urlscan.io logo urlscan.io
SecurityTrails logo

54.162.64.166 Open in urlscan Pro
54.162.64.166  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://54.162.64.166/
Effective URL: https://54.162.64.166/
Submission: On August 02 via manual from NZ — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 76 IPs in 7 countries across 57 domains to perform 166 HTTP transactions. The main IP is 54.162.64.166, located in United States and belongs to AMAZON-AES, US. The main domain is 54.162.64.166.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 20th 2023. Valid for: a year.
This is the only time 54.162.64.166 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 54.162.64.166 14618 (AMAZON-AES)
1 13.227.254.113 16509 (AMAZON-02)
4 18.155.68.83 16509 (AMAZON-02)
3 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
2 2406:2600:7:1... 55569 (CRITEO-AS...)
1 2 2600:9000:21b... 16509 (AMAZON-02)
1 2 184.51.96.11 16625 (AKAMAI-AS)
1 2406:2000:e4:... 56173 (YAHOO-SG3...)
1 35.186.249.72 15169 (GOOGLE)
1 13.224.249.33 16509 (AMAZON-02)
2 3.93.161.98 14618 (AMAZON-AES)
1 2403:e800:e80... 4637 (ASN-TELST...)
2 2404:6800:400... 15169 (GOOGLE)
1 2 2406:2600:7:1... 55569 (CRITEO-AS...)
1 52.45.109.100 14618 (AMAZON-AES)
2 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 2 182.161.73.136 55569 (CRITEO-AS...)
2 54.80.155.233 14618 (AMAZON-AES)
2 3.220.72.20 14618 (AMAZON-AES)
1 18.155.68.61 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 169.61.92.29 36351 (SOFTLAYER)
1 13.224.249.127 16509 (AMAZON-02)
1 2606:4700:310... 13335 (CLOUDFLAR...)
1 106.10.236.146 56173 (YAHOO-SG3...)
2 107.23.160.3 14618 (AMAZON-AES)
1 54.192.150.76 16509 (AMAZON-02)
5 18.155.68.90 16509 (AMAZON-02)
1 54.192.150.127 16509 (AMAZON-02)
1 2400:52e0:150... 200325 (BUNNYCDN)
1 2404:6800:400... 15169 (GOOGLE)
1 23.207.189.59 16625 (AKAMAI-AS)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2403:e800:e80... 4637 (ASN-TELST...)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 2400:52e0:150... 200325 (BUNNYCDN)
6 2a02:6ea0:d10... 60068 (CDN77 ^_^)
1 13.227.254.18 16509 (AMAZON-02)
4 151.101.1.44 54113 (FASTLY)
1 3 182.161.73.146 55569 (CRITEO-AS...)
1 74.119.119.150 19750 (AS-CRITEO)
1 172.67.74.137 13335 (CLOUDFLAR...)
10 54.85.137.162 14618 (AMAZON-AES)
2 52.5.61.120 14618 (AMAZON-AES)
1 13.33.45.104 16509 (AMAZON-02)
2 66.225.223.159 3949 (NTTA-3946)
1 2600:9000:20c... 16509 (AMAZON-02)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 54.208.108.235 14618 (AMAZON-AES)
1 52.84.251.81 16509 (AMAZON-02)
2 54.88.225.94 14618 (AMAZON-AES)
4 2600:1f14:5db... 16509 (AMAZON-02)
1 2a03:2880:f10... 32934 (FACEBOOK)
1 2a04:4e42::300 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
1 2 35.213.12.39 15169 (GOOGLE)
1 1 74.125.24.156 15169 (GOOGLE)
2 2 104.254.151.36 29990 (ASN-APPNEX)
1 2 104.254.150.241 29990 (ASN-APPNEX)
1 69.173.158.64 26667 (RUBICONPR...)
1 54.255.136.61 16509 (AMAZON-02)
1 23.106.127.53 59253 (LEASEWEB-...)
4 141.226.229.48 200478 (TABOOLA-AS)
1 23.73.13.34 16625 (AKAMAI-AS)
1 2 35.71.178.8 16509 (AMAZON-02)
1 13.228.126.19 16509 (AMAZON-02)
1 124.146.215.2 2514 (INFOSPHER...)
1 124.146.215.50 2514 (INFOSPHER...)
1 104.69.166.9 16625 (AKAMAI-AS)
1 2 139.5.84.243 27381 (CASALE-MEDIA)
1 52.78.1.42 16509 (AMAZON-02)
1 52.192.226.225 16509 (AMAZON-02)
1 2 54.255.62.122 16509 (AMAZON-02)
1 35.190.60.146 15169 (GOOGLE)
166 76
28    54.162.64.166 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-64-166.compute-1.amazonaws.com
54.162.64.166
1    13.227.254.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-113.sin52.r.cloudfront.net
cdn.stg.pivothealth.com
4    18.155.68.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-83.sin52.r.cloudfront.net
cdn.pivothealth.com
3    2404:6800:4003:c00::61 (Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2404:6800:4003:c02::8b (Singapore)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    2600:9000:21b4:c000:a:8e7d:9900:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.pmsrv.co
2    184.51.96.11 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-96-11.deploy.static.akamaitechnologies.com
contextual.media.net
1    2406:2000:e4:1604::1001 (Taiwan)

ASN56173 (YAHOO-SG3 internet content provider, SG)
s.yimg.com
1    35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com
d.impactradius-event.com
1    13.224.249.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-33.sin52.r.cloudfront.net
assets.stg.healthcare.com
2    3.93.161.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-161-98.compute-1.amazonaws.com
session-manager-srv.stg.healthcare.com
1    2403:e800:e80b::2a63:8c98 (Hong Kong)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
p.typekit.net
2    2404:6800:4003:c1a::9c (Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2406:2600:7:100::9 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    52.45.109.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-109-100.compute-1.amazonaws.com
geoip.healthcare.com
2    2404:6800:4003:c02::8a (Singapore)

ASN15169 (GOOGLE, US)
analytics.google.com
3    2404:6800:4003:c11::5e (Singapore)

ASN15169 (GOOGLE, US)
www.google.co.nz
2    2404:6800:4003:c1c::6a (Singapore)

ASN15169 (GOOGLE, US)
www.google.com
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
gum.criteo.com
2    54.80.155.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-155-233.compute-1.amazonaws.com
sem-content.stg.healthcare.com
2    3.220.72.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-72-20.compute-1.amazonaws.com
backend.stg.pivothealth.com
1    18.155.68.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-61.sin52.r.cloudfront.net
static.hotjar.com
1    2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
2    169.61.92.29 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 1d.5c.3da9.ip4.static.sl-reverse.com
api.connectme.gen3ventures.com
1    13.224.249.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-127.sin52.r.cloudfront.net
script.hotjar.com
1    2606:4700:3108::ac42:2ba2 (United States)

ASN13335 (CLOUDFLARENET, US)
healthcare.absmartly.io
1    106.10.236.146 (Singapore)

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: spdc.pbp.vip.sg3.yahoo.com
sp.analytics.yahoo.com
2    107.23.160.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-160-3.compute-1.amazonaws.com
api.stg.healthcare.com
1    54.192.150.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-76.sin2.r.cloudfront.net
sem-content.static.stg.healthcare.com
5    18.155.68.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-90.sin52.r.cloudfront.net
widget.trustpilot.com
1    54.192.150.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-127.sin2.r.cloudfront.net
assets.healthcare.com
1    2400:52e0:1500::982:1 (Singapore)

ASN200325 (BUNNYCDN, SI)
widgets.getsitecontrol.com
1    2404:6800:4003:c05::9c (Singapore)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    23.207.189.59 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-189-59.deploy.static.akamaitechnologies.com
amplify.outbrain.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    2403:e800:e80b::2a63:8c8b (Hong Kong)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
snap.licdn.com
2    2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2400:52e0:1500::868:1 (Singapore)

ASN200325 (BUNNYCDN, SI)
a.omappapi.com
6    2a02:6ea0:d100::12 (Singapore)

ASN60068 (CDN77 ^_^, GB)
cdn.userway.org
1    13.227.254.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-18.sin52.r.cloudfront.net
cdn.heapanalytics.com
4    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
3    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
sslwidget.criteo.com
dis.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
1    172.67.74.137 (United States)

ASN13335 (CLOUDFLARENET, US)
www.consumersadvocate.org
10    54.85.137.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-137-162.compute-1.amazonaws.com
create.leadid.com
2    52.5.61.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-61-120.compute-1.amazonaws.com
sem-content.healthcare.com
1    13.33.45.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-45-104.sin2.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2    66.225.223.159 (Sacramento, United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com
tr.outbrain.com
1    2600:9000:20c7:1600:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    54.208.108.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-108-235.compute-1.amazonaws.com
deviceid.trueleadid.com
1    52.84.251.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-81.sin5.r.cloudfront.net
api.omappapi.com
2    54.88.225.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-225-94.compute-1.amazonaws.com
heapanalytics.com
4    2600:1f14:5db:eb22:950c:c609:3c1:aec8 (Boardman, United States)

ASN16509 (AMAZON-02, US)
api.userway.org
1    2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
cm.g.doubleclick.net
2    104.254.151.36 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
2    104.254.150.241 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
1    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    54.255.136.61 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-136-61.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    23.106.127.53 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
4    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
trc-events.taboola.com
1    23.73.13.34 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-13-34.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
2    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    13.228.126.19 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    124.146.215.2 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
adgen.socdm.com
1    124.146.215.50 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    104.69.166.9 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-166-9.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
r.casalemedia.com
1    52.78.1.42 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-78-1-42.ap-northeast-2.compute.amazonaws.com
adx.dable.io
1    52.192.226.225 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-226-225.ap-northeast-1.compute.amazonaws.com
cs.adingo.jp
2    54.255.62.122 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-62-122.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
1    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
Apex Domain
Subdomains		 Transfer
12 healthcare.com
assets.stg.healthcare.com
session-manager-srv.stg.healthcare.com
geoip.healthcare.com — Cisco Umbrella Rank: 751427
sem-content.stg.healthcare.com
api.stg.healthcare.com
sem-content.static.stg.healthcare.com
assets.healthcare.com — Cisco Umbrella Rank: 633225
sem-content.healthcare.com — Cisco Umbrella Rank: 606700
24 KB
10 leadid.com
create.leadid.com — Cisco Umbrella Rank: 14053
6 KB
10 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 861
trc.taboola.com — Cisco Umbrella Rank: 616
pips.taboola.com — Cisco Umbrella Rank: 1537
cds.taboola.com — Cisco Umbrella Rank: 1770
sync-t1.taboola.com — Cisco Umbrella Rank: 1328
trc-events.taboola.com — Cisco Umbrella Rank: 1861
30 KB
10 userway.org
cdn.userway.org — Cisco Umbrella Rank: 5108
api.userway.org — Cisco Umbrella Rank: 4874
60 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 417
mug.criteo.com — Cisco Umbrella Rank: 2490
sslwidget.criteo.com — Cisco Umbrella Rank: 1850
widget.us.criteo.com — Cisco Umbrella Rank: 19801
dis.criteo.com — Cisco Umbrella Rank: 623
14 KB
7 pivothealth.com
cdn.stg.pivothealth.com
cdn.pivothealth.com — Cisco Umbrella Rank: 849065
backend.stg.pivothealth.com
51 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 384
www.linkedin.com — Cisco Umbrella Rank: 543
px4.ads.linkedin.com — Cisco Umbrella Rank: 5993
5 KB
5 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 5384
26 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 245
secure.adnxs.com — Cisco Umbrella Rank: 461
3 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 383
c.bing.com — Cisco Umbrella Rank: 224
14 KB
4 google.com
analytics.google.com — Cisco Umbrella Rank: 187
www.google.com — Cisco Umbrella Rank: 3
869 B
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 114
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 239
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 58
21 KB
3 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 2776
heapanalytics.com — Cisco Umbrella Rank: 2307
38 KB
3 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 5878
api.omappapi.com — Cisco Umbrella Rank: 6101
22 KB
3 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3176
tr.outbrain.com — Cisco Umbrella Rank: 2925
sync.outbrain.com Failed
8 KB
3 google.co.nz
www.google.co.nz — Cisco Umbrella Rank: 32694
669 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
254 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 666
874 B
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1576
2 KB
2 socdm.com
adgen.socdm.com — Cisco Umbrella Rank: 17934
tg.socdm.com — Cisco Umbrella Rank: 1129
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 403
739 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 350
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170
94 KB
2 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1224
ups.analytics.yahoo.com — Cisco Umbrella Rank: 321
1 KB
2 gen3ventures.com
api.connectme.gen3ventures.com
38 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 759
script.hotjar.com — Cisco Umbrella Rank: 988
60 KB
2 media.net
contextual.media.net — Cisco Umbrella Rank: 639
1 KB
2 pmsrv.co
c.pmsrv.co — Cisco Umbrella Rank: 64702
5 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 599
16 KB
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 410
448 B
1 adingo.jp
cs.adingo.jp — Cisco Umbrella Rank: 4087
413 B
1 dable.io
adx.dable.io — Cisco Umbrella Rank: 18028
142 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 649
546 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2129
277 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 689
688 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 578
280 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 380
785 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
185 B
1 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 14893
2 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 876
367 B
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2 KB
1 consumersadvocate.org
www.consumersadvocate.org — Cisco Umbrella Rank: 138294
2 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 795
5 KB
1 getsitecontrol.com
widgets.getsitecontrol.com — Cisco Umbrella Rank: 29071
891 B
1 absmartly.io
healthcare.absmartly.io — Cisco Umbrella Rank: 695509
1 KB
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 24955
39 KB
1 typekit.net
p.typekit.net — Cisco Umbrella Rank: 686
172 B
1 impactradius-event.com
d.impactradius-event.com — Cisco Umbrella Rank: 3959
13 KB
1 yimg.com
s.yimg.com — Cisco Umbrella Rank: 561
7 KB
0 yieldmo.com Failed
sync-criteo.ads.yieldmo.com Failed
0 aralego.com Failed
sync.aralego.com Failed
0 clmbtech.com Failed
ade.clmbtech.com Failed
0 smaato.net Failed
s.ad.smaato.net Failed
0 pubmatic.com Failed
simage2.pubmatic.com Failed
0 mediavine.com Failed
exchange.mediavine.com Failed
0 stickyadstv.com Failed
ads.stickyadstv.com Failed
166 57
Domain Requested by
10 create.leadid.com assets.stg.healthcare.com
deviceid.trueleadid.com
6 cdn.userway.org 54.162.64.166
cdn.userway.org
assets.stg.healthcare.com
5 widget.trustpilot.com 54.162.64.166
widget.trustpilot.com
4 api.userway.org assets.stg.healthcare.com
cdn.userway.org
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 cdn.pivothealth.com 54.162.64.166
3 trc-events.taboola.com assets.stg.healthcare.com
3 px.ads.linkedin.com 3 redirects
3 cdn.taboola.com 54.162.64.166
cdn.taboola.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
3 www.google.co.nz 54.162.64.166
3 gum.criteo.com 2 redirects static.criteo.net
3 www.googletagmanager.com 54.162.64.166
www.googletagmanager.com
www.google-analytics.com
2 ad.360yield.com 1 redirects
2 r.casalemedia.com 1 redirects
2 eb2.3lift.com 1 redirects
2 secure.adnxs.com 1 redirects
2 ib.adnxs.com 2 redirects
2 dis.criteo.com
2 x.bidswitch.net 1 redirects
2 heapanalytics.com
2 tr.outbrain.com amplify.outbrain.com
2 sem-content.healthcare.com assets.stg.healthcare.com
2 a.omappapi.com www.googletagmanager.com
a.omappapi.com
2 connect.facebook.net 54.162.64.166
connect.facebook.net
2 api.stg.healthcare.com assets.stg.healthcare.com
2 api.connectme.gen3ventures.com 54.162.64.166
api.connectme.gen3ventures.com
2 backend.stg.pivothealth.com 54.162.64.166
2 sem-content.stg.healthcare.com assets.stg.healthcare.com
2 www.google.com 54.162.64.166
2 analytics.google.com www.googletagmanager.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 session-manager-srv.stg.healthcare.com 54.162.64.166
2 contextual.media.net 1 redirects
2 c.pmsrv.co 1 redirects 54.162.64.166
2 static.criteo.net www.googletagmanager.com
54.162.64.166
1 c.bing.com
1 idsync.rlcdn.com
1 cs.adingo.jp
1 adx.dable.io
1 tags.bluekai.com
1 tg.socdm.com
1 adgen.socdm.com
1 ups.analytics.yahoo.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 match.sharethrough.com
1 pixel.rubiconproject.com
1 cm.g.doubleclick.net 1 redirects
1 cds.taboola.com assets.stg.healthcare.com
1 pips.taboola.com assets.stg.healthcare.com
1 trc.taboola.com cdn.taboola.com
1 www.facebook.com
1 api.omappapi.com assets.stg.healthcare.com
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io assets.stg.healthcare.com
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 www.consumersadvocate.org 54.162.64.166
1 widget.us.criteo.com
1 sslwidget.criteo.com 1 redirects
1 cdn.heapanalytics.com 54.162.64.166
1 snap.licdn.com 54.162.64.166
1 amplify.outbrain.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 widgets.getsitecontrol.com 54.162.64.166
1 assets.healthcare.com 54.162.64.166
1 sem-content.static.stg.healthcare.com assets.stg.healthcare.com
1 sp.analytics.yahoo.com
1 healthcare.absmartly.io 54.162.64.166
1 script.hotjar.com static.hotjar.com
1 create.lidstatic.com 54.162.64.166
1 static.hotjar.com www.googletagmanager.com
1 mug.criteo.com 54.162.64.166
1 geoip.healthcare.com 54.162.64.166
1 p.typekit.net client
1 assets.stg.healthcare.com 54.162.64.166
1 d.impactradius-event.com 54.162.64.166
1 s.yimg.com 54.162.64.166
assets.stg.healthcare.com
1 cdn.stg.pivothealth.com 54.162.64.166
0 sync-criteo.ads.yieldmo.com Failed
0 sync.aralego.com Failed
0 ade.clmbtech.com Failed
0 s.ad.smaato.net Failed
0 simage2.pubmatic.com Failed
0 sync.outbrain.com Failed
0 exchange.mediavine.com Failed
0 ads.stickyadstv.com Failed
166 90
Subject Issuer Validity Valid
*.stg.pivothealth.com
Amazon RSA 2048 M01		 2023-02-20 -
2024-01-08		 a year crt.sh
*.pivothealth.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-01-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-07-03 -
2023-08-23		 2 months crt.sh
*.impactradius-event.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-07 -
2024-01-06		 a year crt.sh
*.stg.healthcare.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-19		 8 months crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.healthcare.com
Amazon RSA 2048 M01		 2023-03-05 -
2024-04-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
lidstatic.com
Cloudflare Inc ECC CA-3		 2023-02-28 -
2024-02-28		 a year crt.sh
connectme.gen3ventures.com
Starfield Secure Certificate Authority - G2		 2022-12-02 -
2024-01-03		 a year crt.sh
absmartly.io
GTS CA 1P5		 2023-07-27 -
2023-10-25		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-30 -
2023-11-22		 6 months crt.sh
*.static.stg.healthcare.com
Amazon RSA 2048 M02		 2023-05-10 -
2024-06-06		 a year crt.sh
*.trustpilot.com
Amazon RSA 2048 M02		 2023-02-02 -
2024-03-02		 a year crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2		 2023-03-07 -
2024-04-07		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-11 -
2023-08-09		 3 months crt.sh
a.omappapi.com
R3		 2023-07-09 -
2023-10-07		 3 months crt.sh
1667503734.rsc.cdn77.org
R3		 2023-08-01 -
2023-10-30		 3 months crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M01		 2023-06-29 -
2024-07-27		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
consumersadvocate.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
create.leadid.com
Amazon RSA 2048 M02		 2023-02-23 -
2023-10-19		 8 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh
deviceid.trueleadid.com
Amazon RSA 2048 M02		 2023-02-24 -
2024-01-06		 10 months crt.sh
api.opmnstr.com
Amazon RSA 2048 M01		 2023-03-01 -
2024-02-08		 a year crt.sh
heapanalytics.com
Amazon RSA 2048 M02		 2022-12-09 -
2024-01-07		 a year crt.sh
api.userway.org
Amazon RSA 2048 M02		 2023-02-09 -
2023-10-31		 9 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-02-03 -
2023-11-21		 10 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-07-18 -
2024-01-10		 6 months crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018		 2023-05-31 -
2024-06-30		 a year crt.sh
adx.dable.io
Gandi Standard SSL CA 2		 2022-11-10 -
2023-11-10		 a year crt.sh
*.adingo.jp
Amazon RSA 2048 M01		 2023-02-13 -
2023-11-11		 9 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh

