urlscan.io logo urlscan.io
SecurityTrails logo

push.fm Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://push.fm/fl/s6hdwhvc
Submission: On October 24 via api from RU — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 22 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is push.fm.
TLS certificate: Issued by WE1 on September 25th 2024. Valid for: 3 months.
This is the only time push.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
push.fm
6    2600:9000:26db:d800:16:8c61:13c0:21 (United States)

ASN16509 (AMAZON-02, US)
d29xpkeqnsbaz3.cloudfront.net
1    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net
www.googletagmanager.com
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
2    2600:9000:2165:5000:19:b0d5:4b00:21 (United States)

ASN16509 (AMAZON-02, US)
d1l1gotk1xybsc.cloudfront.net
Apex Domain
Subdomains		 Transfer
8 cloudfront.net
d29xpkeqnsbaz3.cloudfront.net
d1l1gotk1xybsc.cloudfront.net
273 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 Failed
347 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
21 KB
3 push.fm
push.fm
14 KB
1 google.nl
www.google.nl — Cisco Umbrella Rank: 13162
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
548 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4401
1 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
58 KB
22 8
Domain Requested by
6 d29xpkeqnsbaz3.cloudfront.net push.fm
d29xpkeqnsbaz3.cloudfront.net
4 www.googletagmanager.com push.fm
www.googletagmanager.com
3 push.fm push.fm
d29xpkeqnsbaz3.cloudfront.net
2 d1l1gotk1xybsc.cloudfront.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.google.nl
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.google-analytics.com
1 region1.analytics.google.com 1 redirects
1 connect.facebook.net push.fm
22 10

This site contains links to these domains. Also see Links.

Domain
qrcc.me
routenote.com
Subject Issuer Validity Valid
push.fm
WE1		 2024-09-25 -
2024-12-24		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-03 -
2024-11-01		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.nl
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://push.fm/fl/s6hdwhvc
Frame ID: 47170B1B7BC3ECA57AF2D455ECED9E61
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

My Medical Clinic MN by Online Payment Portal Alternate Signing Method | Find more at VIEW | PUSH.fm

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

22
Requests

91 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

11
IPs

4
Countries

715 kB
Transfer

2555 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-VC4FJ5WFTN&gtm=45je4al0v885018856z89113111505za200zb9113111505&_p=1729804175907&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685~101823848&cid=1010030208.1729804176&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729804176&sct=1&seg=0&dl=https%3A%2F%2Fpush.fm%2Ffl%2Fs6hdwhvc&dt=My%20Medical%20Clinic%20MN%20by%20Online%20Payment%20Portal%20Alternate%20Signing%20Method%20%7C%20Find%20more%20at%20VIEW%20%7C%20PUSH.fm&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=862 HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1010030208.1729804176&dbk=18063319706662662255&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4al0v885018856z89113111505za200zb9113111505&npa=1&tid=G-VC4FJ5WFTN&dl=https%3A%2F%2Fpush.fm%3F

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request s6hdwhvc
push.fm/fl/ 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://push.fm/fl/s6hdwhvc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed3e16aeafc640ed1ff6fc75b2dd8407ede1a93507e65e7116a9e5765fe6eb21

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8d7cf2e09d2e665c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 24 Oct 2024 21:09:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=306EPpbk%2FcdLEK6OHmlw3hK9UnDckt2EuCT5UsS9O3X8KDWmr1n0KNZooQ3Ug5Dl2Y%2BJnEZKGdNhZYJu2u%2BEZMkFQpRqzkdBd43Ai2GJrKEOII%2Fiw8sn0iCI"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=19249&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4107&recv_bytes=4492&delivery_rate=683&cwnd=12000&unsent_bytes=0&cid=f637e8f09767af38&ts=301&x=1" cfExtPri cfHdrFlush;dur=0
via
1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
x-amz-apigw-id
ALGefGNoLPEEvYA=
x-amz-cf-id
tqnIL6axrPhmJ5kryXJvh8lmnHzCJEooTzj9jBM2b7A99v4cnFDmFw==
x-amz-cf-pop
FRA56-P12
x-amzn-remapped-date
Thu, 24 Oct 2024 21:09:35 GMT
x-amzn-requestid
5c46c9a4-d89f-4f54-977e-b556f3d691f6
x-amzn-trace-id
Root=1-671ab78f-2ae2d7087f2db5dc06c4b0db;Parent=3836e34e4eeda836;Sampled=0;Lineage=1:7c788e94:0
x-cache
Miss from cloudfront
x-robots-tag
all
products.css
d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/ 		196 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/products.css
Requested by
Host: push.fm
URL: https://push.fm/fl/s6hdwhvc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:16:8c61:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c244bb5c201e6e2bb67efb8749e0cd612efc3ac8d03f2ae78cb90ae27b11846

