9BAE01D
x-amz-id-2: sCu/3Ah7Sx0cL3Bgowt8dOoiK1pN4X9TuZcQ7NwEelg1lGzzh9DXf84BDUZy24Hm/4onAdZSRD4=
last-modified: Tue, 10 Mar 2020 23:13:51 GMT
server: cloudflare
etag: W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: sY6Zq5SXmxNkbgD1V_h8h9T.ZhWYQwC3
cf-request-id: 065c1dbc1b0000fa24ee022000000001
cf-ray: 5f0d32402c59fa24-AMS

Redirect headers

date: Thu, 12 Nov 2020 03:34:16 GMT
server: cloudflare
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://static.zdassets.com/ekr/asset_composer.js
cache-control: max-age=3600
strict-transport-security: max-age=0
cf-ray: 5f0d323fc80c1e91-AMS
cf-request-id: 065c1dbbd900001e9163888000000001
expires: Thu, 12 Nov 2020 04:34:16 GMT

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 108ms
108ms Other
text/plain 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=2&isMobile=0&page=utm_medium%3Demail&page=utm_id%3Dweeklyblast&messageId=18217599.6924864&userIdKey=hid&userIdValue=59be8051f34adff9578b84d58ae543ea567b16eea79328b1198b459872cdee7b63aadc00aa0510956f85b8ba
Protocol: H2
Server: 75.2.40.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Origin: https://evicore.perkspot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Thu, 12 Nov 2020 03:34:16 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: https://evicore.perkspot.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow: HEAD,GET,OPTIONS

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 288 B
455 B 123ms
122ms Fetch
application/json 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=2&isMobile=0&page=utm_medium%3Demail&page=utm_id%3Dweeklyblast&messageId=18217599.6924864&userIdKey=hid&userIdValue=59be8051f34adff9578b84d58ae543ea567b16eea79328b1198b459872cdee7b63aadc00aa0510956f85b8ba
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: ba800dde5ad1ce0022f16a2e3ffcb1e6b249bd459bc21d3291513f4f81df6767

Request headers

accept: application/json
Referer: https://evicore.perkspot.com/
x-lib-version: v1.0.1
authorization: Bearer 294681006d1c69c4a7d06d0165dc3500
x-referring-url: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 12 Nov 2020 03:34:16 GMT
content-encoding: gzip
allowedorigins: *
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 196
allowedmethods: GET,OPTIONS

GET
H2 200 h
heapanalytics.com/ 37 B
212 B 321ms
104ms Image
image/gif 52.45.77.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heapanalytics.com/h?a=1214792821&u=4921173943697959&v=6363050918142589&s=717023571437574&b=web&tv=4.0&z=0&h=%2Foffer%2F1400952%2F10-08-19-email-marcusbygoldmansachs&q=%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&d=evicore.perkspot.com&t=You%27re%20on%20your%20way%20to%20saving%20at%20Marcus%20By%20Goldman%20Sachs%C2%AE%20%7C%20Welcome%20to%20Your%20eviCore%20Employee%20Perks%20Program&um=email&k=CommunityId&k=726&k=StatusId&k=2&ts=1605152056280&st=1605152056281
Requested by: Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.77.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 03:34:16 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 identify_v3
heapanalytics.com/api/ 37 B
213 B 319ms
103ms Image
image/gif 52.45.77.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heapanalytics.com/api/identify_v3?a=1214792821&u=4921173943697959&v=6363050918142589&s=717023571437574&i=4341625&b=web&tv=4.0&z=0&st=1605152056283
Requested by: Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.77.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 03:34:16 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 add_user_properties_v3
heapanalytics.com/api/ 37 B
212 B 322ms
106ms Image
image/gif 52.45.77.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heapanalytics.com/api/add_user_properties_v3?a=1214792821&u=4921173943697959&v=6363050918142589&s=717023571437574&i=4341625&b=web&tv=4.0&_CommunityId=726&_StatusId=2&st=1605152056283
Requested by: Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.77.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 03:34:16 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 perkspot.zendesk.com Show response
ekr.zdassets.com/compose/web_widget/ Frame 7F33 900 B
854 B 233ms
190ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/web_widget/perkspot.zendesk.com