This page contains 7 frames:

Primary Page: https://54.162.64.166/
Frame ID: BFFDC4B556EEEAD95B24819CF511F3B3
Requests: 121 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=54.162.64.166&origin=onetag
Frame ID: D0DE3F694990E61E1BFE0372E10A07DA
Requests: 2 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=57dff8180000ff000594e8bb
Frame ID: 44C7B86EC18A304A88387200BB24F7E5
Requests: 4 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=9EFCD823-F2B3-4148-86CE-AF1E461BDD05&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=0FCCCA9E-0AA6-E383-1618-6F20497C9C14&lac=D07A3733-9799-8328-98B5-5875425F1190
Frame ID: 3EC64974888DD350ED7CDCE8C07AC037
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=9EFCD823-F2B3-4148-86CE-AF1E461BDD05&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=0FCCCA9E-0AA6-E383-1618-6F20497C9C14&lac=D07A3733-9799-8328-98B5-5875425F1190
Frame ID: 3AF996409E38B71500045BC20AFC5A65
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mIAaZprqbOBP39qnHjwrmsH6en5C2H8wm0yxpA&expires=30
Frame ID: 1661A557CBEDFC1829E41C1C9466703C
Requests: 30 HTTP requests in this frame

Frame: https://static.criteo.net/empty.html
Frame ID: 81831CCBA24CF1A95176E9099CD3FE66
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Flexible, Budget-Friendly Health Insurance Plans | Pivot Health

Page URL History Show full URLs

  1. http://54.162.64.166/ HTTP 301
    https://54.162.64.166/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • d\.impactradius-event\.com
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

166
Requests

70 %
HTTPS

32 %
IPv6

57
Domains

90
Subdomains

76
IPs

7
Countries

1445 kB
Transfer

4530 kB
Size

74
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://54.162.64.166/ HTTP 301
    https://54.162.64.166/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://c.pmsrv.co/v2/conversion/src?a=586be1c9-7b76-4e56-a122-03ad4e320360 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=max&ovsid=setstatuscode&redirect=https%3A%2F%2Fc.pmsrv.co%2Fv2%2Fcsync%3FMNETID%3D%24%7Bmnetid%7D%26MAXID%3D42e09fae-59f5-4d3e-a674-fbebfe675a82%26o_url%3Dhttps%253A%252F%252Fc.pmsrv.co%252Fv2%252Fconversion%252Fsrc%253Fa%253D586be1c9-7b76-4e56-a122-03ad4e320360 HTTP 302
  • https://c.pmsrv.co/v2/csync?MNETID=3339428977137031000V10&MAXID=42e09fae-59f5-4d3e-a674-fbebfe675a82&o_url=https%3A%2F%2Fc.pmsrv.co%2Fv2%2Fconversion%2Fsrc%3Fa%3D586be1c9-7b76-4e56-a122-03ad4e320360
Request Chain 44
  • https://gum.criteo.com/sid/json?origin=onetag&domain=54.162.64.166&sn=ChromeSyncframe&so=0&topUrl=54.162.64.166&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=UlhM2HxWcy9MMUFKcTR4MDQ4c28wK0Z6bUxnclQ5UFZRTnFTczRVdGcrY3VrZ1pURmIxazBrUFlNMmxSSnludnpOZTRhMUhYeWRpMnlVd1FrdGl0QjYxSzRYd2VBbExjUUg3T29Jb0pBdlRiQUoyVEZIdm02clZEYThheVdBMUVKbWJObC81eVNlcUhIVGVvOWZ3VGFMa2NxeDVrUm9tRXdjajRucXJNYit6VW5wU1V5RWtuVkFadGpRNEtRV2hsMHBsQzIxaHM1ZllQUjdZMHhZbTIzWGlEcksyVXJ6M2wyU3NrUDJhRE5VUkxuODFHckVRUktLV0pPTFFjVFJsalZ0dHlqWVByODNxYi9ud0JkbktaUjZtUjZPZz09fA&cppv=2
Request Chain 73
  • https://sslwidget.criteo.com/event?a=59541&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=GE7JhV8yR3RCV0MzNExqWWREMFRBMGxDRzVjNzNXeVBHamhqVmZoemZFOWVIMXo1QUNGdHFWNWVVTXRmNVZsS0RKSEhzakdHWDk0QVNTb3glMkJHalFsTGpnZFU3anFldVJHMWtTbSUyRmJPN3Y3QmNnSVJhcUZlQzFQWjZrYWxXaXBZbFFQNkZ2M3IxQm5yVDVOSnhJRjFqTGhOalN3JTNEJTNE&tld=54.162.64.166&fu=https%253A%252F%252F54.162.64.166%252F&ceid=c3bb7a16-24fc-476f-92fc-60951a884130&dtycbr=16127 HTTP 302
  • https://widget.us.criteo.com/event?a=59541&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=GE7JhV8yR3RCV0MzNExqWWREMFRBMGxDRzVjNzNXeVBHamhqVmZoemZFOWVIMXo1QUNGdHFWNWVVTXRmNVZsS0RKSEhzakdHWDk0QVNTb3glMkJHalFsTGpnZFU3anFldVJHMWtTbSUyRmJPN3Y3QmNnSVJhcUZlQzFQWjZrYWxXaXBZbFFQNkZ2M3IxQm5yVDVOSnhJRjFqTGhOalN3JTNEJTNE&tld=54.162.64.166&fu=https%253A%252F%252F54.162.64.166%252F&ceid=c3bb7a16-24fc-476f-92fc-60951a884130&dtycbr=16127
Request Chain 95
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1369386&time=1690941302839&url=https%3A%2F%2F54.162.64.166%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1369386&time=1690941302839&url=https%3A%2F%2F54.162.64.166%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1369386%26time%3D1690941302839%26url%3Dhttps%253A%252F%252F54.162.64.166%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1369386&time=1690941302839&url=https%3A%2F%2F54.162.64.166%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1369386&time=1690941302839&url=https%3A%2F%2F54.162.64.166%2F&cookiesTest=true&liSync=true&e_ipv6=AQJ7MElsx3uJJwAAAYmz9LNSHxhrrDtr_Yfd64_Ovpc7RO77Yr1E26WclNe5oao-TmIT_VYy
Request Chain 122
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-mIAaZprqbOBP39qnHjwrmsH6en5C2H8wm0yxpA&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mIAaZprqbOBP39qnHjwrmsH6en5C2H8wm0yxpA&expires=30
Request Chain 123
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tGo-9prqbOBP39qnHjwrmsH6en4PmtnfAbE2ug&google_cm&google_hm=ay10R28tOXBycWJPQlAzOXFuSGp3cm1zSDZlbjRQbXRuZkFiRTJ1Zw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tGo-9prqbOBP39qnHjwrmsH6en4PmtnfAbE2ug&google_gid=CAESEA7iHYRkIv0UhYggaSctEe4&google_cver=1&google_ula=913071,0
Request Chain 124
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5759953924642003820
Request Chain 125
  • https://secure.adnxs.com/setuid?entity=52&code=k-aoufaJrqbOBP39qnHjwrmsH6en5mTo78dWxYMg HTTP 307
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-aoufaJrqbOBP39qnHjwrmsH6en5mTo78dWxYMg
Request Chain 132
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-nE0GlJrqbOBP39qnHjwrmsH6en5Yr4aQln3vWg&dongle=013b HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-nE0GlJrqbOBP39qnHjwrmsH6en5Yr4aQln3vWg&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Request Chain 136
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=gL6_Djpof-f5J9oFSSaSCA_LZdKsMye5
Request Chain 137
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-S8Jez5rqbOBP39qnHjwrmsH6en4GTgP7KYcP4w HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-S8Jez5rqbOBP39qnHjwrmsH6en4GTgP7KYcP4w&C=1
Request Chain 141
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-sLFWxJrqbOBP39qnHjwrmsH6en42M_eyozH2VQ HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-sLFWxJrqbOBP39qnHjwrmsH6en42M_eyozH2VQ

166 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
54.162.64.166/
Redirect Chain
  • http://54.162.64.166/
  • https://54.162.64.166/
152 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
f0e0822f04ef4703af3e00d44be48b72cc382ec0d5e009e47107714d03c4581e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=0
content-encoding
gzip
content-length
31176
content-type
text/html
date
Wed, 02 Aug 2023 01:54:53 GMT
etag
"2600a-601da89697be4-gzip"
expires
Wed, 02 Aug 2023 01:54:53 GMT
last-modified
Tue, 01 Aug 2023 11:06:20 GMT
server
Apache/2.4.43 (Unix)
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
134
Content-Type
text/html
Date
Wed, 02 Aug 2023 01:54:52 GMT
Location
https://54.162.64.166:443/
Server
awselb/2.0
ph-new-logo-horizontal.svg
cdn.stg.pivothealth.com/resources/content/logos/ 		19 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.stg.pivothealth.com/resources/content/logos/ph-new-logo-horizontal.svg
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-113.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16b3f8f0f967d868905f80bd6f3fa58fa4f6539f37d077483f6277b9283423a1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:54:56 GMT
x-amz-version-id
Nlxc9KhhKV25G_.RTh0hZtQMHNymDIwj
content-encoding
gzip
last-modified
Tue, 20 Jun 2023 19:02:18 GMT
server
AmazonS3
via
1.1 0fa3b62de49c01129844acc24e390b56.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
etag
W/"a1615e181584571f15988353222e90a2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
x-amz-cf-id
Fr3uVw2KR3dQ2ZeY1k0hf82U_35pVA7fAmLhAeWMrY8XhTSXZRhNmw==
b27369ceab8a497d8413e51a99bb2367.svg
54.162.64.166/assets/ 		1 KB
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/b27369ceab8a497d8413e51a99bb2367.svg
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
fbcdfce7a8a9980e7c9efafc0ee26f9dd6fbcefa31cba847f21a7ce0db4f212e

Request headers

device-memory
8
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"5e7-5febaa0c21780-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
752
expires
Thu, 01 Aug 2024 01:54:54 GMT
8a318b9464278fca41b56cfac8584932.webp
54.162.64.166/assets/ 		744 B
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/8a318b9464278fca41b56cfac8584932.webp
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
49b26516c51896a37ff70afaa57bbc3424366fc15e8cbf8113d4a183483a4808

Request headers

device-memory
8
width
52
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"2e8-5febaa0c21780"
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
744
expires
Fri, 01 Sep 2023 01:54:54 GMT
TriNet_PivotHealth.png
cdn.pivothealth.com/sem/cro/img/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pivothealth.com/sem/cro/img/logos/TriNet_PivotHealth.png
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-83.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f5b9284b06bbb2de1dd0a3439bc93fd2e077a8eb67854e4d03f08cb8e7d538e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 04:03:02 GMT
x-amz-version-id
null
via
1.1 f7caf16a2d753babfb1d264f0586f374.cloudfront.net (CloudFront)
last-modified
Wed, 25 Mar 2020 19:31:27 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
3189112
etag
"6441a613e0ed8b8448a5094cd028f195"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4252
x-amz-cf-id
MUVfT1mm1mJb9TcryLCHs1JDq5bGtrMKwt8zlPcGTslu2EJ4UK5y4A==
7fd8c96f0ff820eda8670443eee8937e.webp
54.162.64.166/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/7fd8c96f0ff820eda8670443eee8937e.webp
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
a79e80efd02e155f0c808dd3e860c5425ef7826a664016f840ed31c2f27ddda3

Request headers

device-memory
8
width
100
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"a44-5febaa0c21780"
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2628
expires
Fri, 01 Sep 2023 01:54:54 GMT
f0d2f3bc833584864c2066aa674bb132.webp
54.162.64.166/assets/ 		882 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/f0d2f3bc833584864c2066aa674bb132.webp
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
bd5f1393052d54adb5c5bd7460e398e3225665347823b41c3d61a61dc3d12d45

Request headers

device-memory
8
width
40
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"372-5febaa0c21780"
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
882
expires
Fri, 01 Sep 2023 01:54:54 GMT
d083af7d9a6d2b5c78adc1f6b36652d3.webp
54.162.64.166/assets/ 		1022 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/d083af7d9a6d2b5c78adc1f6b36652d3.webp
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
f862b75852f41af6425a1637fbc250a5755de256b28e8d57776695d7e66958a5

Request headers

device-memory
8
width
40
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"3fe-5febaa0c21780"
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1022
expires
Fri, 01 Sep 2023 01:54:54 GMT
39b2f1d40c4a8bdabcbacde371226b81.webp
54.162.64.166/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/39b2f1d40c4a8bdabcbacde371226b81.webp
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
552ef87970896225e0b6556df77d222caf5f2e08a785f6100eb62ff0daba2998

Request headers

device-memory
8
width
100
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"b68-5febaa0c21780"
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2920
expires
Fri, 01 Sep 2023 01:54:54 GMT
b03a12a15839837f0586906b320028f1.webp
54.162.64.166/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/b03a12a15839837f0586906b320028f1.webp
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
a7b2944d1b7299220154f642ad0eab51f84dd3ea7dcf26c604160b50bc234b9c

Request headers

device-memory
8
width
60
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"6e6-5febaa0c21780"
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1766
expires
Fri, 01 Sep 2023 01:54:54 GMT
c4cf7c6541536d040ddc04477a574d65.webp
54.162.64.166/assets/ 		964 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/c4cf7c6541536d040ddc04477a574d65.webp
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
70bc9143bc98ba538566dcf61e4b25d6599f2592fcd401799e80683561645282