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
content-encoding
br
etag
W/"8ce06c52db93cd0ac5d85aafbe90afb4"
age
121280
via
1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
expires
Sat, 23 Nov 2024 11:25:42 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
dclM-FEiV8njnd9b4UBgXwejNQ9OSVk1uwBElAMArOZEIX1cE2Qbpw==
date
Wed, 23 Oct 2024 11:28:16 GMT
content-type
text/css
last-modified
Wed, 23 Oct 2024 11:25:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
x-amz-server-side-encryption
AES256
fonts.css
d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/ 		5 KB
905 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/fonts.css
Requested by
Host: push.fm
URL: https://push.fm/fl/s6hdwhvc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:16:8c61:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71401a2e4a48f15b0d02ba2fc6fc9ed3a219760b4eada58fe01b07b940118e4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

vary
Accept-Encoding, Origin
cache-control
public, max-age=2628000
content-encoding
br
etag
W/"1a68fc0c866f1cac6f5288cf63933106"
age
121280
via
1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
expires
Fri, 13 May 2022 11:15:03 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
4b75Mv_MyirH-oyqOzFuB1slsdpEl_x1JnGDPSKvzZXlep35Lobx7A==
date
Wed, 23 Oct 2024 11:28:16 GMT
content-type
text/css
last-modified
Wed, 23 Oct 2024 11:25:47 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
x-amz-server-side-encryption
AES256
rocket-loader.min.js
push.fm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://push.fm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: push.fm
URL: https://push.fm/fl/s6hdwhvc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/fl/s6hdwhvc

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"6712b248-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SL7ZGP%2BNItenz5tdrE2LjneJ8aULH1iMWtHhLrUTNf8BNa8Wt7aKLCsKQd8tOk8xNiMCUPMbMBFOqDt01VZ9CgbdBF2C2t%2FXTJnNqRWSMdKChzaoFMTHAvee"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d7cf2e2af6b665c-AMS
expires
Sat, 26 Oct 2024 21:09:35 GMT
date
Thu, 24 Oct 2024 21:09:35 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 19:08:56 GMT
server
cloudflare
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		0
0
products.js
d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/js/ 		997 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/js/products.js
Requested by
Host: push.fm
URL: https://push.fm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:16:8c61:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
829cf4f9d8bec889ce962937d1535a5e0f63b45d22d6bb57c0610f44309a356a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
content-encoding
br
etag
W/"357e880575dff1674aa7b2196884b278"
age
121278
via
1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
expires
Sat, 23 Nov 2024 04:59:31 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
XPYCThf3Snc3cxRPhF9gd0Yby11x4-eEOPVWFs_bxTbENDlEZ8JV8Q==
date
Wed, 23 Oct 2024 11:28:18 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 11:26:08 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/ 		229 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: push.fm
URL: https://push.fm/fl/s6hdwhvc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
f5e35a9ad3958ca5395c3496fe29b2a933f541a33741df1e37b084d7df8bcb39
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Mjhl7Ci6' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 21:09:35 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Mjhl7Ci6' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4410, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
OsrnTRnnwnxLpKuPGlSJ45nCF3IgTikDX0pzIp0qYhiOsjHmmX8ZKcW3VCTsbYj1+qJF7IO2zkGk4geAe+GMlA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59697
x-xss-protection
0
origin-agent-cluster
?1
gtm.js
www.googletagmanager.com/ 		274 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TJWRC65
Requested by
Host: push.fm
URL: https://push.fm/fl/s6hdwhvc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2bd1818631fcc62ee969a87364d556650da2ea0cde880ebda18f067880cc4ac6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 24 Oct 2024 21:09:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 21:09:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96727
x-xss-protection
0
server
Google Tag Manager
favicon.png
d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:16:8c61:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef18fbb2ba59e1fbf2b91b87ba5b203d3c5b10c4c996b6b7edce99f0a5c68f94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