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b94727d40a7e70af765712fac57b4ce13e834d6d88dde210920360a6b101686c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:16 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: MISS
status: 200, 200 OK
strict-transport-security: max-age=0
cf-request-id: 065c1dbc6a0000fa50d1aeb000000001
x-request-id: 858e084a-0919-4ecd-b6a4-78aea419cc69
x-runtime: 0.003175
server: cloudflare
etag: W/"b94727d40a7e70af765712fac57b4ce1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 5f0d3240ae02fa50-AMS

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 100ms
34ms Other 51.140.6.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://evicore.perkspot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Thu, 12 Nov 2020 03:34:16 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
236 B 487ms
486ms XHR
application/json 51.140.6.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e35f30a29d1359038a5b8e999a714cda8270aa4140a9c75510e840e68629881d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://evicore.perkspot.com/
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 5BD1455A-9D48-4E39-8AEF-D094EC501DBF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
status: 200
date: Thu, 12 Nov 2020 03:34:17 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

GET
H2 200 preload.492ded05748ff62832e3.js Show response
static.zdassets.com/web_widget/latest/ Frame B6A4 61 KB
18 KB 40ms
38ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/preload.492ded05748ff62832e3.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6c693d1b5bda1002039404cd54044c05fb34acb4ce3931a7c347f3d4c2152ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 18232
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 6Z7S0HDN1MDP0T8W
x-amz-id-2: LJfvY145ORWvBpkWCRNH01ZybSHd+u6btZ5hpZACkMXOQ/X7GlcljFKQ9Hb1dcRN6mEPIrYcef0=
last-modified: Wed, 11 Nov 2020 04:21:24 GMT
server: cloudflare
etag: W/"c35296308a43917015411e63cd33c2a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: UdQMSpG4twSjjup4pwadx6r9j.W0lieY
cf-request-id: 065c1dbd4c0000fa24fe859000000001
cf-ray: 5f0d32421e49fa24-AMS
expires: Thu, 11 Nov 2021 04:21:23 GMT

GET
H2 200 web_widget.ba9a857f2bb01785a8d1.chunk.js Show response
static.zdassets.com/web_widget/latest/lazy/ Frame B6A4 4 KB
2 KB 39ms
37ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/lazy/web_widget.ba9a857f2bb01785a8d1.chunk.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52b970231b6acd054a470b232aec5aee2493e1a4fc07a54557cc524f11343c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 686800
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 1DE1F778647F9FD8
x-amz-id-2: 0D4n37hkTr8BGyDmVvlFT71RhQ/NlhHA9vi1skYAzXw4quff8nv2XjNJ8yA3AGKVBOUVaWrDugU=
last-modified: Wed, 04 Nov 2020 00:54:16 GMT
server: cloudflare
etag: W/"cd48dbd15438789692901c3abe7fad0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 56wM_NagbbA9kBkzVu5CbmH3_ZCfXlW_
cf-request-id: 065c1dbd4d0000fa24d13f7000000001
cf-ray: 5f0d32421e4afa24-AMS
expires: Thu, 04 Nov 2021 00:54:15 GMT

GET
H2 200 vendors~web_widget.ca239eb7094b76c34e1a.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame B6A4 1 MB
280 KB 81ms
79ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~web_widget.ca239eb7094b76c34e1a.chunk.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5991a85568c553f8faf24407b27015791a41a241a133f1cae46d976f4a825647

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 517507
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 7D921DC583239E1F
x-amz-id-2: 0IIOjcAjqHVqWZlKxh5QuaxB805TwiWTwKFxL7PTjNzCBBTZkl0POxUETj97XE9Ec+To2+bbehY=
last-modified: Thu, 05 Nov 2020 06:17:52 GMT
server: cloudflare
etag: W/"ca0df266e1139488aec48decba32099f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: BucBoz3XRyHcnsS0R_DD3LYWmTBH3uQV
cf-request-id: 065c1dbd4d0000fa24ceb23000000001
cf-ray: 5f0d32421e4bfa24-AMS
expires: Fri, 05 Nov 2021 06:17:51 GMT

GET
H2 200 web_widget.65490add8c1681dc9e94.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame B6A4 854 KB
163 KB 64ms
63ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web_widget.65490add8c1681dc9e94.chunk.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3283d191c7269c15b439ba5f9c25218fe7b08309aba3262b8b79b751185bcb13