Request headers

device-memory
8
width
50
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"3c4-5febaa0c21780"
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
964
expires
Fri, 01 Sep 2023 01:54:54 GMT
193a2ec027e0d9c275650a2539ca3952.webp
54.162.64.166/assets/ 		710 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/193a2ec027e0d9c275650a2539ca3952.webp
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
b04bd4821e0d92a4b473f4d7c87ed5d9f119728b31c567214be9fb06579178b8

Request headers

device-memory
8
width
25
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"2c6-5febaa0c21780"
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
710
expires
Fri, 01 Sep 2023 01:54:54 GMT
5981ce3cf8b75f5ccbc855a4a007727d.webp
54.162.64.166/assets/ 		644 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/5981ce3cf8b75f5ccbc855a4a007727d.webp
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
3cf657ff4006b51586ff78e1237ec1122d2ecf1a8c94037ec677164f21302d16

Request headers

device-memory
8
width
50
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"284-5febaa0c21780"
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
644
expires
Fri, 01 Sep 2023 01:54:54 GMT
80ba66e989c49ce6153a160af419b4e8.webp
54.162.64.166/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/80ba66e989c49ce6153a160af419b4e8.webp
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
de81739aca8e79c1467ea25444a2a702f4ae2b71b0b752fbb25f4244d9dd2dc1

Request headers

device-memory
8
width
50
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"91a-5febaa0c21780"
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2330
expires
Fri, 01 Sep 2023 01:54:54 GMT
8a07c1bd42e4e8afd881d87925b8382c.webp
54.162.64.166/assets/ 		340 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/8a07c1bd42e4e8afd881d87925b8382c.webp
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
f47610b3fdc05db98b88943cb3e12d8c7fbe96f224e5db8f99be96cbfb27a134

Request headers

device-memory
8
width
25
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"154-5febaa0c21780"
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
340
expires
Fri, 01 Sep 2023 01:54:54 GMT
2a4bb29c6f4b9cfca7279e4884c725ee.svg
54.162.64.166/assets/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/2a4bb29c6f4b9cfca7279e4884c725ee.svg
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
d0bbe7e675b2b8074b3325ef5e48814f6e446c0570b1614cc9d9137f899c4c9b

Request headers

device-memory
8
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"ea1-5febaa0c21780-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1531
expires
Thu, 01 Aug 2024 01:54:54 GMT
gtm.js
www.googletagmanager.com/ 		419 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WFF68ZL
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ece9c2dcd8e47cdcdbbf79551d6f6f0e5f9233f783c2d0433500a62b72122887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114260
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 00:22:19 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 02 Aug 2023 01:54:54 GMT
landing.5d17953db9a49cfa2c46.js
54.162.64.166/js/ 		2 MB
475 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://54.162.64.166/js/landing.5d17953db9a49cfa2c46.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
0ee67e5a03b11062d518adebc742de6581f24c3ed687f30f4fbe33dfbd798fd3

Request headers

device-memory
8
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
content-encoding
gzip
last-modified
Tue, 01 Aug 2023 11:06:13 GMT
server
Apache/2.4.43 (Unix)
etag
"19ce1f-601da88feabe6-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Aug 2024 01:54:54 GMT
dc36289ed9058530805ff6ec1bf1dfdf.svg
54.162.64.166/assets/ 		26 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/dc36289ed9058530805ff6ec1bf1dfdf.svg
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
682d024eb13106e55aca8b26b9d95237ceacfe0f42f219c48c62e802f3a97fa3

Request headers

device-memory
8
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"661e-5febaa0c21780-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
10610
expires
Thu, 01 Aug 2024 01:54:54 GMT
75ad72f23bdf52ba0c073fe9765366f1.woff2
54.162.64.166/assets/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://54.162.64.166/assets/75ad72f23bdf52ba0c073fe9765366f1.woff2
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
f90f1a35920e7c50743e786647dc78ea23875bd5ead6cac3fe24abc5edc2e26d

Request headers

device-memory
8
Origin
https://54.162.64.166
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:54 GMT
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"2bbc-5febaa0c21780"
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11196
expires
Thu, 01 Aug 2024 01:54:54 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFF68ZL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::8b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 01 Aug 2023 23:57:02 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
7073
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 02 Aug 2023 01:57:02 GMT
ld.js
static.criteo.net/js/ld/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFF68ZL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
14bfa1b53f5beab07b9c1fe255d8430c762f3d96ec928f4d2371e3d352b46f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:54:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 Jul 2023 12:38:57 GMT
server
nginx
etag
W/"64c26561-b817"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 01:54:56 GMT
csync
c.pmsrv.co/v2/
Redirect Chain
  • https://c.pmsrv.co/v2/conversion/src?a=586be1c9-7b76-4e56-a122-03ad4e320360
  • https://contextual.media.net/cksync.php?cs=1&type=max&ovsid=setstatuscode&redirect=https%3A%2F%2Fc.pmsrv.co%2Fv2%2Fcsync%3FMNETID%3D%24%7Bmnetid%7D%26MAXID%3D42e09fae-59f5-4d3e-a674-fbebfe675a82%26...
  • https://c.pmsrv.co/v2/csync?MNETID=3339428977137031000V10&MAXID=42e09fae-59f5-4d3e-a674-fbebfe675a82&o_url=https%3A%2F%2Fc.pmsrv.co%2Fv2%2Fconversion%2Fsrc%3Fa%3D586be1c9-7b76-4e56-a122-03ad4e320360
3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.pmsrv.co/v2/csync?MNETID=3339428977137031000V10&MAXID=42e09fae-59f5-4d3e-a674-fbebfe675a82&o_url=https%3A%2F%2Fc.pmsrv.co%2Fv2%2Fconversion%2Fsrc%3Fa%3D586be1c9-7b76-4e56-a122-03ad4e320360
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Server
2600:9000:21b4:c000:a:8e7d:9900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
7c8785f1b9882dabf96c8a3d9237f69133a82a1848404997fc74ab265d987afb

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:54:58 GMT
via
1.1 2e4ea5ed710a1104b183ead6b210a514.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
3401
x-amz-cf-pop
SIN52-C2
x-amzn-requestid
323f7314-7eaf-4c29-91e0-b949fd13aa19
x-amzn-remapped-connection
close
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
JAmZ5Ed0SK4EFcA=
content-length
3401
pragma
no-cache
etag
W/"d49-INJ8kK/qPi8fLsSbFiFMRKUIyeA"
x-amzn-trace-id
Root=1-64c9b772-7f1d3bd822ba17292e175361;Sampled=0;lineage=c8fdcb33:0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
x-amzn-remapped-date
Wed, 02 Aug 2023 01:54:58 GMT
x-amz-cf-id
LlVltO5i6PALnTozVKXtTMzsQ_Rw4vlIialcbJ-N-vLjaMZ-0LX9_w==
expires
-1

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 02 Aug 2023 01:54:57 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://c.pmsrv.co/v2/csync?MNETID=3339428977137031000V10&MAXID=42e09fae-59f5-4d3e-a674-fbebfe675a82&o_url=https%3A%2F%2Fc.pmsrv.co%2Fv2%2Fconversion%2Fsrc%3Fa%3D586be1c9-7b76-4e56-a122-03ad4e320360
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Wed, 02 Aug 2023 01:54:57 GMT
ytc.js
s.yimg.com/wi/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:e4:1604::1001 , Taiwan, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:51:56 GMT
x-amz-version-id
xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
VJZQJ0JDA2XDV6Y9
age
182
x-amz-server-side-encryption
AES256
x-amz-id-2
0T69dNg11RWe3XuTGv7oWvXBUHAu9FqJcildwfcOtgX0dVRfTTx9MXQ8SNQyBQh4V+8BTGWF9KE=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 26 Jun 2023 09:26:35 GMT
server
ATS
etag
"5c6ed25dce803fd84288922b8928409e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		176 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-9572396
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFF68ZL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f49b01d5fc657275b8ef5301d11893a555540f071cf942318b563d382d44e855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:54:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65216
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 00:22:19 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 02 Aug 2023 01:54:55 GMT
A389472-6827-482b-afe2-1a9c55e897c51.js
d.impactradius-event.com/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.impactradius-event.com/A389472-6827-482b-afe2-1a9c55e897c51.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.249.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3e54d3a718f01690ef84406be953591f053c79c882567715ca740aac52617747

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:54:55 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdsJxA4vn6ON5thzRRI9Cp406p5HXFjDsZGRxw3rZaU4sSvQ11LZuYXjrMPT2JnGlGiGbAcLJk4gYgjn2h3DaFI31A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13290
last-modified
Mon, 16 Jan 2023 07:36:27 GMT
server
UploadServer
etag
"0bfad76a7223ae3aa8b5ebddb99e9608"
vary
Accept-Encoding
x-goog-generation
1673854587455276
x-goog-hash
crc32c=KMM+6w==, md5=C/rXanIjrjqotevduZ6WCA==
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
cache-control
public,max-age=900,s-maxage=300
x-goog-stored-content-length
13290
accept-ranges
bytes
expires
Wed, 02 Aug 2023 01:59:55 GMT
raygun.vanilla.min.js
assets.stg.healthcare.com/ 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.stg.healthcare.com/raygun.vanilla.min.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/js/landing.5d17953db9a49cfa2c46.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-33.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d302bc4557acc55b877b474d2ada718067dc8298acc22cc08b942f562f0a204e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:54:57 GMT
content-encoding
gzip
via
1.1 314aa53e803ca952f52cb68ad4be899e.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jul 2023 20:58:54 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
etag
W/"d1e85557a2e8d00dc56a41c9989cd63a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-cf-id
LeU4mPwr-84sglVIrR7yXV2xIqYuVuNvD2PaABTbQKYBmf1hNI8o4A==
session
session-manager-srv.stg.healthcare.com/ 		90 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://session-manager-srv.stg.healthcare.com/session
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/js/landing.5d17953db9a49cfa2c46.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.93.161.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-161-98.compute-1.amazonaws.com
Software
Mono-HTTPAPI/1.0 /
Resource Hash
9d520b5baee197890785eda3c96fd8541d7b6c2ef85e50d41193f7163c170f14

Request headers

Accept
application/json
Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 02 Aug 2023 01:54:56 GMT
server
Mono-HTTPAPI/1.0
access-control-allow-headers
Accept, Origin, Content-type
access-control-allow-methods
POST,GET,OPTIONS
content-type
application/json; charset=utf-8
session
session-manager-srv.stg.healthcare.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://session-manager-srv.stg.healthcare.com/session
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.93.161.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-161-98.compute-1.amazonaws.com
Software
Mono-HTTPAPI/1.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://54.162.64.166
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-headers
Accept, Origin, Content-type
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
*
allow
POST
content-length
0
content-type
text/html
date
Wed, 02 Aug 2023 01:54:56 GMT
server
Mono-HTTPAPI/1.0
proximaNovaFont.82c3bd5e45e8dbdabada.js
54.162.64.166/js/fonts/ 		2 KB
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://54.162.64.166/js/fonts/proximaNovaFont.82c3bd5e45e8dbdabada.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
25a332b615ba617402050c2ad992e7ce266af16eb90cbac8db8dde1c82cb2b69

Request headers

device-memory
8
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:55 GMT
content-encoding
gzip
last-modified
Tue, 01 Aug 2023 11:06:13 GMT
server
Apache/2.4.43 (Unix)
etag
"8a8-601da88fd5425-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
356
expires
Thu, 01 Aug 2024 01:54:55 GMT
breeSerifFont.2aac0b842d5e46bce4a0.js
54.162.64.166/js/fonts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://54.162.64.166/js/fonts/breeSerifFont.2aac0b842d5e46bce4a0.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
f93dd70e1b6aaa475552f3166599b0ad29a8de1d0e80c11a9d62c356108dcab2

Request headers

device-memory
8
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:54:55 GMT
content-encoding
gzip
last-modified
Tue, 01 Aug 2023 11:06:13 GMT
server
Apache/2.4.43 (Unix)
etag
"8b3-601da88fd5425-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1005
expires
Thu, 01 Aug 2024 01:54:55 GMT
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=est0eql&ht=tk&f=21709&a=16205220&app=typekit&e=css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2403:e800:e80b::2a63:8c98 , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:54:56 GMT
last-modified
Fri, 14 Jul 2023 12:41:34 GMT
server
nginx
etag
"64b1427e-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
proxima-nova-l.woff2
cdn.pivothealth.com/fonts/proxima-nova-latin/v1/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.pivothealth.com/fonts/proxima-nova-latin/v1/proxima-nova-l.woff2
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-83.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ea2d4f75e79041c433c0485f9c6abcd11534a49ddaea301aef0f32765bbdf0d

Request headers

Referer
https://54.162.64.166/
Origin
https://54.162.64.166
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:54:58 GMT
x-amz-version-id
null
via
1.1 c32320ec66084fc36ce5afbb4359a2c4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
content-length
12756
last-modified
Thu, 09 Jan 2020 17:43:35 GMT
server
AmazonS3
etag
"c2981ecbe37cd4e195210709306d57e2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
rgTSO_swZFQ3sEYMuVzhwOqUXIVMeua_VIaoEaX6fcs5xBuIaUahfA==
proxima-nova-l-600.woff2
cdn.pivothealth.com/fonts/proxima-nova-latin/v1/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.pivothealth.com/fonts/proxima-nova-latin/v1/proxima-nova-l-600.woff2
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-83.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e23a3e7349370c74d1a9486de89b194fbce53ac98fe287103047e8c89f8c866

Request headers

Referer
https://54.162.64.166/
Origin
https://54.162.64.166
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:54:58 GMT
x-amz-version-id
null
via
1.1 c32320ec66084fc36ce5afbb4359a2c4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
content-length
12592
last-modified
Thu, 09 Jan 2020 17:43:35 GMT
server
AmazonS3
etag
"0f28fa931919b4716bf3e8807fe346f6"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
F4nUeVvXuQ_L_nHPL2OnMoF3I7tUw6JUtRWbOdIC18bubVkAmeFVew==
proxima-nova-l-800.woff2
cdn.pivothealth.com/fonts/proxima-nova-latin/v1/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.pivothealth.com/fonts/proxima-nova-latin/v1/proxima-nova-l-800.woff2
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-83.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a01dccccd2c1eb4f2d97e438f9f2daf1b62a608074a8f98bbda8898a6181d59

Request headers

Referer
https://54.162.64.166/
Origin
https://54.162.64.166
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:54:58 GMT
x-amz-version-id
null
via
1.1 c32320ec66084fc36ce5afbb4359a2c4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
content-length
12748
last-modified
Thu, 09 Jan 2020 17:43:35 GMT
server
AmazonS3
etag
"5d6356936b922e4637a39aa5ee8459e8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
gxKL6P4U0_T1Ff3Sact73MSZmgBZJLpKkWCvzCIFfIqf6hrHzwaNAg==
collect
www.google-analytics.com/j/ 		16 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=588598831&t=event&ni=0&_s=1&dl=https%3A%2F%2F54.162.64.166%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Landing&ea=Display&_u=YEBAAEABAAAAACAAI~&jid=1099122521&gjid=1415799661&cid=1926907505.1690941296&tid=UA-66060627-1&_gid=1180277895.1690941296&_r=1&_slc=1&gtm=45He37v0n81WFF68ZL&z=419881084
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::8b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7e7e966cc4e3469d13b4921c2b7ea46b8581067d437cdeb9f30520b81338369e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:54:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://54.162.64.166
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-66060627-1&cid=1926907505.1690941296&jid=1099122521&gjid=1415799661&_gid=1180277895.1690941296&_u=YEBAAEAAAAAAACAAI~&z=1831017457
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 02 Aug 2023 01:54:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://54.162.64.166
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		221 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6535ZJDHMG&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c46a7eab65eba181b392b9a2f90c549184f5db2acfb6a156a895e0246497853d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:54:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79930
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 02 Aug 2023 01:54:56 GMT
syncframe
gum.criteo.com/ Frame D0DE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=54.162.64.166&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://54.162.64.166/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 01:54:56 GMT
server
Kestrel
server-processing-duration-in-ticks
409928
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
geoip.healthcare.com/ 		217 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.healthcare.com/
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/js/landing.5d17953db9a49cfa2c46.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.109.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-109-100.compute-1.amazonaws.com
Software
Apache/2.4.57 (Debian) / PHP/8.2.8
Resource Hash
50ec49f1180683dcd7c9d21d73483bc0b5533f821a8186ba93df4b507b602b83