etag
"b662260c55b49f96fa2d81d25bd4fd1c"
age
121042
expires
Fri, 13 May 2022 11:15:03 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
8_XOlz5lVxszOaW4bDUAoP7U_lvjfXSm0FIxx-yX0FQo7yRhv7Z7Cw==
date
Wed, 23 Oct 2024 11:32:14 GMT
content-type
image/png
vary
Origin
last-modified
Wed, 23 Oct 2024 11:25:55 GMT
cache-control
public, max-age=2628000
via
1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
5346
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		210 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-136798758-1
Requested by
Host: push.fm
URL: https://push.fm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64132ab473efd9eaac2d2de4c6c43716eec127a460f40ce9bc73bb9d33ee32f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 24 Oct 2024 21:09:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 21:09:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
77154
x-xss-protection
0
server
Google Tag Manager
s6hdwhvc
push.fm/api/guest/link/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://push.fm/api/guest/link/s6hdwhvc
Requested by
Host: d29xpkeqnsbaz3.cloudfront.net
URL: https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/js/products.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26d2ccdb0860148637225964989291fe80b931c64b5adb36e4fcb087ec56c468

Request headers

X-XSRF-TOKEN
eyJpdiI6Ik5IcDZFR0NTRHJMejVNeGU0STR4U2c9PSIsInZhbHVlIjoiMktGdWp1RVN1RE5aQVNSOFRsRVBBNll0bnlMU0Q1U0FRQlhkSHlnRERscXZnMHdVV0o1dmVYeFplcVZjbGpxLzhGNHk0WEtFaWd4aVVhbkJhOFlkN3R5aXREUHNBME92cm93WHgrUVFFODZ2aHhsUnFuaHVaYzIzWEhrbkNOWVMiLCJtYWMiOiIyNTA3OGM3YmEyODlmN2UwYWI1YTFkYWEzZjA3YjBiMGUyYjdkODUxYmEzNGQwYzc2M2JlYWYzZmQ3OTM1MjNlIiwidGFnIjoiIn0=
Referer
https://push.fm/fl/s6hdwhvc
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Referer-start

Response headers

x-robots-tag
all
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IOjY9d55QysAJG82%2BQ42FCr1NeM5kgd%2ByXjj3meNz4U5VCzBQlEMxDbKt%2B4OjAx8ipKVNqmc6ZzIPnHT%2FQlqruaRGpccZT3cfGT3AYwRSQ7wGA0YjNb7ZMdP"}],"group":"cf-nel","max_age":604800}
x-amzn-requestid
180eb9ab-497d-4654-b19c-8f7975073274
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
z6134BqjOh4GwBzACmX5QP4c7W-WnjNVLlHKXFB1EWj5fctC1bowzQ==
date
Thu, 24 Oct 2024 21:09:36 GMT
content-type
application/json
priority
u=1,i
server-timing
cfL4;desc="?proto=QUIC&rtt=24014&sent=26&recv=19&lost=0&retrans=0&sent_bytes=16435&recv_bytes=6873&delivery_rate=105376&cwnd=12000&unsent_bytes=0&cid=f637e8f09767af38&ts=902&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-apigw-id
ALGelGrtrPEEoGw=
x-amzn-remapped-date
Thu, 24 Oct 2024 21:09:36 GMT
x-amzn-trace-id
Root=1-671ab790-4001ad982c9a0b6050b79bb0;Parent=58b4a61ea8ffd7df;Sampled=0;Lineage=1:7c788e94:0
via
1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
cf-ray
8d7cf2e45978665c-AMS
x-amz-cf-pop
FRA56-P12
server
cloudflare
js
www.googletagmanager.com/gtag/ 		299 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VC4FJ5WFTN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJWRC65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8431b8406be92ccdb580eaaa0670f763c3c4d550a3fe8ff391da30260c8eb1dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 24 Oct 2024 21:09:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 21:09:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103931
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		207 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-136798758-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJWRC65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d84f234bd8f6359137c93f6bec3b1e25b606f3a2df52da07d8d61dfe60b2e070
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 24 Oct 2024 21:09:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 21:09:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
76153
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136798758-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