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 18232
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: AD515DF1515C034A
x-amz-id-2: a6g/DxkLE10nbx8lPaelIkYmKb0s9oaUXTicK0U9zB4ZsK+/ah/BDuEAAqiDcPokM3/9cV3wZfo=
last-modified: Wed, 11 Nov 2020 04:21:25 GMT
server: cloudflare
etag: W/"595aef342520e4f22bf23f42d9e224a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: mkNJZuCYXZjRR1dE8gL4L0oAVSg9J0zc
cf-request-id: 065c1dbd4d0000fa241d96d000000001
cf-ray: 5f0d32421e4cfa24-AMS
expires: Thu, 11 Nov 2021 04:21:24 GMT

GET
H2 200 chat-sdk.cec40ba63b2a85de0a9c.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame B6A4 257 KB
50 KB 51ms
50ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/chat-sdk.cec40ba63b2a85de0a9c.chunk.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8231103d519b2db6114b40807697ff8a7443f6ec6e939c8cb9cb4f5dee7348b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 251632
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 049D95932D04FC50
x-amz-id-2: bnDwsdkajZMA9SfFD/7WQHuxJuUPyqsyjjnH1zSnzeUNmGidqrySoDVsY2ENfdPchUAgQyPLFX4=
last-modified: Thu, 05 Nov 2020 06:16:58 GMT
server: cloudflare
etag: W/"c7b786c485c50d3373906fb0a543389a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: .qr4N768TMOR1z6R5LmuWgkd.5yoS5TH
cf-request-id: 065c1dbd4d0000fa24fb00e000000001
cf-ray: 5f0d32421e4efa24-AMS
expires: Fri, 05 Nov 2021 06:16:57 GMT

GET
H2 200 talk-sdk.a78cdd8b4495e55b4f0a.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame B6A4 57 KB
18 KB 31ms
30ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/talk-sdk.a78cdd8b4495e55b4f0a.chunk.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

911245e9a32d617b8b908d8e742522fa9ed193aae41570cdb80b263517e453cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 701225
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: BJFJBZ0G8G2QCV6M
x-amz-id-2: pOCNYSQ3Ib4YOn7v79qPT/Q4TswsfiMaAhtWHYALLL8eX57RlKOPH7LZpcaVikovzhJXUp3EO+o=
last-modified: Wed, 04 Nov 2020 00:22:56 GMT
server: cloudflare
etag: W/"dd6b4b79adcd15cd09f88b9f6a39d8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: DfBlftSIXNIvEm6GXFnmNavvebCGSzPa
cf-request-id: 065c1dbd4e0000fa24ec020000000001
cf-ray: 5f0d32421e50fa24-AMS
expires: Thu, 04 Nov 2021 00:22:55 GMT

GET
H2 200 config Show response
perkspot.zendesk.com/embeddable/ Frame 7F33 721 B
1 KB 248ms
189ms XHR
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://perkspot.zendesk.com/embeddable/config

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f0a6a6f8c5503d204a6f6439918e47d27d21c35f189e6e004ac682e8d85d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://evicore.perkspot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
access-control-allow-methods: GET
vary: Origin, Accept-Encoding
cf-request-id: 065c1dbdc300000b3f809a4000000001
x-request-id: 5f0d3242d8660b3f-SEA
x-runtime: 0.002222
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VxY91FIfRvkxbm234BTLNYZ3N%2Bxt31nK3VI4IW9l4iEv6DoleQyJa%2FCUeCoPxrN3q3yBQjW%2Bb4eB7KWYSQSYgxMNckuiRZ%2F%2B4NqSdC1P%2FRxTr7bvGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-79d9b4c8b8-n7p8f
cf-ray: 5f0d3242d8660b3f-AMS

GET
H2 200 en-us-json.cc8e73e5fe307bb27426.chunk.js Show response
static.zdassets.com/web_widget/latest/locales/ Frame B6A4 25 KB
5 KB 28ms
28ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/locales/en-us-json.cc8e73e5fe307bb27426.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.492ded05748ff62832e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8882e31b1407e6da2e2dda44ffa9f1c1a9298059f7203c5fa7d50bee4899783