Request headers

Accept
application/json
Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:54:57 GMT
server
Apache/2.4.57 (Debian)
x-powered-by
PHP/8.2.8
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=604800, private
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type, Origin, Accept-Encoding
content-length
217
collect
analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-6535ZJDHMG&gtm=45je37v0&_p=588598831&_gaz=1&ul=en-us&sr=1600x1200&cid=1926907505.1690941296&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2F54.162.64.166%2F&sid=1690941297&sct=1&seg=0&en=Display&_fv=1&_ss=1&_ee=1&ep.event_category=Landing
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6535ZJDHMG&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::8a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:54:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://54.162.64.166
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6535ZJDHMG&cid=1926907505.1690941296&gtm=45je37v0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6535ZJDHMG&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:54:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://54.162.64.166
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.nz/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6535ZJDHMG&cid=1926907505.1690941296&gtm=45je37v0&aip=1&z=674769877
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:54:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-66060627-1&cid=1926907505.1690941296&jid=1099122521&_u=YEBAAEAAAAAAACAAI~&z=1199448316
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:54:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.nz/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-66060627-1&cid=1926907505.1690941296&jid=1099122521&_u=YEBAAEAAAAAAACAAI~&z=1199448316
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:54:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame D0DE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=54.162.64.166&sn=ChromeSyncframe&so=0&topUrl=54.162.64.166&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=UlhM2HxWcy9MMUFKcTR4MDQ4c28wK0Z6bUxnclQ5UFZRTnFTczRVdGcrY3VrZ1pURmIxazBrUFlNMmxSSnludnpOZTRhMUhYeWRpMnlVd1FrdGl0QjYxSzRYd2VBbExjUUg3T29Jb0pBdlRiQUoyVEZIdm02clZEYThheV...
422 B
666 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=UlhM2HxWcy9MMUFKcTR4MDQ4c28wK0Z6bUxnclQ5UFZRTnFTczRVdGcrY3VrZ1pURmIxazBrUFlNMmxSSnludnpOZTRhMUhYeWRpMnlVd1FrdGl0QjYxSzRYd2VBbExjUUg3T29Jb0pBdlRiQUoyVEZIdm02clZEYThheVdBMUVKbWJObC81eVNlcUhIVGVvOWZ3VGFMa2NxeDVrUm9tRXdjajRucXJNYit6VW5wU1V5RWtuVkFadGpRNEtRV2hsMHBsQzIxaHM1ZllQUjdZMHhZbTIzWGlEcksyVXJ6M2wyU3NrUDJhRE5VUkxuODFHckVRUktLV0pPTFFjVFJsalZ0dHlqWVByODNxYi9ud0JkbktaUjZtUjZPZz09fA&cppv=2
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
bbe3337cfc2901d3873a39713d3b5937a6cc5865b714dd2f313c2f447127fc1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:54:57 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2000980
expires
0

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:54:56 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=UlhM2HxWcy9MMUFKcTR4MDQ4c28wK0Z6bUxnclQ5UFZRTnFTczRVdGcrY3VrZ1pURmIxazBrUFlNMmxSSnludnpOZTRhMUhYeWRpMnlVd1FrdGl0QjYxSzRYd2VBbExjUUg3T29Jb0pBdlRiQUoyVEZIdm02clZEYThheVdBMUVKbWJObC81eVNlcUhIVGVvOWZ3VGFMa2NxeDVrUm9tRXdjajRucXJNYit6VW5wU1V5RWtuVkFadGpRNEtRV2hsMHBsQzIxaHM1ZllQUjdZMHhZbTIzWGlEcksyVXJ6M2wyU3NrUDJhRE5VUkxuODFHckVRUktLV0pPTFFjVFJsalZ0dHlqWVByODNxYi9ud0JkbktaUjZtUjZPZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
470188
content-length
0
expires
0
campaign
sem-content.stg.healthcare.com/call/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sem-content.stg.healthcare.com/call/campaign
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.155.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-155-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,snowplow-data
Access-Control-Request-Method
POST
Origin
https://54.162.64.166
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, snowplow-data
access-control-allow-methods
POST,OPTIONS,HEAD
access-control-allow-origin
https://54.162.64.166
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Wed, 02 Aug 2023 01:54:58 GMT
vary
Origin
x-application-context
sem-content:stg:8001
campaign
sem-content.stg.healthcare.com/call/ 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sem-content.stg.healthcare.com/call/campaign
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.155.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-155-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://54.162.64.166/
snowplow-data
caa320a4-6898-4cc8-af51-13121657b81d.1690941295.1.1690941295..fc74c985-6d6f-4d42-9676-a196477542a9....0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://54.162.64.166
date
Wed, 02 Aug 2023 01:54:59 GMT
access-control-allow-credentials
true
vary
Origin
x-application-context
sem-content:stg:8001
2010000
backend.stg.pivothealth.com/agent/ 		473 B
469 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://backend.stg.pivothealth.com/agent/2010000
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/js/landing.5d17953db9a49cfa2c46.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.72.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-72-20.compute-1.amazonaws.com
Software
/
Resource Hash
bb11bb30a77c79bdce6a1676fbcdc8db7bdb4f278cf865600762d43bc56084f3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 02 Aug 2023 01:54:58 GMT
content-encoding
gzip
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
content-type
application/json;charset=UTF-8
10093651.json
s.yimg.com/wi/config/ 		0
0
hotjar-881635.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-881635.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFF68ZL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-61.sin52.r.cloudfront.net
Software
/
Resource Hash
400685debe4eb400544d951739c1b096ff0b182e9e6874180a6dfaf9e8b20b9d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:54:59 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 33e34fa0e388cd08b1ada7f8b2f1654c.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
etag
W/3fb71c60bf8bbdfe0fb6fec6855a8f83
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
7zNWBDDt3uYXNsGCIbgAdLPVdTc83Z0YGpcemdFdTQG9GEnYzv7vWQ==
0fccca9e-0aa6-e383-1618-6f20497c9c14.js
create.lidstatic.com/campaign/ 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/0fccca9e-0aa6-e383-1618-6f20497c9c14.js?snippet_version=2
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/js/landing.5d17953db9a49cfa2c46.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fde9deed624e4b5d12a79b58f6b50183e0ab8f4aaff2714a0fddc048dd3a3a2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:01 GMT
x-amz-version-id
mBwjOM.X96gAQdxQ.PCHwNf1d3lnFOjo
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 12 Nov 2021 00:35:11 GMT
server
cloudflare
x-amz-request-id
3J5Z3YNHFPVVZZZP
etag
W/"f6dc39b2c5d9f53734e84b7213b0ef5e"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1800
x-amz-replication-status
COMPLETED
cf-ray
7f02b23288f4a8c2-SYD
x-amz-id-2
dF2Ucy74uI1rYNIBWg9u7oYRfqUecQS/HEFDOz/maMo2kb456Qw5aEabQ4zAJfLEn6soS1eQkZo=
connectme-v2.min.js
api.connectme.gen3ventures.com/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.connectme.gen3ventures.com/js/connectme-v2.min.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/js/landing.5d17953db9a49cfa2c46.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.61.92.29 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
1d.5c.3da9.ip4.static.sl-reverse.com
Software
/
Resource Hash
aa371e034a981b24b77c5a36399f6ee3110cc109e5add1dd92c19b8601debe79

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:00 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 19:05:29 GMT
etag
"806285c7aa42d71:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
4630
2010000
backend.stg.pivothealth.com/agent/ 		473 B
459 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://backend.stg.pivothealth.com/agent/2010000
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/js/landing.5d17953db9a49cfa2c46.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.72.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-72-20.compute-1.amazonaws.com
Software
/
Resource Hash
bb11bb30a77c79bdce6a1676fbcdc8db7bdb4f278cf865600762d43bc56084f3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 02 Aug 2023 01:54:59 GMT
content-encoding
gzip
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
content-type
application/json;charset=UTF-8
modules.c4770505768b5ede43ea.js
script.hotjar.com/ 		227 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.c4770505768b5ede43ea.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-881635.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-127.sin52.r.cloudfront.net
Software
/
Resource Hash
b7a9cde8317792327c112065ec423196947efcc8059b14745c6a1c59cd77a66a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 11:39:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 329e55efa499e18fcf6f1be33880c120.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
51353
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56523
last-modified
Tue, 01 Aug 2023 11:38:27 GMT
etag
"42a641210bfde3da54995de5ace993eb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
wpdB0iIdejqslZovqjdLkBi3zSrMI63XcFMURMQuHknjH40rmWiCmg==
context
healthcare.absmartly.io/v1/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://healthcare.absmartly.io/v1/context?application=PivotHealth&environment=Staging
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/js/landing.5d17953db9a49cfa2c46.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2ba2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3403d613f50bceb4070b9508d6dfa464af83220d181f51a25c5aa7b082a3f6f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kZM1mQbNL9AlFbQt5rDTjBy8oX%2FnUeJ%2BPWpuo19ZlLR%2Btw7%2F%2BxJrZ46Z%2BkMqbFbWzJKBO2fskx%2BO0zN%2Fh8fIAYBgcmHxDcyi5WsOK9hwYBhAV4RQa0WgzTvQ99Mc0%2FN2VDB8ycswVclLIj9azMExZAL%2Bqbd"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=150, s-max-age=150
cf-ray
7f02b23489f7fb88-AKL
alt-svc
h3=":443"; ma=86400
sp.pl
sp.analytics.yahoo.com/ 		43 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2002%20Aug%202023%2001%3A55%3A00%20GMT&n=0&.yp=10093651&f=https%3A%2F%2F54.162.64.166%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
106.10.236.146 , Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
spdc.pbp.vip.sg3.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Wed, 02 Aug 2023 01:55:01 GMT
blueshift-event
api.stg.healthcare.com/third-party/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.stg.healthcare.com/third-party/api/v1/blueshift-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.160.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-160-3.compute-1.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://54.162.64.166
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Wed, 02 Aug 2023 01:55:01 GMT
expires
0
pragma
no-cache
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
x-frame-options
DENY
x-xss-protection
1; mode=block
blueshift-event
api.stg.healthcare.com/third-party/api/v1/ 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.stg.healthcare.com/third-party/api/v1/blueshift-event
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.160.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-160-3.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:01 GMT
x-content-type-options
nosniff
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time
17
x-xss-protection
1; mode=block
expires
0
/
sem-content.static.stg.healthcare.com/content/landingpage/STM/ 		941 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sem-content.static.stg.healthcare.com/content/landingpage/STM/
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-76.sin2.r.cloudfront.net
Software
/
Resource Hash
7076a267f5614e45d4e08ecfa77c5d2c745b41576384d2099b7251b6ab094c1b

Request headers

Accept
application/json
Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:01 GMT
via
1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
https://54.162.64.166
access-control-allow-credentials
true
content-length
941
x-amz-cf-id
3LgYPhwtdB_c81Y_LTJS6YTO5XFeViOicC3L3YcBBgSIIl46pahNIQ==
x-application-context
sem-content:stg:8001
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/js/landing.5d17953db9a49cfa2c46.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-90.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 01 Aug 2023 19:41:55 GMT
via
1.1 e0a25dd43c42c3d534f35d394e12b204.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
age
22387
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6676
x-xss-protection
1; mode=block
last-modified
Wed, 03 May 2023 13:48:29 GMT
server
AmazonS3
etag
"befec09eb386fc68a0869c8d1b529dd6"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
DHExxKeEAeAO-M9XC7jz6-8RQV1ozu4OXWDZ9Qbe5Z6rIkqPGePZ5w==
hc-pve.min.js
assets.healthcare.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.healthcare.com/hc-pve.min.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-127.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
815669bf882aa43c81d783e12ec71170f19e4740d238e2d562ae0ec3181291fd

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 22:06:39 GMT
x-amz-version-id
W5gMWwzSsuYCzCzCyq3.B1taH6gy1NPy
content-encoding
gzip
last-modified
Wed, 26 Jul 2023 20:59:44 GMT
server
AmazonS3
via
1.1 2feec21fa6ad8ca419b922ab129d0a2a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
etag
W/"3f544bd7cdfa53014fba4c8f0d12ffca"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
532104
x-amz-cf-id
1_8imqniO6qmFRhfoxYodk6V0zcRKDjiR53MBDt-tlchu5GUFB8a3A==
script.js
widgets.getsitecontrol.com/173901/ 		52 B
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.getsitecontrol.com/173901/script.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1500::982:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SG1-982 /
Resource Hash
54456556640a2a051e8222dc7e15f43dad3c80560b704b291bb2596d7c0be418

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:03 GMT
content-encoding
br
cdn-edgestorageid
979
x-amz-request-id
1JH7W359747C7WA5
x-amz-server-side-encryption
AES256
cdn-cachedat
07/31/2023 03:58:42
cdn-pullzone
44619
x-amz-id-2
Hir952ZcyRpC3Cfl2i02yT4+deJvOWAeKRN2aqCB0LLSQxKEJDQehRLoEIOFy6SSXEMVGXYOfBs=
last-modified
Sat, 22 Apr 2023 12:00:19 GMT
server
BunnyCDN-SG1-982
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"fb12aa4fc3938be0f44ed58cdc8b577e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
cdn-requestid
7cbdb1439b70869506791c7bd7773e8e
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/945764525/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945764525/?random=1690941300502&cv=11&fst=1690941300502&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2F54.162.64.166%2F&hn=www.googleadservices.com&frm=0&auid=1097556570.1690941301&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFF68ZL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07a8a241044bb89af59581c8b9fad102593937500a8672e760a53e0d22423041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1276
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFF68ZL
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.207.189.59 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-189-59.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
90734058f9833d9278ec4e2e8afb1a017e502b20d37038b9584ca8e00fc9b46a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Wed, 02 Aug 2023 01:55:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2023 08:52:32 GMT
Server
AkamaiNetStorage
ETag
"bd841cdb4abf95686c38fb5009d4dbb5:1690794820.607409"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
OC
Cache-Control
max-age=1200
X-CC
NZ
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7076
Expires
Wed, 02 Aug 2023 02:15:02 GMT
bat.js
bat.bing.com/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFF68ZL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 02 Aug 2023 01:55:01 GMT
last-modified
Fri, 28 Jul 2023 18:19:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6FDAD5D139D047D19FBE3C6DE0CF0763 Ref B: AKL30EDGE0521 Ref C: 2023-08-02T01:55:02Z
etag
"806f3b1280c1d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12469
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2403:e800:e80b::2a63:8c8b , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
990, 990
date
Wed, 02 Aug 2023 01:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 Jul 2023 09:07:54 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
1, 4
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=38519
accept-ranges
bytes
content-length
4862
fbevents.js
connect.facebook.net/en_US/ 		172 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c99ff58c3dc4deb821c87dc9c45aed4af66541ceb1b0f62ec208114ffc37dbf4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 02 Aug 2023 01:55:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47198
x-xss-protection
0
pragma
public
x-fb-debug
G1pqPKNSisU1TKhF93H48LP+mKO+Z3yw/FWYX2hbhm/045alnWexVNxF2aw1NyV/xOh6mta7gs6WCA5iGFyTAw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
api.min.js
a.omappapi.com/app/js/ 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFF68ZL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SG1-868 /
Resource Hash
64ca0467fb4d0b14d0d403291c23dcf391c1a7a908307b094ddf6c978960f4e8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