content-encoding
gzip
age
7154
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 21:10:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 19:10:22 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
register-conversion
region1.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-VC4FJ5WFTN&gtm=45je4al0v885018856z89113111505za200zb9113111505&_p=1729804175907&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=...
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1010030208.1729804176&dbk=18063319706662662255&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4al0v885018856z8911311150...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1010030208.1729804176&dbk=18063319706662662255&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4al0v885018856z89113111505za200zb9113111505&npa=1&tid=G-VC4FJ5WFTN&dl=https%3A%2F%2Fpush.fm%3F
Protocol
H2
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Thu, 24 Oct 2024 21:09:36 GMT
content-type
text/plain
server
Golfe2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1010030208.1729804176&dbk=18063319706662662255&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4al0v885018856z89113111505za200zb9113111505&npa=1&tid=G-VC4FJ5WFTN&dl=https%3A%2F%2Fpush.fm%3F
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
499
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 21:09:36 GMT
content-type
text/html; charset=UTF-8
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
548 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VC4FJ5WFTN&cid=1010030208.1729804176&gtm=45je4al0v885018856z89113111505za200zb9113111505&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101686685~101823848
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VC4FJ5WFTN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://push.fm
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 21:09:36 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VC4FJ5WFTN&cid=1010030208.1729804176&gtm=45je4al0v885018856z89113111505za200zb9113111505&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101686685~101823848&tag_exp=101533422~101686685~101823848&z=536966164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 21:09:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
www.google-analytics.com/j/ 		1 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=362823219&t=pageview&_s=1&dl=https%3A%2F%2Fpush.fm%2Ffl%2Fs6hdwhvc&ul=nl-nl&de=UTF-8&dt=My%20Medical%20Clinic%20MN%20by%20Online%20Payment%20Portal%20Alternate%20Signing%20Method%20%7C%20Find%20more%20at%20VIEW%20%7C%20PUSH.fm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1762516896&gjid=181109485&cid=1010030208.1729804176&tid=UA-136798758-1&_gid=585846490.1729804176&_r=1&gtm=457e4al0za200zb9113111505&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685~101823848&jsscut=1&npa=1&z=1650890178
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://push.fm/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 21:09:36 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://push.fm
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
eyJrZXkiOiIxMzM5OTZcLzBiMWE3MjU3LWMzNzUtNGZjNS1iNzBjLWFiZGIzOTEyZGQxNSIsImJ1Y2tldCI6InJvdXRlbm90ZS1wdXNoIiwiZWRpdHMiOnsicmVzaXplIjp7ImZpdCI6ImNvdmVyIiwid2lkdGgiOjEyOCwiaGVpZ2h0IjoxMjh9fX0=
d1l1gotk1xybsc.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1l1gotk1xybsc.cloudfront.net/eyJrZXkiOiIxMzM5OTZcLzBiMWE3MjU3LWMzNzUtNGZjNS1iNzBjLWFiZGIzOTEyZGQxNSIsImJ1Y2tldCI6InJvdXRlbm90ZS1wdXNoIiwiZWRpdHMiOnsicmVzaXplIjp7ImZpdCI6ImNvdmVyIiwid2lkdGgiOjEyOCwiaGVpZ2h0IjoxMjh9fX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2165:5000:19:b0d5:4b00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
86bb0ade504e103d2155c8dc5bb65705d457a70daa5871f347789162c6279604

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

age
5404
access-control-allow-methods
GET
x-amzn-requestid
5271b377-5cd7-4ac3-8820-79fa27bea5fc
x-cache
Hit from cloudfront
x-amz-cf-id
Mh-odtUNlC5ipTNhmy3NDRHUzKJFvvcjMQJQmbKvbxAF00dC-bYVag==
date
Thu, 24 Oct 2024 19:39:32 GMT
content-type
image/webp
last-modified
Thu, 24 Oct 2024 19:23:51 GMT
access-control-allow-headers
Content-Type, Authorization
cache-control
max-age=604800
x-amz-apigw-id
AK5SPHVaoAMED-A=
x-amzn-trace-id
Root=1-671aa274-5c6aef19480bb3b179503a47;Parent=34cc082562999098;Sampled=0;Lineage=1:0f41bae8:0
access-control-allow-credentials
true
via
1.1 72e7358c1b788ea69a1649b717511b9a.cloudfront.net (CloudFront)
access-control-allow-origin
push.fm
content-length
1742
x-amz-cf-pop
MUC50-P6
eyJrZXkiOiIxMzM5OTZcLzBiMWE3MjU3LWMzNzUtNGZjNS1iNzBjLWFiZGIzOTEyZGQxNSIsImJ1Y2tldCI6InJvdXRlbm90ZS1wdXNoIiwiZWRpdHMiOnsicmVzaXplIjp7ImZpdCI6ImNvbnRhaW4iLCJ3aWR0aCI6bnVsbCwiaGVpZ2h0Ijo1NDB9fX0=
d1l1gotk1xybsc.cloudfront.net/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1l1gotk1xybsc.cloudfront.net/eyJrZXkiOiIxMzM5OTZcLzBiMWE3MjU3LWMzNzUtNGZjNS1iNzBjLWFiZGIzOTEyZGQxNSIsImJ1Y2tldCI6InJvdXRlbm90ZS1wdXNoIiwiZWRpdHMiOnsicmVzaXplIjp7ImZpdCI6ImNvbnRhaW4iLCJ3aWR0aCI6bnVsbCwiaGVpZ2h0Ijo1NDB9fX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2165:5000:19:b0d5:4b00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2594d1a7975b020b38a9d9691176fd073065cb6a03d1af5bbb5fd5ce59e93678