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 698283
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 0SBRFVFWFNEVBT9M
x-amz-id-2: Mm1vIsQW8N7aXeS/kNXQVVFxvpgDBVmWMoDMDe9Fd5n5wID77Xs+Wqu4XiwNwUxjhIgdcCpw7Do=
last-modified: Wed, 04 Nov 2020 00:54:33 GMT
server: cloudflare
etag: W/"c94e458331968060067c4539f118fd54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: hx5YEzVVIgvSVUf4aaTh1tGbNqkEohSs
cf-request-id: 065c1dbe9b0000fa24a48e2000000001
cf-ray: 5f0d32442807fa24-AMS
expires: Thu, 04 Nov 2021 00:54:32 GMT

GET
H2 200 framework-boot.b9955b9b19cd8b761ecb.chunk.js Show response
static.zdassets.com/web_widget/latest/lazy/ Frame B6A4 7 KB
3 KB 27ms
27ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/lazy/framework-boot.b9955b9b19cd8b761ecb.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.492ded05748ff62832e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

543786a26a1b29f331355408c9c2d7c26e4ffde43ed61dd6d5079dbdd8b38ffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 18232
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: CF4C0479F9A074FB
x-amz-id-2: H4iSrL+k7bFmGUfwIpvE6I1nHTPnhNBYGAg06VSPU1zQFYKncWudPKVqQzjYakRIBi2M0rjj6dY=
last-modified: Wed, 11 Nov 2020 04:20:32 GMT
server: cloudflare
etag: W/"29877c4ff48abce36f7331f5d4c395a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: tZMJL1ubueAQpy0v9naclNYXx294DkHL
cf-request-id: 065c1dbe9b0000fa249d2a7000000001
cf-ray: 5f0d32442809fa24-AMS
expires: Thu, 11 Nov 2021 04:20:31 GMT

GET
H2 200 embeddable_blip Show response
perkspot.zendesk.com/ Frame B6A4 0
762 B 176ms
176ms XHR
text/html 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://perkspot.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsib2Zmc2V0Ijp7Imhvcml6b250YWwiOiI1cHgiLCJ2ZXJ0aWNhbCI6IjVweCIsIm1vYmlsZSI6eyJob3Jpem9udGFsIjoiNXB4IiwidmVydGljYWwiOiI1cHgifX0sInpJbmRleCI6MTk5OX19LCJidWlkIjoiZDkzNTNjM2QzYzk3NmFlNjFjNThjNTE4ZWY1ZTg0ZmIiLCJzdWlkIjoiZjQxNDRkNjc3YTMwMzRiYTI0MjczYzNiOTJjNzEyM2QiLCJ2ZXJzaW9uIjoiMTQ1OTZkZGVjIiwidGltZXN0YW1wIjoiMjAyMC0xMS0xMlQwMzozNDoxNy4wMjBaIiwidXJsIjoiaHR0cHM6Ly9ldmljb3JlLnBlcmtzcG90LmNvbSJ9
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ca239eb7094b76c34e1a.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QMVc9xq4ubWtlgkpJRv9iHvTZDEHmveGHegGphMALYM6DQAaQv7s4%2F0Vhv%2BLJjGzv06nOZtijcryhiOlS%2Bfk0NZKDCx6BMWdVteiQ44Id4kkB3TzLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://evicore.perkspot.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5f0d32447a710b3f-AMS
cf-request-id: 065c1dbec700000b3f46016000000001

GET
H2 200 embeddable_blip Show response
perkspot.zendesk.com/ Frame B6A4 0
446 B 208ms
208ms XHR
text/html 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://perkspot.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9ldmljb3JlLnBlcmtzcG90LmNvbSIsInRpbWUiOjM2LCJsb2FkVGltZSI6bnVsbCwibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IllvdSdyZSBvbiB5b3VyIHdheSB0byBzYXZpbmcgYXQgTWFyY3VzIEJ5IEdvbGRtYW4gU2FjaHPCriB8IFdlbGNvbWUgdG8gWW91ciBldmlDb3JlIEVtcGxveWVlIFBlcmtzIFByb2dyYW0iLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2UsImlzUmVzcG9uc2l2ZSI6dHJ1ZSwidmlld3BvcnRNZXRhIjoid2lkdGg9ZGV2aWNlLXdpZHRoLCBpbml0aWFsLXNjYWxlPTEiLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6ImQ5MzUzYzNkM2M5NzZhZTYxYzU4YzUxOGVmNWU4NGZiIiwic3VpZCI6ImY0MTQ0ZDY3N2EzMDM0YmEyNDI3M2MzYjkyYzcxMjNkIiwidmVyc2lvbiI6IjE0NTk2ZGRlYyIsInRpbWVzdGFtcCI6IjIwMjAtMTEtMTJUMDM6MzQ6MTcuMDUzWiIsInVybCI6Imh0dHBzOi8vZXZpY29yZS5wZXJrc3BvdC5jb20ifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ca239eb7094b76c34e1a.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=osVozpTCPTE8M%2BbrPqGo0qb2HQUUQoF6iV%2FrMoBj9ZuZxy2IP3HQvtuw9BXTxUXOeVNoBMktXF%2Fe0yezNPi3IuXsgmJ7pcZCD0zL6KJ2yntYl7qVSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://evicore.perkspot.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5f0d3244aab40b3f-AMS
cf-request-id: 065c1dbee600000b3f422a0000000001