cdn-storagebalancer
SG-560
date
Wed, 02 Aug 2023 01:55:03 GMT
content-encoding
br
cdn-edgestorageid
868
perma-cache
HIT
cdn-storageserver
DE-383
cdn-cachedat
08/01/2023 22:20:43
cdn-pullzone
293267
last-modified
Mon, 31 Jul 2023 21:41:15 GMT
server
BunnyCDN-SG1-868
cdn-fileserver
588
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64c82a7b-d3b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
8a86162a4981816fed44cabb08bea0e4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
widget.js
cdn.userway.org/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d100::12 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
23b7d1d3d11ee984c0eeb5407e429f6a50d253d192a1071efdc4d6cf7f7a17e8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-77-pop
singaporeSG
date
Wed, 02 Aug 2023 01:55:03 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
SIN5-C1
age
2037
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
447
x-accel-date
1690940856
x-77-nzt
AVm7ooSX1WD/vwEAAA
x-accel-expires
@1690944456
last-modified
Mon, 31 Jul 2023 09:04:25 GMT
server
CDN77-Turbo
etag
W/"40897fe8f81c17595e42a931f1bea516"
x-77-nzt-ray
2ed93b147095c91e77b7c964843cc22e
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
content-type
application/javascript
x-amz-cf-id
MUqqzx5-qHA-ywT3VKkZu3IllflPx9CbQazmopbI8bIY56DyGNC_qw==
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=588598831&t=event&ni=0&_s=1&dl=https%3A%2F%2F54.162.64.166%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Custom%20Dimension%20Setup&ea=undefined&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1926907505.1690941296&tid=UA-66060627-1&_gid=1180277895.1690941296&gtm=45He37v0n81WFF68ZL&cd2=20230802015456.4658c1b97520.nv&cd3=6FBA40E29962461F80A72D789DE42BF6&cd4=2010000&cd5=Short%20Term&z=2080152780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::8b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 19:58:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21382
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=588598831&t=pageview&_s=1&dl=https%3A%2F%2F54.162.64.166%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1926907505.1690941296&tid=UA-66060627-1&_gid=1180277895.1690941296&gtm=45He37v0n81WFF68ZL&cd2=20230802015456.4658c1b97520.nv&cd3=6FBA40E29962461F80A72D789DE42BF6&cd4=2010000&cd5=Short%20Term&z=785614687
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::8b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 19:58:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21382
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
heap-491373971.js
cdn.heapanalytics.com/js/ 		118 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-491373971.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-18.sin52.r.cloudfront.net
Software
nginx / Express
Resource Hash
b8b923dc38765cde254bb77f2a778fbeeca2003089a6a41c9759692e4ee55c28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:53:53 GMT
content-encoding
br
via
1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
SIN52-C3
age
71
x-powered-by
Express
etag
W/"1d820-mVBy1Lsb/Z7AUEHFAhbCAlPEBA0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
0_nBonFL1a6ubbERPsap0FFK4AJ8yQ1yAP1BKegXhMBhGzkdozLdRg==
tfa.js
cdn.taboola.com/libtrc/unip/1248506/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1248506/tfa.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab318c83c67b7098e4148ac3f3c0106d01fd8ca507578db6e9fe6d11a013a3a3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
EFfV6CEW1HODIhyMMifecmQa3ahjIMzd
content-encoding
gzip
via
1.1 varnish
date
Wed, 02 Aug 2023 01:55:04 GMT
x-amz-request-id
4AT6S6HPDPSC6V7G
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-amz-replication-status
COMPLETED
content-length
18361
x-amz-id-2
vqlejfKKipmo7FNKXjXYWsuXJ9Rg30Q41++79x4ZKiDfUHzxteo6MF7yp5ZYg9owsk8oo58vzTc=
x-served-by
cache-akl10324-AKL
last-modified
Mon, 31 Jul 2023 09:00:14 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690941304.056619,VS0,VE804
etag
"3b77fb4a457c904f72d0ec034fe9e9cb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
94
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=59541&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=GE7JhV8yR3RCV0MzNExqWWREMFRBMGxDRzVjNzNXeVBHamhqVmZoemZFOWVIMXo1QUNGdHFWNWV...
  • https://widget.us.criteo.com/event?a=59541&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=GE7JhV8yR3RCV0MzNExqWWREMFRBMGxDRzVjNzNXeVBHamhqVmZoemZFOWVIMXo1QUNGdHFWNWV...
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=59541&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=GE7JhV8yR3RCV0MzNExqWWREMFRBMGxDRzVjNzNXeVBHamhqVmZoemZFOWVIMXo1QUNGdHFWNWVVTXRmNVZsS0RKSEhzakdHWDk0QVNTb3glMkJHalFsTGpnZFU3anFldVJHMWtTbSUyRmJPN3Y3QmNnSVJhcUZlQzFQWjZrYWxXaXBZbFFQNkZ2M3IxQm5yVDVOSnhJRjFqTGhOalN3JTNEJTNE&tld=54.162.64.166&fu=https%253A%252F%252F54.162.64.166%252F&ceid=c3bb7a16-24fc-476f-92fc-60951a884130&dtycbr=16127
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
13bc57bdc310b88479bcab865fc050d3fc3cf261e21cdcdbd6b2df007a9999bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
28845744
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-origin
*
location
https://widget.us.criteo.com/event?a=59541&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=GE7JhV8yR3RCV0MzNExqWWREMFRBMGxDRzVjNzNXeVBHamhqVmZoemZFOWVIMXo1QUNGdHFWNWVVTXRmNVZsS0RKSEhzakdHWDk0QVNTb3glMkJHalFsTGpnZFU3anFldVJHMWtTbSUyRmJPN3Y3QmNnSVJhcUZlQzFQWjZrYWxXaXBZbFFQNkZ2M3IxQm5yVDVOSnhJRjFqTGhOalN3JTNEJTNE&tld=54.162.64.166&fu=https%253A%252F%252F54.162.64.166%252F&ceid=c3bb7a16-24fc-476f-92fc-60951a884130&dtycbr=16127
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5010678
timing-allow-origin
*
content-length
0
expires
0
lazy-block-23d4777c1d213c8560b9a.css
54.162.64.166/css/landing/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://54.162.64.166/css/landing/lazy-block-23d4777c1d213c8560b9a.css
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
48be3435b3e8ba49286ff9015ddfbd2fcbaa0b782a7596dc1831b784360fbc7d

Request headers

device-memory
8
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:55:00 GMT
content-encoding
gzip
last-modified
Tue, 01 Aug 2023 11:06:16 GMT
server
Apache/2.4.43 (Unix)
etag
"28e1-601da8932db6a-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2418
expires
Thu, 01 Aug 2024 01:55:00 GMT
lazy-block-2.3d4777c1d213c8560b9a.js
54.162.64.166/js/landing/ 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://54.162.64.166/js/landing/lazy-block-2.3d4777c1d213c8560b9a.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
5cf16ed82118de0ef58f633b7b55b298747bac9e2eb4238ca4612f869fb399ea

Request headers

device-memory
8
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:55:03 GMT
content-encoding
gzip
last-modified
Tue, 01 Aug 2023 11:06:13 GMT
server
Apache/2.4.43 (Unix)
etag
"11073-601da88fd63c5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19486
expires
Thu, 01 Aug 2024 01:55:03 GMT
SalePivotHealthInsurance_30ZBD3Z7VTD.js
www.consumersadvocate.org/api/v1/conversion_action_events/embed_code/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.consumersadvocate.org/api/v1/conversion_action_events/embed_code/SalePivotHealthInsurance_30ZBD3Z7VTD.js
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/js/landing.5d17953db9a49cfa2c46.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger 6.0.1
Resource Hash
6104bdac5ac5de208c611137a48b76467ceb7dc45ffea7aeeb16abc1424c29e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:05 GMT
via
1.1 dc54b4b1501bd18543cf9685cb010c30.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LAX50-C2
x-powered-by
Phusion Passenger 6.0.1
content-encoding
br
x-cache
Miss from cloudfront
status
200 OK
x-host
nw03
x-xss-protection
1; mode=block
x-request-id
3002d68c-b416-469a-8a77-9a987e4f9d89
x-runtime
0.017833
x-assets-version
1688981235
referrer-policy
no-referrer-when-downgrade
server
cloudflare
etag
W/"59cf27eb00958da5ff1a6027e95d2cc9"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quFFl%2FiM6PITeTDIMY40CVNyKaoDIAaCVujWaVqObFHViyw6DpQRvJm7GTOojtb06qrhRl3oicA%2FSxqwlN0F1MaSpSVBhJqGKwHNlF98i9rF0kOpnwxginZ1TzE2is8vZrflyfybJtksfB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=0, private, must-revalidate
cf-ray
7f02b2520873a864-SYD
x-amz-cf-id
_4o6Yc2zKKmNAOGjUmU-BFWtzE5uS88tQeZTB7bfVDWhWeD8GP9GPg==
jquery-1.11.0.min.js
api.connectme.gen3ventures.com/js/lib/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.connectme.gen3ventures.com/js/lib/jquery-1.11.0.min.js
Requested by
Host: api.connectme.gen3ventures.com
URL: https://api.connectme.gen3ventures.com/js/connectme-v2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.61.92.29 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
1d.5c.3da9.ip4.static.sl-reverse.com
Software
/
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:04 GMT
content-encoding
gzip
last-modified
Thu, 06 Feb 2014 15:59:26 GMT
etag
"043d4685423cf1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
33470
GenerateToken
create.leadid.com/2.11.9/ 		36 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=c1770c95-8bdb-46e7-aaa9-dce7350c791a&_=703672143
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.137.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-137-162.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cda9076b32d2a74811697eb5aaf9619818f5ca900c09c4495b7465864976922e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Aug 2023 01:55:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
index.html
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame 44C7 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=57dff8180000ff000594e8bb
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-90.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://54.162.64.166/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
48905
cache-control
max-age=86400
content-encoding
gzip
content-length
1930
content-type
text/html
date
Tue, 01 Aug 2023 12:19:57 GMT
etag
"1b1a56d9c9fcf8acab07f238231461df"
last-modified
Mon, 08 May 2023 11:42:34 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 e0a25dd43c42c3d534f35d394e12b204.cloudfront.net (CloudFront)
x-amz-cf-id
rq-oCZPUuvb4C71c7vPbThJfSR5Jt_lBPl9oVqoGKTQ-tEjodQUD-Q==
x-amz-cf-pop
SIN52-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pageviewevent
sem-content.healthcare.com/pageview/ 		75 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sem-content.healthcare.com/pageview/pageviewevent
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.61.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-61-120.compute-1.amazonaws.com
Software
/
Resource Hash
2762efdd8a02efa13966154bbae58574765b6e6b4eeb3b52322fa48bc7c7656a

Request headers

Accept
application/json
Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://54.162.64.166
date
Wed, 02 Aug 2023 01:55:03 GMT
access-control-allow-credentials
true
content-length
75
vary
Origin
x-application-context
sem-content:prd:8001
content-type
application/json;charset=utf-8
pageviewevent
sem-content.healthcare.com/pageview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sem-content.healthcare.com/pageview/pageviewevent
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.61.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-61-120.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://54.162.64.166
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST,OPTIONS,HEAD
access-control-allow-origin
https://54.162.64.166
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Wed, 02 Aug 2023 01:55:03 GMT
vary
Origin
x-application-context
sem-content:prd:8001
main.js
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame 44C7 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=57dff8180000ff000594e8bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-90.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
124f0540b0a531107030a6cd746f2c7b84acfe4469ba08b6792bb68da7edb984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=57dff8180000ff000594e8bb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 01 Aug 2023 15:35:37 GMT
via
1.1 e0a25dd43c42c3d534f35d394e12b204.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
age
37165
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15571
x-xss-protection
1; mode=block
last-modified
Mon, 08 May 2023 11:42:56 GMT
server
AmazonS3
etag
"f90daf8c8f47c6afab7d4e27466118b5"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
57C9ChmKlWCRtqWYCIg2x_thQjnZb4zU0A1CgRVEJ-Df8nme_x5kxg==
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 3EC6 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=9EFCD823-F2B3-4148-86CE-AF1E461BDD05&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=0FCCCA9E-0AA6-E383-1618-6F20497C9C14&lac=D07A3733-9799-8328-98B5-5875425F1190
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0fccca9e-0aa6-e383-1618-6f20497c9c14.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.45.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-45-104.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://54.162.64.166/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Age
25060
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 01 Aug 2023 18:57:23 GMT
ETag
W/"6487351c-dbb"
Last-Modified
Mon, 12 Jun 2023 15:09:16 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 54d4d00f5a92073c1a23e29f92000462.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Tpq_jyp2ybKSKV4ZcB5quc82S4otcV7gWU5Cih7lF80FlqGdg8DcCg==
X-Amz-Cf-Pop
SIN2-P1
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.11.9/ 		0
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=c1770c95-8bdb-46e7-aaa9-dce7350c791a&token=9EFCD823-F2B3-4148-86CE-AF1E461BDD05&_=703672144
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.137.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-137-162.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Aug 2023 01:55:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=c1770c95-8bdb-46e7-aaa9-dce7350c791a&token=9EFCD823-F2B3-4148-86CE-AF1E461BDD05&_=703672145
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.137.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-137-162.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Aug 2023 01:55:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
www.google.com/pagead/1p-user-list/945764525/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/945764525/?random=1690941300502&cv=11&fst=1690938000000&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2F54.162.64.166%2F&frm=0&fmt=3&is_vtc=1&random=4166552877&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:04 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.nz/pagead/1p-user-list/945764525/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/pagead/1p-user-list/945764525/?random=1690941300502&cv=11&fst=1690938000000&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2F54.162.64.166%2F&frm=0&fmt=3&is_vtc=1&random=4166552877&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:04 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
14001554.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/14001554.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Wed, 02 Aug 2023 01:55:03 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0B7F796E48024734BFE0ACD4BE27D177 Ref B: AKL30EDGE0521 Ref C: 2023-08-02T01:55:04Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=14001554&tm=gtm002&Ver=2&mid=23501664-b6e6-4386-90e5-724abb9ee71f&sid=9848ed7030d711eeb8a0ad413adadc61&vid=9849013030d711eea87bc1b42826be2c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Flexible,%20Budget-Friendly%20Health%20Insurance%20Plans%20%7C%20Pivot%20Health&kw=Short%20Term%20Medical,%20STM,%20Pivot%20Health,%20Temporary%20Health%20Insurance,%20Insurance&p=https%3A%2F%2F54.162.64.166%2F&r=&lt=6473&evt=pageLoad&sv=1&rn=568483
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 02 Aug 2023 01:55:03 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F0C4882321494571B2297F5D9DEF82B0 Ref B: AKL30EDGE0521 Ref C: 2023-08-02T01:55:04Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=015339072003043808&referrer=&cht=gtm&marketerId=0096be3684ff6bee3d66e0c7904f738c26&name=PAGE_VIEW&dl=https%3A%2F%2F54.162.64.166%2F&g=1&obApiVersion=1.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.159 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Wed, 02 Aug 2023 01:55:05 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
b369325145bb998e163b20503ccc3f55
Content-Length
54
Content-Type
image/gif;
cachedClickId
tr.outbrain.com/ 		35 B
220 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=0096be3684ff6bee3d66e0c7904f738c26
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.159 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Wed, 02 Aug 2023 01:55:05 GMT
content-encoding
br
X-TraceId
069b391e14b5409e908c615eec3b77ee
Content-Length
39
Content-Type
application/javascript
53aa8807dec7e10d38f59f32
widget.trustpilot.com/trustbox-data/ Frame 44C7 		901 B
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=57dff8180000ff000594e8bb&locale=en-US
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-90.sin52.r.cloudfront.net
Software
Kestrel /
Resource Hash
4264ee6537b2ac1024a1008887945010402537c147507799c0e5aa978c1dcfc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=57dff8180000ff000594e8bb
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Aug 2023 01:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 e0a25dd43c42c3d534f35d394e12b204.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN52-P1
etag
"9353ad7de7b708100735f62360aa6f7c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
cache-control
public,max-age=1800
x-amz-cf-id
Rhi38LaoPSom9bQrDeSWQ24zEsOj3fs4gWhGWtm6Q9A2nuZIVKupHw==
x-xss-protection
1; mode=block
TrustboxImpression
widget.trustpilot.com/stats/ Frame 44C7 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=100px&styleWidth=100%25&theme=light&url=https%3A%2F%2F54.162.64.166%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=57dff8180000ff000594e8bb&widgetId=53aa8807dec7e10d38f59f32
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-90.sin52.r.cloudfront.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=57dff8180000ff000594e8bb
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 e0a25dd43c42c3d534f35d394e12b204.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
cache-control
no-store,no-cache
x-amz-cf-id
gtGOGRgiRXFNNyhMLBYyrIFP70iQRAf6uBUeMOW24PRyx-w2xeXN5w==
x-xss-protection
1; mode=block
token
cdn.linkedin.oribi.io/partner/1369386/domain/54.162.64.166/ 		36 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1369386/domain/54.162.64.166/token
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c7:1600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:03 GMT
content-encoding
gzip
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
1f97foHshhE0l1qN9sRn2YKujrkOiDoRM2vWLqoQjkaSg8BlXGLA4Q==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1369386&time=1690941302839&url=https%3A%2F%2F54.162.64.166%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1369386&time=1690941302839&url=https%3A%2F%2F54.162.64.166%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1369386%26time%3D1690941302839%26url%3Dhttps%253A%252F%252F54.162.64.166%252F%26c...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1369386&time=1690941302839&url=https%3A%2F%2F54.162.64.166%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1369386&time=1690941302839&url=https%3A%2F%2F54.162.64.166%2F&cookiesTest=true&liSync=true&e_ipv6=AQJ7MElsx3uJJwAAAYmz9LNSHxhrrDtr_Yfd64_Ovpc7RO7...
0
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1369386&time=1690941302839&url=https%3A%2F%2F54.162.64.166%2F&cookiesTest=true&liSync=true&e_ipv6=AQJ7MElsx3uJJwAAAYmz9LNSHxhrrDtr_Yfd64_Ovpc7RO77Yr1E26WclNe5oao-TmIT_VYy
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:06 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F103535EC0BD40CCACFEB9BFD0D25C06 Ref B: AKL30EDGE0511 Ref C: 2023-08-02T01:55:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYB5vPmDr/cTS97k5GTmA==

Redirect headers

date
Wed, 02 Aug 2023 01:55:04 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: EC9F8B3E217941B6962C379635A8BF04 Ref B: AKL30EDGE0506 Ref C: 2023-08-02T01:55:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1369386&time=1690941302839&url=https%3A%2F%2F54.162.64.166%2F&cookiesTest=true&liSync=true&e_ipv6=AQJ7MElsx3uJJwAAAYmz9LNSHxhrrDtr_Yfd64_Ovpc7RO77Yr1E26WclNe5oao-TmIT_VYy
x-li-proto
http/2
content-length
0
x-li-uuid
AAYB5vPcYOQ0DvYM1VYlmA==
iframe.html
deviceid.trueleadid.com/ Frame 3AF9 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=9EFCD823-F2B3-4148-86CE-AF1E461BDD05&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=0FCCCA9E-0AA6-E383-1618-6F20497C9C14&lac=D07A3733-9799-8328-98B5-5875425F1190
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=9EFCD823-F2B3-4148-86CE-AF1E461BDD05&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=0FCCCA9E-0AA6-E383-1618-6F20497C9C14&lac=D07A3733-9799-8328-98B5-5875425F1190
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.108.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-108-235.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer
https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Wed, 02 Aug 2023 01:55:04 GMT
etag
W/"649348e0-1049"
expires
Thu, 03 Aug 2023 01:55:04 GMT
last-modified
Wed, 21 Jun 2023 19:00:48 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
Snap
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=4&pid=c1770c95-8bdb-46e7-aaa9-dce7350c791a&token=9EFCD823-F2B3-4148-86CE-AF1E461BDD05&_=703672146
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.137.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-137-162.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Aug 2023 01:55:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.11.9/ 		0
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=5&pid=c1770c95-8bdb-46e7-aaa9-dce7350c791a&token=9EFCD823-F2B3-4148-86CE-AF1E461BDD05&_=703672147
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.137.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-137-162.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Aug 2023 01:55:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
widget_app_base_1690794092987.js
cdn.userway.org/widgetapp/2023-07-31/ 		133 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-07-31/widget_app_base_1690794092987.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d100::12 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
df904a0cf268792700550e67132c83bc7124552151fb43c10cc09134578ac633

