URL: https://reach.livetiles.io/walgreens/join?sendername=ann%20haderlein
Submission: On November 30 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 13.107.238.45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is reach.livetiles.io. The Cisco Umbrella rank of the primary domain is 397025.
TLS certificate: Issued by R3 on November 3rd 2022. Valid for: 3 months.
This is the only time reach.livetiles.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 13.107.238.45 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 4
Apex Domain
Subdomains
Transfer
8 livetiles.io
reach.livetiles.io — Cisco Umbrella Rank: 397025
3 MB
1 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
10 3
Domain Requested by
8 reach.livetiles.io reach.livetiles.io
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com reach.livetiles.io
10 3

This site contains no links.

Subject Issuer Validity Valid
reach.livetiles.io
R3
2022-11-03 -
2023-02-01
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh

This page contains 1 frames:

Primary Page: https://reach.livetiles.io/walgreens/join?sendername=ann%20haderlein
Frame ID: 764A82CB0B90006CA82767504B60878B
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

LiveTiles Reach

Page Statistics

10
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

2795 kB
Transfer

8230 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request join
reach.livetiles.io/walgreens/
3 KB
2 KB
Document
General
Full URL
https://reach.livetiles.io/walgreens/join?sendername=ann%20haderlein
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.238.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3d1d2a517482ae16a42229b68bb85143f71265334bdde3e25576a867ff7b9513
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
content-type
text/html
date
Wed, 30 Nov 2022 22:32:33 GMT
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-azure-ref
0AtqHYwAAAABbUTRg4lyhRYS2xvLF7AcDRFVTMzBFREdFMDYxNwAyYTNiMDIyYi00MGQ5LTRkZjQtODQ5OS00ZmI0MzcyYWRlNWQ=
x-cache
CONFIG_NOCACHE
x-powered-by
ASP.NET
css
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700
Requested by
Host: reach.livetiles.io
URL: https://reach.livetiles.io/walgreens/join?sendername=ann%20haderlein
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reach.livetiles.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 30 Nov 2022 22:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 22:17:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Nov 2022 22:32:34 GMT
runtime.cc323a1e7038a0a1.esm.js
reach.livetiles.io/
12 KB
7 KB
Script
General
Full URL
https://reach.livetiles.io/runtime.cc323a1e7038a0a1.esm.js
Requested by
Host: reach.livetiles.io
URL: https://reach.livetiles.io/walgreens/join?sendername=ann%20haderlein
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.238.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
581aba4e0effc0c95eeaed27e29c10383f9816181fceff253bcbf1dd89855e29
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://reach.livetiles.io/walgreens/join?sendername=ann%20haderlein
Origin
https://reach.livetiles.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 28 Nov 2022 14:25:36 GMT
date
Wed, 30 Nov 2022 22:32:34 GMT
etag
"1d9033547fc1ead"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-azure-ref
0AtqHYwAAAADZG7cGbSwXRZAAcdKIeBAgRFVTMzBFREdFMDYxNwAyYTNiMDIyYi00MGQ5LTRkZjQtODQ5OS00ZmI0MzcyYWRlNWQ=
accept-ranges
bytes
polyfills.d4cdccd18b03ac25.esm.js
reach.livetiles.io/
77 KB
35 KB
Script
General
Full URL
https://reach.livetiles.io/polyfills.d4cdccd18b03ac25.esm.js
Requested by
Host: reach.livetiles.io
URL: https://reach.livetiles.io/walgreens/join?sendername=ann%20haderlein
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.238.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
c6d69bcd0470908bd6f85fe2ff4ed842dc19c06a30ac94d474c20e6602a2f4b9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://reach.livetiles.io/walgreens/join?sendername=ann%20haderlein
Origin
https://reach.livetiles.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 28 Nov 2022 14:25:36 GMT
date
Wed, 30 Nov 2022 22:32:34 GMT
etag
"1d9033547fd04ff"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-azure-ref
0AtqHYwAAAADIJrIpW+V/RaFfNzkV6swlRFVTMzBFREdFMDYxNwAyYTNiMDIyYi00MGQ5LTRkZjQtODQ5OS00ZmI0MzcyYWRlNWQ=
accept-ranges
bytes
main.3f58e0da13ee5374.esm.js
reach.livetiles.io/
8 MB
3 MB
Script
General
Full URL
https://reach.livetiles.io/main.3f58e0da13ee5374.esm.js
Requested by
Host: reach.livetiles.io
URL: https://reach.livetiles.io/walgreens/join?sendername=ann%20haderlein
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.238.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
18e78e5baa671f3f967a96b62f50cf82f031009607e2bc4616ba6b3f2104779f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://reach.livetiles.io/walgreens/join?sendername=ann%20haderlein
Origin
https://reach.livetiles.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 28 Nov 2022 14:25:36 GMT
date
Wed, 30 Nov 2022 22:32:34 GMT
etag
"1d9033547864416"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-azure-ref
0AtqHYwAAAAAwllXWsLcKQbYteIeQCXdERFVTMzBFREdFMDYxNwAyYTNiMDIyYi00MGQ5LTRkZjQtODQ5OS00ZmI0MzcyYWRlNWQ=
accept-ranges
bytes
7410.63a3ac1446fb7133.esm.js
reach.livetiles.io/
3 KB
2 KB
Script
General
Full URL
https://reach.livetiles.io/7410.63a3ac1446fb7133.esm.js
Requested by
Host: reach.livetiles.io
URL: https://reach.livetiles.io/runtime.cc323a1e7038a0a1.esm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.238.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
6401186b5ff89c4afacd129289962be85375cce6022307a47cfa96f27792c91f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reach.livetiles.io/walgreens/join?sendername=ann%20haderlein
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 28 Nov 2022 14:25:36 GMT
date
Wed, 30 Nov 2022 22:32:34 GMT
etag
"1d9033547fc3a07"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-azure-ref
0A9qHYwAAAACfp2/+JIolT7aIpY2EXWoRRFVTMzBFREdFMDYxNwAyYTNiMDIyYi00MGQ5LTRkZjQtODQ5OS00ZmI0MzcyYWRlNWQ=
accept-ranges
bytes
truncated
/
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/webp
config.json
reach.livetiles.io/
2 KB
1 KB
Fetch
General
Full URL
https://reach.livetiles.io/config.json
Requested by
Host: reach.livetiles.io
URL: https://reach.livetiles.io/main.3f58e0da13ee5374.esm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.238.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
555f60b01cdccc1cf116934b8e19b4250a2ac30068418073bd26f4af8e67e324
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reach.livetiles.io/walgreens/join?sendername=ann%20haderlein
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
content-encoding
gzip
strict-transport-security
max-age=31536000
date
Wed, 30 Nov 2022 22:32:35 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/json; charset=utf-8
x-azure-ref
0A9qHYwAAAAAH+12BySbvQLpIB/YjnEWWRFVTMzBFREdFMDYxNwAyYTNiMDIyYi00MGQ5LTRkZjQtODQ5OS00ZmI0MzcyYWRlNWQ=
cache-control
no-store,no-cache
common.530a4e2414f062c5.esm.js
reach.livetiles.io/
124 KB
21 KB
Script
General
Full URL
https://reach.livetiles.io/common.530a4e2414f062c5.esm.js
Requested by
Host: reach.livetiles.io
URL: https://reach.livetiles.io/runtime.cc323a1e7038a0a1.esm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.238.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
ab92bcfe5a5963c3941ae68bd98e9dd9a7c5d8a48f6e7d7f32348faf83e6df26
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reach.livetiles.io/walgreens/join?sendername=ann%20haderlein
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 28 Nov 2022 14:25:36 GMT
date
Wed, 30 Nov 2022 22:32:35 GMT
etag
"1d9033547fdc1a2"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-azure-ref
0A9qHYwAAAAAJR0Cqm1hyQZnxtTgtRyFZRFVTMzBFREdFMDYxNwAyYTNiMDIyYi00MGQ5LTRkZjQtODQ5OS00ZmI0MzcyYWRlNWQ=
accept-ranges
bytes
language-resources-en.2f5038142c388113.esm.js
reach.livetiles.io/
150 KB
48 KB
Script
General
Full URL
https://reach.livetiles.io/language-resources-en.2f5038142c388113.esm.js
Requested by
Host: reach.livetiles.io
URL: https://reach.livetiles.io/runtime.cc323a1e7038a0a1.esm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.238.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
69f490be5758176695869ffa95e1d96b74266194f505d2023dab9571ec0d9401
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reach.livetiles.io/walgreens/join?sendername=ann%20haderlein
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 28 Nov 2022 14:25:36 GMT
date
Wed, 30 Nov 2022 22:32:35 GMT
etag
"1d9033547fe697e"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-azure-ref
0A9qHYwAAAADIUhkqk5qnSLiU7VAeE/l6RFVTMzBFREdFMDYxNwAyYTNiMDIyYi00MGQ5LTRkZjQtODQ5OS00ZmI0MzcyYWRlNWQ=
accept-ranges
bytes
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reach.livetiles.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 19:42:15 GMT
x-content-type-options
nosniff
age
528620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 19:42:15 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| webpackChunkreach_app function| setImmediate function| clearImmediate object| CapacitorPlatforms object| Capacitor object| __packages__ object| __stylesheet__ object| __globalSettings__ number| __currentId__ object| __themeState__ object| System object| _GIPHY_SDK_HEADERS_ string| giphyRandomId object| OneSignal boolean| __is_reach_app object| global