GET
H2 206 chat-incoming-message-notification.mp3
static.zdassets.com/web_widget/static/ Frame B6A4 19 KB
20 KB 73ms
73ms Media
audio/mpeg 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/static/chat-incoming-message-notification.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 12 Nov 2020 03:34:17 GMT
cf-cache-status: DYNAMIC
x-amz-request-id: CD5A94D6856E1F7B
x-amz-server-side-encryption: AES256
cf-ray: 5f0d32481bb5fa24-AMS
status: 206
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: jrJBzXAhuDOQ27tw0FXwXZQh1HUGA7QU7ExMzz3aBItn0pe3IfGoSZTaZJRDZYXorke34gGHUZA=
Content-Range: bytes 0-19697/19698
last-modified: Tue, 12 Feb 2019 01:07:53 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
x-amz-version-id: 7QfN44DQ.h7tzqx9G_4CeAsccdu5t2pF
cache-control: public, max-age=31536000
cf-request-id: 065c1dc1130000fa24fe878000000001
accept-ranges: bytes
content-type: audio/mpeg; charset=utf-8
expires: Wed, 12 Feb 2020 01:07:52 GMT

GET
H2 403 Primary Request perkspot-offer Show response
www.marcus.com/us/en/personal-loans/ 655 KB
394 KB 373ms
83ms Document
text/html 104.19.156.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marcus.com/us/en/personal-loans/perkspot-offer?prd=pl&chl=ag&schl=PRK&lid=Email&arid=4341625

Requested by

Host: evicore.perkspot.com
URL: https://evicore.perkspot.com/offer/1400952/10-08-19-email-marcusbygoldmansachs?utm_medium=email&utm_id=weeklyblast

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.156.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63302dcf015cda6a3084bce9240a3f93f5128c7dffbe866e3a22bba0714125ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.marcus.com
:scheme: https
:path: /us/en/personal-loans/perkspot-offer?prd=pl&chl=ag&schl=PRK&lid=Email&arid=4341625
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://evicore.perkspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://evicore.perkspot.com/

Response headers

status: 403
date: Thu, 12 Nov 2020 03:34:18 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: __cfduid=d08f07bb973dd3005d9a72c400523b09f1605152058; expires=Sat, 12-Dec-20 03:34:18 GMT; path=/; domain=.marcus.com; HttpOnly; SameSite=Lax; Secure __cf_bm=c3c9cfd0f44e567d3fa341ac91ca83c9c8a5a0a1-1605152058-1800-AbU4GVEnYbAddnXL2YbSrBylNqBrhSWpwZfdZPODWXz3U1flHwOXssvkMkEoNnob2W87h7xoJbA5j/H59PxIe+o=; path=/; expires=Thu, 12-Nov-20 04:04:18 GMT; domain=.marcus.com; HttpOnly; Secure; SameSite=None
cf-request-id: 065c1dc4a700001fe6551b9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5f0d324ddccf1fe6-AMS
content-encoding: gzip

GET
H2 200 api.js Show response
www.marcus.com/cdn-cgi/bm/cv/2172558837/ 25 KB
7 KB 31ms
30ms Script
text/javascript 104.19.156.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marcus.com/cdn-cgi/bm/cv/2172558837/api.js