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://push.fm/

Response headers

age
5403
access-control-allow-methods
GET
x-amzn-requestid
d0ee2a38-800b-4466-9461-1ae38b46e1c8
x-cache
Hit from cloudfront
x-amz-cf-id
O7LT18N7ubrrLAX8J0yjNs1pQ6zO2cjzIjYX83OcBbgfahs0XRUbIQ==
date
Thu, 24 Oct 2024 19:39:32 GMT
content-type
image/webp
last-modified
Thu, 24 Oct 2024 19:23:51 GMT
access-control-allow-headers
Content-Type, Authorization
cache-control
max-age=604800
x-amz-apigw-id
AK5SPFj4IAMEu4g=
x-amzn-trace-id
Root=1-671aa274-05f994295de6eefe01aa9ecd;Parent=35e082d0af6b0b30;Sampled=0;Lineage=1:0f41bae8:0
access-control-allow-credentials
true
via
1.1 72e7358c1b788ea69a1649b717511b9a.cloudfront.net (CloudFront)
access-control-allow-origin
push.fm
content-length
11518
x-amz-cf-pop
MUC50-P6
hkgrotesk-bold.woff2
d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/hkgrotesk-bold.woff2
Requested by
Host: d29xpkeqnsbaz3.cloudfront.net
URL: https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:16:8c61:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c72825546c0287b55e30928c6a7bf4a8267a0c728c991e4edbce9a65165944ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://push.fm
Referer
https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/fonts.css

Response headers

etag
"7823c0cc2e8eb2cba8331bbdab5b715d"
age
120757
access-control-allow-methods
HEAD, GET, PUT, POST
expires
Fri, 13 May 2022 11:15:03 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
vqidBoJ8CeBYZbzbJcqocDMeCDzr5sqeL_rFyryfRAIj8XvJObOppw==
date
Wed, 23 Oct 2024 11:37:00 GMT
content-type
font/woff2
last-modified
Wed, 23 Oct 2024 11:25:47 GMT
cache-control
public, max-age=2628000
via
1.1 ac174bd7948c4e669be0382ce2c052e8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
16364
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
hkgrotesk-regular.woff2
d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/hkgrotesk-regular.woff2
Requested by
Host: d29xpkeqnsbaz3.cloudfront.net
URL: https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:16:8c61:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e2f81c36d44fb7b2ca2999cdf8fe02a6c7858abc38f2b8353b1daaa12c9b61a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://push.fm
Referer
https://d29xpkeqnsbaz3.cloudfront.net/cd0ad3ef-133a-4ef7-b9a5-604edc4c236a/css/font/fonts.css

Response headers

etag
"746f8da697b19c1b516af72bd2d737dc"
age
120757
access-control-allow-methods
HEAD, GET, PUT, POST
expires
Fri, 13 May 2022 11:15:03 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
QF7iSDDBmWDPUm9s5I7-5na4GmEx4GbLP6MkSZRzqxJqXnsAI-9WXQ==
date
Wed, 23 Oct 2024 11:37:00 GMT
content-type
font/woff2
last-modified
Wed, 23 Oct 2024 11:25:54 GMT
cache-control
public, max-age=2628000
via
1.1 ac174bd7948c4e669be0382ce2c052e8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
16468
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=UA-136798758-1

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR function| loadApp object| dataLayer function| gtag function| fbq function| _fbq boolean| __cfRLUnblockHandlers function| captchaCallback object| Push function| setImmediate function| clearImmediate object| regeneratorRuntime object| env function| moment function| ajax function| convertTimestampToLocal function| Vue function| VueRouter function| base64Json function| optional function| opt function| optionalDeep function| optDeep function| formatBytes function| formatMegabytes function| combineVueSlots function| walkObject function| flattenObject function| truthy function| walkObjectForTruth function| walkObjectForTotalTruth function| tap function| twScreen function| downloadFile function| logtap function| insideElement function| formatNumber function| createCenterPopup function| waitUntil function| leadingZero function| Form function| Bag object| verge function| CreatePush function| __validate function| validate object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