1 Cookies

Domain/Path Name / Value
reach.livetiles.io/ Name: ai_user
Value: Juymr22BCSdsLRRUSljhuQ|2022-11-30T22:32:35.505Z

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-inline' http://localhost:* https://api.reach.livetiles.io https://static.zdassets.com https://ekr.zdassets.com https://livetileshelp.zendesk.com https://api.smooch.io https://az416426.vo.msecnd.net https://sdk.canva.com/designbutton/v2/api.js https://googletagmanager.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://cdn.onesignal.com https://onesignal.com https://*.hsforms.net https://*.hsforms.com https://ixp.livetiles.io https://*.ixp.livetiles.io https://platform.twitter.com https://syndication.twitter.com https://cdn.syndication.twimg.com https://static.cloud.coveo.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css https://sdk.canva.com/designbutton/v2/api.css https://platform.twitter.com https://ton.twimg.com https://abs.twimg.com https://static.cloud.coveo.com;font-src 'self' data: https://static2.sharepointonline.com/files/fabric/assets/ https://spoprod-a.akamaihd.net/files/fabric/assets/ https://spoppe-b.azureedge.net/files/ https://fonts.gstatic.com/s/ https://js.intercomcdn.com https://s3.amazonaws.com/giphyscripts/
Strict-Transport-Security max-age=31536000