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-77-pop
singaporeSG
date
Wed, 02 Aug 2023 01:55:04 GMT
via
1.1 fa00891de7530b64fd59452dc928b0b6.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
146514
x-accel-date
1690794790
x-77-nzt
AVm7ooSYUnn/UjwCAA
x-accel-expires
@1716714790
last-modified
Mon, 31 Jul 2023 09:04:21 GMT
server
CDN77-Turbo
etag
W/"e5deda2c069ff366471959acb908c43d"
x-77-nzt-ray
2ed93b147095c91e78b7c964323f3c17
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
6g6MBbOQhsR2RqQWBQI67cScK3xPxWZlAvXHrqR4ZkTuRume2i92Gg==
523984661444278
connect.facebook.net/signals/config/ 		169 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/523984661444278?v=2.9.120&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
22b15f1a2451c511242cd590a2a1c51a13824b7ed1c03f630a110b8d35235699
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 02 Aug 2023 01:55:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
LFbuj65ZTudGujb5PmLKhR8tsrEIhjsjJrGirHITtvXdr15C4m9754BFN9TBpvoSV6KgCzZ3Jz8Dd8Anw4QjHQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
690daac15aac2ef408cf70f1fa7d1c15.svg
54.162.64.166/assets/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/690daac15aac2ef408cf70f1fa7d1c15.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
73702294091d20bfe2a7043ca982f37c6bc2367cfff622e309689b4b61f51543

Request headers

device-memory
8
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:55:04 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"f8c-5febaa0c21780-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1217
expires
Thu, 01 Aug 2024 01:55:04 GMT
a0572a676c694c20a7824cee1d3562c7.svg
54.162.64.166/assets/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/a0572a676c694c20a7824cee1d3562c7.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
92a7286915985324213bbcd17fac7423d4a367971a865ed649ce3707b00f8a50

Request headers

device-memory
8
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:55:04 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"bfc-5febaa0c21780-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1242
expires
Thu, 01 Aug 2024 01:55:04 GMT
79ed66f921392e45d11156a3e86a0c33.svg
54.162.64.166/assets/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/79ed66f921392e45d11156a3e86a0c33.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
2b48a77af3d89ad8db4cb6b4e2a7c23b1455a52377d9ebe9429586f42c5d3b1f

Request headers

device-memory
8
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:55:04 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"ff8-5febaa0c21780-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1348
expires
Thu, 01 Aug 2024 01:55:04 GMT
136e75cc95cc286fe64f5a6c8494e73c.svg
54.162.64.166/assets/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/136e75cc95cc286fe64f5a6c8494e73c.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
9215786e740e3155a7a8e95e0ecb288d1e0d34cd2f2899baec01c101a83ac0e0

Request headers

device-memory
8
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:55:04 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"fef-5febaa0c21780-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1320
expires
Thu, 01 Aug 2024 01:55:04 GMT
4d8936b9219a49b106985afcd514e105.webp
54.162.64.166/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/4d8936b9219a49b106985afcd514e105.webp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
3057a807da59b59d510593ee7dedd249eaaa97b5e1e82dd52d7273279b61612d

Request headers

device-memory
8
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:55:04 GMT
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"510-5febaa0c21780"
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1296
expires
Fri, 01 Sep 2023 01:55:04 GMT
c20a6a1d69c945f767a650047f55e616.svg
54.162.64.166/assets/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://54.162.64.166/assets/c20a6a1d69c945f767a650047f55e616.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.64.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-64-166.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) /
Resource Hash
35e0e5ed1320a9a2c97661801b8fa39a8eb6c1720619d47552509bd84088d237

Request headers

device-memory
8
rtt
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
viewport-width
1600
Referer
https://54.162.64.166/
dpr
1
downlink
9.5
ect
4g

Response headers

date
Wed, 02 Aug 2023 01:55:04 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 16:46:38 GMT
server
Apache/2.4.43 (Unix)
etag
"12cf-5febaa0c21780-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1644
expires
Thu, 01 Aug 2024 01:55:04 GMT
api.min.css
a.omappapi.com/app/js/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.css
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SG1-868 /
Resource Hash
36aeabf490693f214315f98655aa5e871863fb6e4827d5e51aa70ee4578efa64

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:04 GMT
content-encoding
br
cdn-edgestorageid
868
perma-cache
HIT
cdn-storageserver
SG-516
cdn-cachedat
08/01/2023 22:20:43
cdn-pullzone
293267
last-modified
Mon, 31 Jul 2023 21:41:21 GMT
server
BunnyCDN-SG1-868
cdn-fileserver
623
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64c82a81-2644"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
2cf6ae190495a42fcecc9fd3f4619d0e
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
82111
api.omappapi.com/v2/embed/ 		182 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/82111?d=54.162.64.166
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-81.sin5.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
2dc52c70994f11b7d32f6fa0a0a7d6a46238c7b3b915c57a88d4615ff900bea4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:04 GMT
x-user-agent
standard--
via
1.1 490cd3b4c8c8e2aafa0be58f76446f44.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
SIN5-C1
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
X-CSRF-Token
content-length
182
x-amz-cf-id
ZcjqWYIhJ0kjtFMosec2gezooME3itjjADhGSYEH1s9ba8l6Li7_9A==
SaveDeviceId.js
create.leadid.com/2.11.9/ Frame 3AF9 		0
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=D07A3733-9799-8328-98B5-5875425F1190&lck=0FCCCA9E-0AA6-E383-1618-6F20497C9C14&methods=48&token=9EFCD823-F2B3-4148-86CE-AF1E461BDD05&uuid=91c28e576d194904876ceabbb83dea6f
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=9EFCD823-F2B3-4148-86CE-AF1E461BDD05&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=0FCCCA9E-0AA6-E383-1618-6F20497C9C14&lac=D07A3733-9799-8328-98B5-5875425F1190
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.137.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-137-162.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
add_user_properties_v3
heapanalytics.com/api/ 		37 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/add_user_properties_v3?a=491373971&u=1911383203893084&v=4862426433417329&s=2568802561674404&b=web&tv=4.0&_ph_session=20230802015456.4658c1b97520.nv&_ph_user=6FBA40E29962461F80A72D789DE42BF6&_agent_id=2010000&_ph_no_dependents=0&_ph_coverage_start_date=2023-08-03&_ph_coverage_duration=364&st=1690941304715
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.225.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-225-94.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
h
heapanalytics.com/ 		37 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=491373971&u=1911383203893084&v=4862426433417329&s=2568802561674404&b=web&tv=4.0&z=0&h=%2F&d=54.162.64.166&t=Flexible%2C%20Budget-Friendly%20Health%20Insurance%20Plans%20%7C%20Pivot%20Health&ts=1690941304713&st=1690941304716
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.225.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-225-94.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
Jy1Jfc6yQm
api.userway.org/api/tunings/ 		355 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/Jy1Jfc6yQm
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:950c:c609:3c1:aec8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0497b6402ad1b1dc08d989315719679e72198c5ef7e22ba8c04ea700a1b1f493

Request headers

Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 02 Aug 2023 01:55:05 GMT
etag
W/"163-Ts6Fr1OvI2Rp/C5mIfZw0K1BW/s"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usr4dd4b768b2424ef
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
355
x-service-version
uw-pr
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=523984661444278&ev=PageView&dl=https%3A%2F%2F54.162.64.166&rl=&if=false&ts=1690941304902&sw=1600&sh=1200&v=2.9.120&r=stable&ec=0&o=28&fbp=fb.3.1690941304899.1221048223&cs_est=true&pm=1&it=1690941304027&coo=false&cs_cc=1&cas=2464802680292675%2C2590490344354067%2C2921222397901227%2C3342962702397161&exp=a3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 02 Aug 2023 01:55:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
json
trc.taboola.com/1248506/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1248506/trc/3/json?tim=1690941304950&data=%7B%22id%22%3A259%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1690941304945%2C%22cv%22%3A%2220230730-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2F54.162.64.166%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpivothealth-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1690941304949%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2F54.162.64.166%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1248506/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f9bc415f93867590112624be30ff842bdd5da1bf9525aa718440097c5b5adffc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
168
date
Wed, 02 Aug 2023 01:55:05 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
151373
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-akl10324-AKL
server
nginx
x-timer
S1690941305.021585,VS0,VE168
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1248506/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Wed, 02 Aug 2023 01:55:05 GMT
x-amz-request-id
1JMT8R8Y1HS8T4RR
age
3501
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
iaJ440uI8Bl5dDDuWcx54wFQqoZsN/HcjPura4CqUm6CKlKEmDoproSykbezcXVT1TopRa0Curw=
x-served-by
cache-akl10324-AKL
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1690941305.326677,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
0
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
6198
eidf.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eidf.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1248506/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding
gzip
via
1.1 varnish
date
Wed, 02 Aug 2023 01:55:05 GMT
x-amz-request-id
5T4RY4YEMM6NNCRW
age
14230
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6467
x-amz-id-2
7qmN2YoMKcjmwtP1Sb5ILiUhC9DXhxBYCNaPs1UdWPwlChOTIfUupmhOqdNSbfQJyW5GbTJ5kk4=
x-served-by
cache-akl10324-AKL
last-modified
Sun, 02 Apr 2023 13:49:08 GMT
server
AmazonS3
x-timer
S1690941305.327015,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
69
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
21359
/
pips.taboola.com/ 		64 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
659612c858fdfd3b2bc564921fe199ed52eca03f7231317a08a8a7ee367d32d7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-served-by
cache-akl10324-AKL
date
Wed, 02 Aug 2023 01:55:05 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://54.162.64.166
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-6535ZJDHMG&gtm=45je37v0&_p=588598831&ul=en-us&sr=1600x1200&cid=1926907505.1690941296&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&dl=https%3A%2F%2F54.162.64.166%2F&sid=1690941297&sct=1&seg=0&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6535ZJDHMG&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::8a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://54.162.64.166
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en-US.json
cdn.userway.org/widgetapp/2023-07-31-09-01-32/locales/ 		497 B
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-07-31-09-01-32/locales/en-US.json
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d100::12 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
890f5d6859bb913dc2935ad99403a1fe79e9a26b83def87e97c1b413a34efbef

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-77-pop
singaporeSG
date
Wed, 02 Aug 2023 01:55:06 GMT
via
1.1 dcb42c70bda10759ea456b517bba08fa.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
SIN5-C1
age
1
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
146514
x-accel-date
1690794792
x-77-nzt
AVm7ooR2+IP/UjwCAA
x-accel-expires
@1716714792
last-modified
Mon, 31 Jul 2023 09:04:21 GMT
server
CDN77-Turbo
etag
W/"a42e1bd18cbcb1cd41143b86100e120d"
x-77-nzt-ray
2ed93b14d9921c567ab7c964983e870d
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/json
x-amz-cf-id
LLwESojMami7_dpLyG58Yq7jwiPxoKkaazGLTdCiGSFAPxpkfTIasQ==
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=cc375394-80cf-4991-a4cc-3f28c03e1da5-tuctbc33cf9&uad=4dd96db8b8d085ee5eaa39f0db86c17ac3563e8edd3f80419d30b143909b904c&mbl=ZmFsc2U=
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 02 Aug 2023 01:55:06 GMT
cache-control
no-store
server
nginx
Snap
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=6&pid=c1770c95-8bdb-46e7-aaa9-dce7350c791a&token=9EFCD823-F2B3-4148-86CE-AF1E461BDD05&_=703672148
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.137.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-137-162.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Aug 2023 01:55:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
x.bidswitch.net/ul_cb/ Frame 1661
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-mIAaZprqbOBP39qnHjwrmsH6en5C2H8wm0yxpA&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mIAaZprqbOBP39qnHjwrmsH6en5C2H8wm0yxpA&expires=30
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mIAaZprqbOBP39qnHjwrmsH6en5C2H8wm0yxpA&expires=30
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Wed, 02 Aug 2023 01:55:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mIAaZprqbOBP39qnHjwrmsH6en5C2H8wm0yxpA&expires=30
Date
Wed, 02 Aug 2023 01:55:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 1661
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tGo-9prqbOBP39qnHjwrmsH6en4PmtnfAbE2ug&google_cm&google_hm=ay10R28tOXBycWJPQlAzOXFuSGp3cm1zSDZlbjRQbXRuZ...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tGo-9prqbOBP39qnHjwrmsH6en4PmtnfAbE2ug&google_gid=CAESEA7iHYRkIv0UhYggaSctEe4&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tGo-9prqbOBP39qnHjwrmsH6en4PmtnfAbE2ug&google_gid=CAESEA7iHYRkIv0UhYggaSctEe4&google_cver=1&google_ula=913071,0
Protocol
H2
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
625642
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tGo-9prqbOBP39qnHjwrmsH6en4PmtnfAbE2ug&google_gid=CAESEA7iHYRkIv0UhYggaSctEe4&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 1661
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5759953924642003820
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5759953924642003820
Protocol
H2
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1441190
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:08 GMT
an-x-request-uuid
d2498ae4-f47c-4d2a-a27b-92630f25a392
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5759953924642003820
x-proxy-origin
103.75.11.106; 103.75.11.106; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/ Frame 1661
Redirect Chain
  • https://secure.adnxs.com/setuid?entity=52&code=k-aoufaJrqbOBP39qnHjwrmsH6en5mTo78dWxYMg
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-aoufaJrqbOBP39qnHjwrmsH6en5mTo78dWxYMg
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-aoufaJrqbOBP39qnHjwrmsH6en5mTo78dWxYMg
Protocol
H2
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:08 GMT
an-x-request-uuid
1d93b8ba-852d-485d-b649-64681d4391c8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
103.75.11.106; 103.75.11.106; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:07 GMT
an-x-request-uuid
ef0764ba-d098-4ffd-b830-982519684a18
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-aoufaJrqbOBP39qnHjwrmsH6en5mTo78dWxYMg
cache-control
no-store, no-cache, private
x-proxy-origin
103.75.11.106; 103.75.11.106; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 1661 		61 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-jPvS3ZrqbOBP39qnHjwrmsH6en6fRGtipPdVDw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.96.11 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-96-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 02 Aug 2023 01:55:07 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Wed, 02 Aug 2023 01:55:07 GMT
tap.php
pixel.rubiconproject.com/ Frame 1661 		42 B
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-OUwf-JrqbOBP39qnHjwrmsH6en5TiTajAUSZJw&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame 1661 		68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Bgb7-ZrqbOBP39qnHjwrmsH6en6XK572WEkPgQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.136.61 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-136-61.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:08 GMT
cache-control
no-cache
content-length
68
content-type
image/png
/
rtb-csync.smartadserver.com/redir/ Frame 1661 		43 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-vXrsKZrqbOBP39qnHjwrmsH6en5Bs8UfUWuPmw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 01:55:07 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1661 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-MFlVVJrqbOBP39qnHjwrmsH6en7_iJ-qcg0MFA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:07 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
240562
um
criteo-sync.teads.tv/ Frame 1661 		23 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-0-JfcZrqbOBP39qnHjwrmsH6en7qKk_Wbov9AQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.13.34 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-13-34.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Wed, 02 Aug 2023 01:55:08 GMT
pragma
no-cache
date
Wed, 02 Aug 2023 01:55:08 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 1661
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-nE0GlJrqbOBP39qnHjwrmsH6en5Yr4aQln3vWg&dongle=013b
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-nE0GlJrqbOBP39qnHjwrmsH6en5Yr4aQln3vWg&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-nE0GlJrqbOBP39qnHjwrmsH6en5Yr4aQln3vWg&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 02 Aug 2023 01:55:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=2711&xuid=k-nE0GlJrqbOBP39qnHjwrmsH6en5Yr4aQln3vWg&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date
Wed, 02 Aug 2023 01:55:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ups.analytics.yahoo.com/ups/58301/ Frame 1661 		0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-xEOJiprqbOBP39qnHjwrmsH6en5dkusGz55Sfg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:08 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
adgen.socdm.com/rtb/ Frame 1661 		43 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.215.2 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-SO-Cluster-ID
0
Date
Wed, 02 Aug 2023 01:55:09 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=23","cluster_id":0,"gdpr":false,"ipv4":"103.75.11.106","key":"ZMm3fcCo8HgAACRGMD0AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40368"}
X-SO-Key
ZMm3fcCo8HgAACRGMD0AAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40368
P3P
CP="See also http://www.scaleout.jp/privacy/"
Content-Type
image/gif
Cache-Control
private
X-SO-HostName
a-ad40368.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
7
Content-Length
43
X-SO-LB-Hostname
m-ng20.dc4p.scaleout.jp
X-SO-IP
103.75.11.106
idsync
tg.socdm.com/aux/ Frame 1661 		43 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-_Euk0ZrqbOBP39qnHjwrmsH6en6xXPJzQoRTgA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.215.50 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-SO-Cluster-ID
0
Date
Wed, 02 Aug 2023 01:55:09 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-_Euk0ZrqbOBP39qnHjwrmsH6en6xXPJzQoRTgA","cluster_id":0,"gdpr":false,"ipv4":"103.75.11.106","key":"ZMm3fcCo8YsAAFBbuIIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad441"}
X-SO-Key
ZMm3fcCo8YsAAFBbuIIAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad441
P3P
CP="See also http://www.scaleout.jp/privacy/"
Content-Type
image/gif
Cache-Control
private
X-SO-HostName
m-ad441.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
43
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
X-SO-IP
103.75.11.106
sync
tags.bluekai.com/site/29001/ Frame 1661
Redirect Chain
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=gL6_Djpof-f5J9oFSSaSCA_LZdKsMye5
62 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=gL6_Djpof-f5J9oFSSaSCA_LZdKsMye5
Protocol
H2
Server
104.69.166.9 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-166-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 02 Aug 2023 01:55:09 GMT
content-length
62
bk-server
3610
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=gL6_Djpof-f5J9oFSSaSCA_LZdKsMye5
date
Wed, 02 Aug 2023 01:55:08 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
837410
content-length
0
rum
r.casalemedia.com/ Frame 1661
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-S8Jez5rqbOBP39qnHjwrmsH6en4GTgP7KYcP4w
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-S8Jez5rqbOBP39qnHjwrmsH6en4GTgP7KYcP4w&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-S8Jez5rqbOBP39qnHjwrmsH6en4GTgP7KYcP4w&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Aug 2023 01:55:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 02 Aug 2023 01:55:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=20&external_user_id=k-S8Jez5rqbOBP39qnHjwrmsH6en4GTgP7KYcP4w&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
pixel
adx.dable.io/ Frame 1661 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.dable.io/pixel?dsp_id=6&uid=k-8pcWD5rqbOBP39qnHjwrmsH6en406dSpJdQyug
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.78.1.42 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-78-1-42.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:09 GMT
server
nginx
/
cs.adingo.jp/sync/ Frame 1661 		43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.adingo.jp/sync/?from=criteo&id=k-LVSyyJrqbOBP39qnHjwrmsH6en5KhNB322cFBg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.226.225 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-226-225.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma
no-cache
date
Wed, 02 Aug 2023 01:55:09 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
image/gif
server
nginx
expires
Wed, 17 Sep 1975 21:32:10 GMT
user-registering
ads.stickyadstv.com/ Frame 1661 		0
0
match
ad.360yield.com/ul_cb/ Frame 1661
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-sLFWxJrqbOBP39qnHjwrmsH6en42M_eyozH2VQ
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-sLFWxJrqbOBP39qnHjwrmsH6en42M_eyozH2VQ
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-sLFWxJrqbOBP39qnHjwrmsH6en42M_eyozH2VQ
Protocol
H2
Server
54.255.62.122 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-62-122.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 02 Aug 2023 01:55:09 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-sLFWxJrqbOBP39qnHjwrmsH6en42M_eyozH2VQ
access-control-allow-origin
*
date
Wed, 02 Aug 2023 01:55:09 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
362338.gif
idsync.rlcdn.com/ Frame 1661 		42 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362338.gif?partner_uid=k-mGvyuZrqbOBP39qnHjwrmsH6en7JEzbIxfI4Ug
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:10 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 1661 		0
0
c.gif
c.bing.com/ Frame 1661 		42 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-FpA5wJrqbOBP39qnHjwrmsH6en6DVf8RBg49JA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 01:55:11 GMT
last-modified
Tue, 06 Jun 2023 16:36:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A316EEFF275F4CE1AB3BFE605B97C52F Ref B: AKL30EDGE0521 Ref C: 2023-08-02T01:55:11Z
etag
"7b637fb9498d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
cookie-sync
sync.outbrain.com/ Frame 1661 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1661 		0
0
/
s.ad.smaato.net/c/ Frame 1661 		0
0
sync.htm
ade.clmbtech.com/uid/ Frame 1661 		0
0
/
sync.aralego.com/idSync/ Frame 1661 		0
0
sync
sync-criteo.ads.yieldmo.com/ Frame 1661 		0
0
body_bl.svg
cdn.userway.org/widgetapp/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_bl.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d100::12 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d82a64d201223f5c3bb5d03af3306a6c9ada1b9ff1070d2e00a6261896a607fd