Requested by

Host: www.marcus.com
URL: https://www.marcus.com/us/en/personal-loans/perkspot-offer?prd=pl&chl=ag&schl=PRK&lid=Email&arid=4341625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.156.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e46bffb5f4bd8c42e67e417d2bbb3740eb7474e65c16e0053e736237380d77f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.marcus.com/us/en/personal-loans/perkspot-offer?prd=pl&chl=ag&schl=PRK&lid=Email&arid=4341625
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 03:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=604800, public
cf-ray: 5f0d324ecdc11fe6-AMS
cf-request-id: 065c1dc53c00001fe6a729d000000001

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f15aa65acc5306170695238bcb05aaff9f39a4acee43c486c17f22e52d055077

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e57fd8405a7c03a910184d9a8489befd6afc8f97b750ed9fb8d898375455443b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 38 KB
38 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddc279a680b23c2846ed4e0dc46237bd5aa994464ed7be37527b92760ea78e8a

Request headers

Origin: https://www.marcus.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
DATA 200
OK truncated
/ 34 KB
34 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e772fc22762855b99fb206191a3beaa4a0994aa30b43da1511ae8c22e24573c5

Request headers

Origin: https://www.marcus.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
DATA 200
OK truncated
/ 132 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e7f74406548a2b2322d8665238ceca6f93ef8da8c23b1acf1024ce14347d729

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

POST
H2 204 result Show response
www.marcus.com/cdn-cgi/bm/cv/ 0
341 B 22ms
22ms XHR
text/plain 104.19.156.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.marcus.com/cdn-cgi/bm/cv/result?req_id=5f0d324ddccf1fe6
Requested by: Host: www.marcus.com
URL: https://www.marcus.com/cdn-cgi/bm/cv/2172558837/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.156.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.marcus.com/us/en/personal-loans/perkspot-offer?prd=pl&chl=ag&schl=PRK&lid=Email&arid=4341625
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

status: 204
date: Thu, 12 Nov 2020 03:34:18 GMT
server: cloudflare
cf-request-id: 065c1dc61e00001fe6513f5000000001
cf-ray: 5f0d32502f831fe6-AMS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.marcus.com/	1970-01-19 13:52:33	Name: __cf_bm Value: 14d5594db8908f6ba2c9554bd97a5468ffd88d88-1605152058-1800-AWUeS/8UOF/EHA9tE3e1ZBar2CNI7lQi1kcZrsmKKtLbOMu+zlQvwI7nD2QXrlW8SLc9WBxNNNq1IS8q4fsrazjS3eyoyF9VHgY8Y2xJ8GsFEyQbRGDkxujnzHHhB03juNtc/AIa7NrKOIIuPNF5l67uP/SNZImK+Nn7c8wgWbmqIMYlfCQOSNv04kIXJZ5IWQ==
			.marcus.com/	1970-01-19 14:35:44	Name: __cfduid Value: d08f07bb973dd3005d9a72c400523b09f1605152058