7 Cookies

Domain/Path Name / Value
.push.fm/ Name: _gcl_au
Value: 1.1.291720679.1729804176
.push.fm/ Name: _ga_VC4FJ5WFTN
Value: GS1.1.1729804176.1.0.1729804176.60.0.0
.push.fm/ Name: _ga
Value: GA1.2.1010030208.1729804176
.push.fm/ Name: _gid
Value: GA1.2.585846490.1729804176
.push.fm/ Name: _gat_gtag_UA_136798758_1
Value: 1
push.fm/ Name: XSRF-TOKEN
Value: eyJpdiI6ImZRV1UvOFpkMXFvS2g5cERCY1BkM3c9PSIsInZhbHVlIjoiemI2WjdyYlZVWExsWmF6TFJKVWpDOWlHQnlFRUpyOVJNUE0rdVFaODdoM21oWW8rTjNqa1ljbGg3U1E2THQyaXZzdEgwSmNTQlJJc1poc1d2OHNPazBRM2paeTcwb3dsc3J2dzZ1c1hOVDRlNG9OOUZHcElPWWd0MUY5TnYwZTMiLCJtYWMiOiJlZDc1MjkzOTdkODU3ZmYzNTNiYjJkNWQ5ZTVmMmE5OGI0NTdlYjM0MmVhODA0MjRhNTMyOTVmOTM0YzkwYzcwIiwidGFnIjoiIn0%3D
push.fm/ Name: push_session
Value: eyJpdiI6ImhLbnJaY0Fib0crS3dSZGk3VUo2OUE9PSIsInZhbHVlIjoiUkEzVUxFV2FMS3BmVWFoRmpMSGR0c1dNWGZpMlFpZkJYMUtnRTRYTHFBaGUrbkw2QzN3eFdXOWdQa3lQUzIzRU1LdW9hMTdnRksxZzJROXhkWkFkR25wZGJnT2hkSlRGZFdqc0MvUml0N0Q5RFB3WXFjVFJCWDdwdmxNQWIwWWgiLCJtYWMiOiIyYzMyNDc3MTIxMmM1OTNmYzI0ZDg5NWM4MzMwZmFlNWU0NzNiODRjOGUyYTI4MDZmNzZmZGQxODA3ZDZjZjQ0IiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
d1l1gotk1xybsc.cloudfront.net
d29xpkeqnsbaz3.cloudfront.net
push.fm
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.nl
www.googletagmanager.com
www.googletagmanager.com
142.250.186.168
157.240.0.6
188.114.96.3
2001:4860:4802:34::178
2001:4860:4802:34::36
2600:9000:2165:5000:19:b0d5:4b00:21
2600:9000:26db:d800:16:8c61:13c0:21
2a00:1450:4001:810::2003
2a00:1450:4001:812::2008
2a00:1450:400c:c0b::9c
2594d1a7975b020b38a9d9691176fd073065cb6a03d1af5bbb5fd5ce59e93678
26d2ccdb0860148637225964989291fe80b931c64b5adb36e4fcb087ec56c468
2bd1818631fcc62ee969a87364d556650da2ea0cde880ebda18f067880cc4ac6
2c244bb5c201e6e2bb67efb8749e0cd612efc3ac8d03f2ae78cb90ae27b11846
64132ab473efd9eaac2d2de4c6c43716eec127a460f40ce9bc73bb9d33ee32f7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71401a2e4a48f15b0d02ba2fc6fc9ed3a219760b4eada58fe01b07b940118e4d
829cf4f9d8bec889ce962937d1535a5e0f63b45d22d6bb57c0610f44309a356a
8431b8406be92ccdb580eaaa0670f763c3c4d550a3fe8ff391da30260c8eb1dc
86bb0ade504e103d2155c8dc5bb65705d457a70daa5871f347789162c6279604
9e2f81c36d44fb7b2ca2999cdf8fe02a6c7858abc38f2b8353b1daaa12c9b61a
c72825546c0287b55e30928c6a7bf4a8267a0c728c991e4edbce9a65165944ce
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d84f234bd8f6359137c93f6bec3b1e25b606f3a2df52da07d8d61dfe60b2e070
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed3e16aeafc640ed1ff6fc75b2dd8407ede1a93507e65e7116a9e5765fe6eb21
ef18fbb2ba59e1fbf2b91b87ba5b203d3c5b10c4c996b6b7edce99f0a5c68f94
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5e35a9ad3958ca5395c3496fe29b2a933f541a33741df1e37b084d7df8bcb39