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-77-pop
singaporeSG
date
Wed, 02 Aug 2023 01:55:06 GMT
via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
SIN5-C1
age
70
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
4122419
x-accel-date
1686818887
x-77-nzt
AVm7ooSn6nz/M+c+AA
x-accel-expires
@1712738887
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"2842487c011bd6df2e543f3bac4238f2"
x-77-nzt-ray
2ed93b147095c91e7ab7c964387d7d10
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
G_Bsi0pjqBnqLb_3iZKFAarvLPvwTLFnF6v5uAdFZtqEfhjMgMXwRg==
spin_bl.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_bl.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d100::12 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0866546ae9c65964cd912860db934e24d99b401dca5a2a206b8df2cacc60bda5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-77-pop
singaporeSG
date
Wed, 02 Aug 2023 01:55:12 GMT
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
SIN5-C1
age
57
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
4122438
x-accel-date
1686818874
x-77-nzt
AVm7ooRajCT/Ruc+AA
x-accel-expires
@1712738874
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"f1006e80919a554a181eeffcb6b3e381"
x-77-nzt-ray
2ed93b147095c91e80b7c9646eb65205
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
HCyvyay3OHRVtLl9OvtPtRYv4HOjnsziJfqs7HcMkzJN2zartg5f8A==
unip
trc-events.taboola.com/1248506/log/3/ 		0
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1248506/log/3/unip?en=pre_d_eng_tb&tos=1571&scd=0&ssd=1&est=1690941304948&ver=36&isls=true&src=i&invt=1500&msa=993&rv=1&tim=1690941306519&vi=1690941304945&ri=db97f6b7aef94f31b2941685915d1524&sd=v2_26f78aebef9bf5c6b4a666c967db1158_cc375394-80cf-4991-a4cc-3f28c03e1da5-tuctbc33cf9_1690941305_1690941305_CNawjgYQ-plMGPHg0p-bMSABKAEwEDiu_QZA8oUQSNXF1wNQ____________AVgAYABowen75N2l19oVcAE&ui=cc375394-80cf-4991-a4cc-3f28c03e1da5-tuctbc33cf9&ref=null&cv=20230730-6-RELEASE&item-url=https%3A%2F%2F54.162.64.166%2F
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
https://54.162.64.166
pragma
no-cache
date
Wed, 02 Aug 2023 01:55:07 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
Snap
create.leadid.com/2.11.9/ 		0
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=7&pid=c1770c95-8bdb-46e7-aaa9-dce7350c791a&token=9EFCD823-F2B3-4148-86CE-AF1E461BDD05&_=703672149
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.137.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-137-162.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Aug 2023 01:55:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=8&pid=c1770c95-8bdb-46e7-aaa9-dce7350c791a&token=9EFCD823-F2B3-4148-86CE-AF1E461BDD05&_=703672150
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.137.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-137-162.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Aug 2023 01:55:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
unip
trc-events.taboola.com/1248506/log/3/ 		0
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1248506/log/3/unip?en=pre_d_eng_tb&tos=4572&scd=0&ssd=1&est=1690941304948&ver=36&isls=true&src=i&invt=3000&msa=993&rv=1&tim=1690941309520&vi=1690941304945&ri=db97f6b7aef94f31b2941685915d1524&sd=v2_26f78aebef9bf5c6b4a666c967db1158_cc375394-80cf-4991-a4cc-3f28c03e1da5-tuctbc33cf9_1690941305_1690941305_CNawjgYQ-plMGPHg0p-bMSABKAEwEDiu_QZA8oUQSNXF1wNQ____________AVgAYABowen75N2l19oVcAE&ui=cc375394-80cf-4991-a4cc-3f28c03e1da5-tuctbc33cf9&ref=null&cv=20230730-6-RELEASE&item-url=https%3A%2F%2F54.162.64.166%2F
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
https://54.162.64.166
pragma
no-cache
date
Wed, 02 Aug 2023 01:55:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
sync
gum.criteo.com/ Frame 1661 		0
0
empty.html
static.criteo.net/ Frame 8183 		111 B
449 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/empty.html
Requested by
Host: 54.162.64.166
URL: https://54.162.64.166/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
0a7c567b36a7bfb198d6f6fbb8b26c0c1fbc557cd4f0fd696835974edd036f0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://54.162.64.166/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=31104000 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 01:55:11 GMT
etag
W/"63dbe1a8-6f"
expires
Sat, 27 Jul 2024 01:55:11 GMT
last-modified
Thu, 02 Feb 2023 16:15:36 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2F54.162.64.166%2F/DESKTOP/WIDGET_OFF/ 		77 B
455 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2F54.162.64.166%2F/DESKTOP/WIDGET_OFF/status
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-07-31/widget_app_base_1690794092987.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:950c:c609:3c1:aec8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
55bdb1700149e5204204c06b154ee3d44990039e1227e75da7193378d160de01

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:55:11 GMT
etag
W/"4d-LFMdxGwYZe/xj6Qk5mJ4pvoM+ew"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
77
x-service-version
seo-w-38379d86
scan_1690794092987.js
cdn.userway.org/widgetapp/2023-07-31/scan/ 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-07-31/scan/scan_1690794092987.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-07-31/widget_app_base_1690794092987.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d100::12 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e82346cb8dbe953e34113ccc846918d0d71609080fdef2bb13f4e6b663dd7e11

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-77-pop
singaporeSG
date
Wed, 02 Aug 2023 01:55:12 GMT
via
1.1 6744df903aaebd8a225f5410dbe17efc.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
SIN5-C1
age
299
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
146192
x-accel-date
1690795120
x-77-nzt
AVm7ooTUlZb/EDsCAA
x-accel-expires
@1716715120
last-modified
Mon, 31 Jul 2023 09:04:21 GMT
server
CDN77-Turbo
etag
W/"66be6219e4d776415911d72fac0f0abc"
x-77-nzt-ray
2ed93b147095c91e80b7c964a6255805
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
ax9_G3l2EqxlYXcNWWCH5LXlX_RzlTh6-qaWcKgx2zm0hwiW8zLfbQ==
contrib
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2F54.162.64.166%2F/DESKTOP/ 		77 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2F54.162.64.166%2F/DESKTOP/contrib
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:950c:c609:3c1:aec8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 02 Aug 2023 01:55:12 GMT
etag
W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
77
x-service-version
seo-w-38379d86
contrib
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2F54.162.64.166%2F/DESKTOP/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2F54.162.64.166%2F/DESKTOP/contrib
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:950c:c609:3c1:aec8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://54.162.64.166
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-max-age
3000
cache-control
no-cache, no-store, must-revalidate
date
Wed, 02 Aug 2023 01:55:12 GMT
x-service-version
seo-w-38379d86
Snap
create.leadid.com/2.11.9/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=9&pid=c1770c95-8bdb-46e7-aaa9-dce7350c791a&token=9EFCD823-F2B3-4148-86CE-AF1E461BDD05&_=703672151
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.137.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-137-162.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://54.162.64.166/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Aug 2023 01:55:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
unip
trc-events.taboola.com/1248506/log/3/ 		0
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1248506/log/3/unip?en=pre_d_eng_tb&tos=10574&scd=0&ssd=1&est=1690941304948&ver=36&isls=true&src=i&invt=6000&msa=993&rv=1&tim=1690941315522&vi=1690941304945&ri=db97f6b7aef94f31b2941685915d1524&sd=v2_26f78aebef9bf5c6b4a666c967db1158_cc375394-80cf-4991-a4cc-3f28c03e1da5-tuctbc33cf9_1690941305_1690941305_CNawjgYQ-plMGPHg0p-bMSABKAEwEDiu_QZA8oUQSNXF1wNQ____________AVgAYABowen75N2l19oVcAE&ui=cc375394-80cf-4991-a4cc-3f28c03e1da5-tuctbc33cf9&ref=null&cv=20230730-6-RELEASE&item-url=https%3A%2F%2F54.162.64.166%2F
Requested by
Host: assets.stg.healthcare.com
URL: https://assets.stg.healthcare.com/raygun.vanilla.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://54.162.64.166/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
https://54.162.64.166
pragma
no-cache
date
Wed, 02 Aug 2023 01:55:15 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.yimg.com
URL
https://s.yimg.com/wi/config/10093651.json
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-KO3G4prqbOBP39qnHjwrmsH6en6qVxsM8djtqQ
Domain
exchange.mediavine.com
URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-I2mTO5rqbOBP39qnHjwrmsH6en76sf02Smu1aA
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-3NXRKprqbOBP39qnHjwrmsH6en7vR6NtEApOLw&initiator=partner
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-RXKkvJrqbOBP39qnHjwrmsH6en7vD-ahJzn_Vg
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-dQgidJrqbOBP39qnHjwrmsH6en4zW7RO9z0qmA
Domain
ade.clmbtech.com
URL
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-txCVwJrqbOBP39qnHjwrmsH6en7d72XQnxkT2g
Domain
sync.aralego.com
URL
https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-wQQrE5rqbOBP39qnHjwrmsH6en4lNf_BWjWMew
Domain
sync-criteo.ads.yieldmo.com
URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-NvbB_prqbOBP39qnHjwrmsH6en7KrJ8iGjeb8g&pn_id=criteo&ext=1
Domain
gum.criteo.com
URL
https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| hcDynamic object| executeWhenFinishToRender object| dataLayer function| ph function| dataLayerPushEvent function| dataLayerPushVariable object| webpackJsonp object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| dotq string| ire_o function| ire object| q function| get_cookies_array function| sendGAEvent function| mapVariationID function| getCookieValueOf function| mapExperimentID object| appStateUpdatedQueue function| toMinutes function| formatOpeningHours function| printNewScheduleIfNeeded function| overrideSchedule object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| filterCSS function| filterXSS function| getState function| updateState function| updateStore function| moment object| connectMeStore function| replaceTCPA object| DD_LOGS object| hc function| $ function| jQuery object| proxyStorage function| getURLProfile function| disableExitMessaging string| RaygunObject function| rg4js function| ImpactRadiusEvent object| irEvent object| gaplugins object| gaGlobal object| gaData object| criteo_q function| raygunFactory function| raygunRumFactory object| TraceKit function| raygunUtilityFactory function| raygunBreadcrumbsFactory object| Raygun object| loadData object| YAHOO object| cvr function| hj object| _hjSettings function| g3cm object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| _gscq object| GooglebQhCsO function| obApi function| obTag string| _linkedin_partner_id object| _linkedin_data_partner_ids function| fbq function| _fbq object| heap object| _tfa object| VWO function| G3ConnectMe boolean| loadjquery function| loadG3ConnectMe object| LeadiDconfig object| LeadiD object| Trustpilot string| label string| id boolean| sensitiveData object| defaultStyleFrame function| UET function| UET_init function| UET_push object| ueto_c0b7766b46 object| uetq function| apiObj function| lintrk boolean| _already_called_lintrk object| UserWayWidgetApp object| webpackChunkom_api_js object| _omapp function| OptinMonsterApp boolean| om_loaded object| om92389_82111 object| _omq function| omq function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| __jq object| __g3cm function| __trcWarn function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| CAConversion object| UserWay object| UW_RULES_ENGINE