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors *.perkspot.com
X-Content-Security-Policy	frame-ancestors *.perkspot.com
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.sail-horizon.com
api.sail-personalize.com
assets.zendesk.com
az416426.vo.msecnd.net
cdn.heapanalytics.com
cdn.rollbar.com
dc.services.visualstudio.com
ekr.zdassets.com
email.perkspot.com
evicore.perkspot.com
googleads.g.doubleclick.net
heapanalytics.com
hello.myfonts.net
perkspot.zendesk.com
psprods3ep.azureedge.net
sailthru.perkspot.com
static.zdassets.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.marcus.com
104.16.51.111
104.18.70.113
104.18.71.113
104.19.156.86
13.224.93.81
13.224.93.93
152.199.21.2
172.217.16.162
23.96.203.178
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:bdf::10
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81e::2008
2a00:1450:4001:820::200e
2a00:1450:400c:c00::9c
3.226.166.212
51.140.6.23
52.45.77.86
75.2.40.13
99.84.158.177
1d1719c78f1345c8a53e6a96587f55fef0ceae022324f949b2f098ed3f4623bf
255733aa26ecbe1a2608fc086d6b510fafce3647ad1ddf22392c390a1306e640
30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0
3283d191c7269c15b439ba5f9c25218fe7b08309aba3262b8b79b751185bcb13
3e46bffb5f4bd8c42e67e417d2bbb3740eb7474e65c16e0053e736237380d77f
40f2d552c0db3ead874ec52bf624d9ec88007d8b659cd7189fecc3ff19d3d248
42ae1eb8cc55b4e2382e02323c96a40e80432d3e810bce85f10c75ddacbd2e2b
52b970231b6acd054a470b232aec5aee2493e1a4fc07a54557cc524f11343c2e
543786a26a1b29f331355408c9c2d7c26e4ffde43ed61dd6d5079dbdd8b38ffd
55f321e4a81f17977a71b1dd2f848c0b10639c8a0ebf64452ccc658fe80e9f7a
5991a85568c553f8faf24407b27015791a41a241a133f1cae46d976f4a825647
5efd1cdc9fe57d8ee4c5ee8839c2deb5a4c0a6f0eae362825bf0c94785c01632
60035f8d3292fc0b3155089baabc76fce2178f8d104ef606e4e31cbe0a2803b2
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
63302dcf015cda6a3084bce9240a3f93f5128c7dffbe866e3a22bba0714125ed
65e4d18477e0e194ae2b3848fe053621a40508eeb817ab8c832b8005edd2c6af
6d8b8be980fc843b9d6c23f7cdaee15395e42df438f2fb7e36f0f792d650ef7d
6dc11ffa71a58b4ed12bf0880155a3e1ad635075da99a5a8d863a22fff2aeedc
7558462ab5ef574d3ea7bd23a4781f723a1738175eccc98e58d6362b01a7b2b6
7ba336a9da988c3696213523bf238de5d5b044ac2b837171308c77bd898ea1c3
8231103d519b2db6114b40807697ff8a7443f6ec6e939c8cb9cb4f5dee7348b2
82f0a6a6f8c5503d204a6f6439918e47d27d21c35f189e6e004ac682e8d85d0d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89c69b70386c8e4a1be1f0dfe4b485807c2ac88bfe195de3a254a855f36d8c0c
8b28c55dc3a54af31aa02d3bf288d8f399f210fefba8c4c12ced5878dba8b59f
907511c357b6d55e24b4ec8162a0aaf71d416bfb5cf0c2a655777397e325adef
911245e9a32d617b8b908d8e742522fa9ed193aae41570cdb80b263517e453cb
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94c6483dadce933e499cc7f0a7cbd22d2565bbaf160f19086d55bd2e2df69f7b
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9dbbe78a9fe127367c7859fe6c87cb7728a134047bb9e56bd7c180408110bfda
9e7f74406548a2b2322d8665238ceca6f93ef8da8c23b1acf1024ce14347d729
9f0fab72c8a1fea1df1d6c5d128115031a8c44ccbc7f37e314acee6acb98779b
a1aeb484e79436d8269c715c514c1a6b66ae4f950ab9d2952d438a2fcab02884
a6c693d1b5bda1002039404cd54044c05fb34acb4ce3931a7c347f3d4c2152ee
b75e967e2e39ecc9ce5848be574575e65ea14d7cc9f77584803c0e3182c0bf93
b8882e31b1407e6da2e2dda44ffa9f1c1a9298059f7203c5fa7d50bee4899783
b94727d40a7e70af765712fac57b4ce13e834d6d88dde210920360a6b101686c
ba800dde5ad1ce0022f16a2e3ffcb1e6b249bd459bc21d3291513f4f81df6767
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
d1866c162d81d89e48ae09ab05b1ef3d79133a6c83de088e5121fbae1aea04f4
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d79a41844504ccb8bd40dcc91e68cd0467e012021852e634567cf0e7b9afba79
ddc279a680b23c2846ed4e0dc46237bd5aa994464ed7be37527b92760ea78e8a
e35f30a29d1359038a5b8e999a714cda8270aa4140a9c75510e840e68629881d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e57fd8405a7c03a910184d9a8489befd6afc8f97b750ed9fb8d898375455443b
e772fc22762855b99fb206191a3beaa4a0994aa30b43da1511ae8c22e24573c5
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15aa65acc5306170695238bcb05aaff9f39a4acee43c486c17f22e52d055077

www.marcus.com Open in urlscan Pro 104.19.156.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

60 Requests

100 %HTTPS

36 %IPv6

18 Domains

24 Subdomains

22 IPs

4 Countries

1929 kBTransfer

5720 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.marcus.com Open in urlscan Pro
104.19.156.86 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

36 %
IPv6

18
Domains

24
Subdomains

22
IPs

4
Countries

1929 kB
Transfer

5720 kB
Size

2
Cookies

60 HTTP transactions
5 data transactions