74 Cookies

Domain/Path Name / Value
.taboola.com/pivothealth-sc/ Name: taboola_session_id
Value: v2_26f78aebef9bf5c6b4a666c967db1158_cc375394-80cf-4991-a4cc-3f28c03e1da5-tuctbc33cf9_1690941305_1690941305_CNawjgYQ-plMGPHg0p-bMSABKAEwEDiu_QZA8oUQSNXF1wNQ____________AVgAYABowen75N2l19oVcAE
54.162.64.166/ Name: _sp_ses.e90e
Value: *
54.162.64.166/ Name: _ga
Value: GA1.1.1926907505.1690941296
54.162.64.166/ Name: _gid
Value: GA1.1.1180277895.1690941296
54.162.64.166/ Name: _gat_UA-66060627-1
Value: 1
.criteo.com/ Name: uid
Value: be1ed79e-8fbf-416f-ac82-70a6925f9280
.media.net/ Name: visitor-id
Value: 3339428977137031000V10
.media.net/ Name: data-max
Value: setstatuscode~~1
.pmsrv.co/ Name: vvv
Value: 3339428977137031000V10
54.162.64.166/ Name: raygun4js-userid
Value: 857d7226-f3a7-1d9d-006c-b2ed73ec0b00
54.162.64.166/ Name: cto_bundle
Value: GE7JhV8yR3RCV0MzNExqWWREMFRBMGxDRzVjNzNXeVBHamhqVmZoemZFOWVIMXo1QUNGdHFWNWVVTXRmNVZsS0RKSEhzakdHWDk0QVNTb3glMkJHalFsTGpnZFU3anFldVJHMWtTbSUyRmJPN3Y3QmNnSVJhcUZlQzFQWjZrYWxXaXBZbFFQNkZ2M3IxQm5yVDVOSnhJRjFqTGhOalN3JTNEJTNE
54.162.64.166/ Name: _sp_id.e90e
Value: caa320a4-6898-4cc8-af51-13121657b81d.1690941295.1.1690941300..fc74c985-6d6f-4d42-9676-a196477542a9..5fd2fa0d-1308-4ccc-8a78-6e82685b2a84.1690941300482.1
54.162.64.166/ Name: _gcl_au
Value: 1.1.1097556570.1690941301
54.162.64.166/ Name: _ga_6535ZJDHMG
Value: GS1.1.1690941297.1.1.1690941300.57.0.0
54.162.64.166/ Name: _hjSessionUser_881635
Value: eyJpZCI6IjNjOTEyM2NmLWQzOGUtNThhZC05MjhiLTRlMGJlZmM1NTQyMCIsImNyZWF0ZWQiOjE2OTA5NDEzMDA2MTQsImV4aXN0aW5nIjpmYWxzZX0=
54.162.64.166/ Name: _hjFirstSeen
Value: 1
54.162.64.166/ Name: _hjIncludedInSessionSample_881635
Value: 0
54.162.64.166/ Name: _hjSession_881635
Value: eyJpZCI6IjAxZTA5NjM4LTEwZmEtNDU1Mi1hMTlkLWYyMDY2OTE1YmE1YyIsImNyZWF0ZWQiOjE2OTA5NDEzMDA2MjEsImluU2FtcGxlIjpmYWxzZX0=
54.162.64.166/ Name: _hjAbsoluteSessionInProgress
Value: 0
.yahoo.com/ Name: A3
Value: d=AQABBHW3yWQCEIBLMEVtP-aztXy1QpP-mykFEgEBAQEIy2TTZA0AAAAA_eMAAA&S=AQAAAqTn7Nq3UBakT9dbTt9B1kE
54.162.64.166/ Name: leadid_token-D07A3733-9799-8328-98B5-5875425F1190-0FCCCA9E-0AA6-E383-1618-6F20497C9C14
Value: 9EFCD823-F2B3-4148-86CE-AF1E461BDD05
54.162.64.166/ Name: _uetsid
Value: 9848ed7030d711eeb8a0ad413adadc61
54.162.64.166/ Name: _uetvid
Value: 9849013030d711eea87bc1b42826be2c
54.162.64.166/ Name: ln_or
Value: eyIxMzY5Mzg2IjoiZCJ9
54.162.64.166/ Name: _omappvp
Value: fz69L4IqdznpGtG48SNgmpTWb1AzrIFUvwuuQlfa6k49otTjEK2OOLuqweMWLyx3Y6TH65GlEvb6EGqduDivbbM2Y2UDvQOA
54.162.64.166/ Name: _omappvs
Value: 1690941304152
.deviceid.trueleadid.com/ Name: uuid
Value: 91c28e576d194904876ceabbb83dea6f
.bing.com/ Name: MUID
Value: 08060EEC4CE0614F19D01D8D4DFE6010
.bat.bing.com/ Name: MR
Value: 0
54.162.64.166/ Name: _hp2_id.491373971
Value: %7B%22userId%22%3A%221911383203893084%22%2C%22pageviewId%22%3A%224862426433417329%22%2C%22sessionId%22%3A%222568802561674404%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.linkedin.com/ Name: li_sugr
Value: 5aae26d0-a6a7-457b-8797-4832754ae7dc
.linkedin.com/ Name: bcookie
Value: "v=2&bc4e4c61-9515-44e6-8472-a1a8bdda0af9"
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2687:u=1:x=1:i=1690941304:t=1691027704:v=2:sig=AQHbIydeqLZnSlvcKyEiS3XC4Qz41Zdh"
54.162.64.166/ Name: _fbp
Value: fb.3.1690941304899.1221048223
.linkedin.com/ Name: UserMatchHistory
Value: AQKuA0n_DRYnNgAAAYmz9LCrpoER7yEB5V4SBZHd6X8b92g5xmIUJF0s5GlKQJPbt73VK522UCnE4A
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLMhvWLfJBozAAAAYmz9LCreWZgy69A3Q_0r2NNUx7JwsNzuSovPZLuLVx2c-4T0rbn2zKQawzuPxvM3hCzRQ
.taboola.com/ Name: t_gid
Value: cc375394-80cf-4991-a4cc-3f28c03e1da5-tuctbc33cf9
54.162.64.166/ Name: outbrain_cid_fetch
Value: true
.www.linkedin.com/ Name: bscookie
Value: "v=1&2023080201550586f2bcea-8644-4408-8922-2d8166fdd64fAQGHt4oLKZBju69U36yhnSlR8nwR_jsq"
54.162.64.166/ Name: _hp2_ses_props.491373971
Value: %7B%22ts%22%3A1690941304713%2C%22d%22%3A%2254.162.64.166%22%2C%22h%22%3A%22%2F%22%7D
.bidswitch.net/ Name: tuuid
Value: 1aca09cc-088b-469d-8f53-d7c4955401ba
.bidswitch.net/ Name: c
Value: 1690941307
.bidswitch.net/ Name: tuuid_lu
Value: 1690941307
.doubleclick.net/ Name: IDE
Value: AHWqTUn9STgY_5mmrFv3rngRVyeI6Rqktk6bGQo7DaOp-tD2fLDOvua44j6yt3dlIIM
.media.net/ Name: data-c
Value: k-jPvS3ZrqbOBP39qnHjwrmsH6en6fRGtipPdVDw~~3
.media.net/ Name: data-c-ts
Value: 1690941307
.sharethrough.com/ Name: stx_user_id
Value: 2dde40ce-9b27-4c8f-8da9-94b67c336897
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2In4rg)F^!]tbPl@/D!9hy6]/Cr+bcKMSn]2MdtmcUDs_:xXP]4Xonk^b9yhWVV.mvXH'bL^hdC2](DEbwcS*bpRz*qF1`*bf/S-<PWu
.rubiconproject.com/ Name: khaos
Value: LKT2SNT2-1A-J39G
.rubiconproject.com/ Name: audit
Value: 1|clz3vHdt4zbP9wp2GZp0iOkhx9/xV0ucUs3j3opZPgAeObUSX1xGaGm8xoIBy6DYEt8NcQUhKlgwHTRO1/p4iCck1N7K9KkV0dqlR5NoluSCD9zFQIvrTXKegdeUeHWFB+WbZ5xHIDSCFt58jozWQl7nL2LTPN7DuoGKzsdv8X516h2LKXkYaJDy+KCnXKr4N6JXMcYuiJM=
.3lift.com/ Name: tluid
Value: 3967437858452503651796
.adnxs.com/ Name: uuid2
Value: 5759953924642003820
.smartadserver.com/ Name: pid
Value: 5928553722354570071
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 79:k-vXrsKZrqbOBP39qnHjwrmsH6en5Bs8UfUWuPmw
.analytics.yahoo.com/ Name: IDSYNC
Value: 18zh~2d41
.teads.tv/ Name: tt_viewer
Value: fa8ea196-bcaa-479d-832b-19c1a14b02a1
.socdm.com/ Name: SOC
Value: ZMm3fcCo8YsAAFBbuIIAAAAA
.dable.io/ Name: uid
Value: 89764095.1690941309355
.adingo.jp/ Name: criteo_dsp
Value: k-LVSyyJrqbOBP39qnHjwrmsH6en5KhNB322cFBg
.360yield.com/ Name: tuuid
Value: 8af0ac37-0261-467c-8026-ce4472b1669b
.360yield.com/ Name: tuuid_lu
Value: 1690941309
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1LDll1R+l0ug/E2BB1dV0pczneAT157S12TkvXuftgDyNOxeeOHU5
.bluekai.com/ Name: bku
Value: uUW99ctl0VEgpkWA
.360yield.com/ Name: um
Value: !38,vi1AtgEOXY3whXDYBH5Eoiwg61cORP-ssmTzlQejd.k7G3Kw5NYFZRW6KzoN8xo19ezrBsM3,1698717309
.360yield.com/ Name: umeh
Value: !38,0,1753149309,-1
.casalemedia.com/ Name: CMID
Value: ZMm3fRcpgf4Ya3VQztHO3AAA
.casalemedia.com/ Name: CMPS
Value: 4893
.casalemedia.com/ Name: CMPRO
Value: 4893
.rlcdn.com/ Name: rlas3
Value: MQrPVy3qld/scY2NMzZvRCinSi5WR3Ti6lzl1TV1qqc=
.rlcdn.com/ Name: pxrc
Value: CAA=
.c.bing.com/ Name: MR
Value: 0
54.162.64.166/ Name: _dd_s
Value: logs=1&id=70383fac-2a7e-485d-8060-07b884dd7513&created=1690941295444&expire=1690942195444

11 Console Messages

Source Level URL
Text
security warning URL: https://54.162.64.166/(Line 3)
Message:
Mixed Content: The page at 'https://54.162.64.166/' was loaded over HTTPS, but requested an insecure element 'https://54.162.64.166/assets/b27369ceab8a497d8413e51a99bb2367.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security warning URL: https://54.162.64.166/(Line 3)
Message:
Mixed Content: The page at 'https://54.162.64.166/' was loaded over HTTPS, but requested an insecure element 'https://54.162.64.166/assets/2a4bb29c6f4b9cfca7279e4884c725ee.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security warning URL: https://54.162.64.166/
Message:
Mixed Content: The page at 'https://54.162.64.166/' was loaded over HTTPS, but requested an insecure element 'https://54.162.64.166/assets/b27369ceab8a497d8413e51a99bb2367.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security warning URL: https://54.162.64.166/
Message:
Mixed Content: The page at 'https://54.162.64.166/' was loaded over HTTPS, but requested an insecure element 'https://54.162.64.166/assets/2a4bb29c6f4b9cfca7279e4884c725ee.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security warning URL: https://54.162.64.166/
Message:
Mixed Content: The page at 'https://54.162.64.166/' was loaded over HTTPS, but requested an insecure element 'https://54.162.64.166/assets/dc36289ed9058530805ff6ec1bf1dfdf.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security warning URL: https://54.162.64.166/
Message:
Mixed Content: The page at 'https://54.162.64.166/' was loaded over HTTPS, but requested an insecure element 'https://54.162.64.166/assets/690daac15aac2ef408cf70f1fa7d1c15.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security warning URL: https://54.162.64.166/
Message:
Mixed Content: The page at 'https://54.162.64.166/' was loaded over HTTPS, but requested an insecure element 'https://54.162.64.166/assets/a0572a676c694c20a7824cee1d3562c7.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security warning URL: https://54.162.64.166/
Message:
Mixed Content: The page at 'https://54.162.64.166/' was loaded over HTTPS, but requested an insecure element 'https://54.162.64.166/assets/79ed66f921392e45d11156a3e86a0c33.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security warning URL: https://54.162.64.166/
Message:
Mixed Content: The page at 'https://54.162.64.166/' was loaded over HTTPS, but requested an insecure element 'https://54.162.64.166/assets/136e75cc95cc286fe64f5a6c8494e73c.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security warning URL: https://54.162.64.166/
Message:
Mixed Content: The page at 'https://54.162.64.166/' was loaded over HTTPS, but requested an insecure element 'https://54.162.64.166/assets/c20a6a1d69c945f767a650047f55e616.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
network error URL: https://api.omappapi.com/v2/embed/82111?d=54.162.64.166
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
ad.360yield.com
ade.clmbtech.com
adgen.socdm.com
ads.stickyadstv.com
adx.dable.io
amplify.outbrain.com
analytics.google.com
api.connectme.gen3ventures.com
api.omappapi.com
api.stg.healthcare.com
api.userway.org
assets.healthcare.com
assets.stg.healthcare.com
backend.stg.pivothealth.com
bat.bing.com
c.bing.com
c.pmsrv.co
cdn.heapanalytics.com
cdn.linkedin.oribi.io
cdn.pivothealth.com
cdn.stg.pivothealth.com
cdn.taboola.com
cdn.userway.org
cds.taboola.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
create.leadid.com
create.lidstatic.com
criteo-sync.teads.tv
cs.adingo.jp
d.impactradius-event.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
dis.criteo.com
eb2.3lift.com
exchange.mediavine.com
geoip.healthcare.com
googleads.g.doubleclick.net
gum.criteo.com
healthcare.absmartly.io
heapanalytics.com
ib.adnxs.com
idsync.rlcdn.com
match.sharethrough.com
mug.criteo.com
p.typekit.net
pips.taboola.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.yimg.com
script.hotjar.com
secure.adnxs.com
sem-content.healthcare.com
sem-content.static.stg.healthcare.com
sem-content.stg.healthcare.com
session-manager-srv.stg.healthcare.com
simage2.pubmatic.com
snap.licdn.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.aralego.com
sync.outbrain.com
tags.bluekai.com
tg.socdm.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
widget.trustpilot.com
widget.us.criteo.com
widgets.getsitecontrol.com
www.consumersadvocate.org
www.facebook.com
www.google-analytics.com
www.google.co.nz
www.google.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
ade.clmbtech.com
ads.stickyadstv.com
exchange.mediavine.com
gum.criteo.com
s.ad.smaato.net
s.yimg.com
simage2.pubmatic.com
sync-criteo.ads.yieldmo.com
sync.aralego.com
sync.outbrain.com
104.254.150.241
104.254.151.36
104.69.166.9
106.10.236.146
107.23.160.3
124.146.215.2
124.146.215.50
13.107.42.14
13.224.249.127
13.224.249.33
13.227.254.113
13.227.254.18
13.228.126.19
13.33.45.104
139.5.84.243
141.226.224.32
141.226.229.48
151.101.1.44
169.61.92.29
172.67.74.137
18.155.68.61
18.155.68.83
18.155.68.90
182.161.73.136
182.161.73.146
184.51.96.11
23.106.127.53
23.207.189.59
23.73.13.34
2400:52e0:1500::868:1
2400:52e0:1500::982:1
2403:e800:e80b::2a63:8c8b
2403:e800:e80b::2a63:8c98
2404:6800:4003:c00::61
2404:6800:4003:c02::8a
2404:6800:4003:c02::8b
2404:6800:4003:c05::9c
2404:6800:4003:c11::5e
2404:6800:4003:c1a::9c
2404:6800:4003:c1c::6a
2406:2000:e4:1604::1001
2406:2600:7:100::1
2406:2600:7:100::9
2600:1f14:5db:eb22:950c:c609:3c1:aec8
2600:9000:20c7:1600:2:53b2:240:93a1
2600:9000:21b4:c000:a:8e7d:9900:93a1
2606:4700:10::ac43:29e5
2606:4700:3108::ac42:2ba2
2620:1ec:21::14
2620:1ec:c11::200
2a02:6ea0:d100::12
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
2a04:4e42::300
3.220.72.20
3.93.161.98
35.186.249.72
35.190.60.146
35.213.12.39
35.71.178.8
52.192.226.225
52.45.109.100
52.5.61.120
52.78.1.42
52.84.251.81
54.162.64.166
54.192.150.127
54.192.150.76
54.208.108.235
54.255.136.61
54.255.62.122
54.80.155.233
54.85.137.162
54.88.225.94
66.225.223.159
69.173.158.64
74.119.119.150
74.125.24.156
0497b6402ad1b1dc08d989315719679e72198c5ef7e22ba8c04ea700a1b1f493
07a8a241044bb89af59581c8b9fad102593937500a8672e760a53e0d22423041
0866546ae9c65964cd912860db934e24d99b401dca5a2a206b8df2cacc60bda5
0a7c567b36a7bfb198d6f6fbb8b26c0c1fbc557cd4f0fd696835974edd036f0a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ee67e5a03b11062d518adebc742de6581f24c3ed687f30f4fbe33dfbd798fd3
0fde9deed624e4b5d12a79b58f6b50183e0ab8f4aaff2714a0fddc048dd3a3a2
124f0540b0a531107030a6cd746f2c7b84acfe4469ba08b6792bb68da7edb984
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
13bc57bdc310b88479bcab865fc050d3fc3cf261e21cdcdbd6b2df007a9999bf
14bfa1b53f5beab07b9c1fe255d8430c762f3d96ec928f4d2371e3d352b46f7d
16b3f8f0f967d868905f80bd6f3fa58fa4f6539f37d077483f6277b9283423a1
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e23a3e7349370c74d1a9486de89b194fbce53ac98fe287103047e8c89f8c866
22b15f1a2451c511242cd590a2a1c51a13824b7ed1c03f630a110b8d35235699
23b7d1d3d11ee984c0eeb5407e429f6a50d253d192a1071efdc4d6cf7f7a17e8
25a332b615ba617402050c2ad992e7ce266af16eb90cbac8db8dde1c82cb2b69
2762efdd8a02efa13966154bbae58574765b6e6b4eeb3b52322fa48bc7c7656a
2b48a77af3d89ad8db4cb6b4e2a7c23b1455a52377d9ebe9429586f42c5d3b1f
2dc52c70994f11b7d32f6fa0a0a7d6a46238c7b3b915c57a88d4615ff900bea4
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
3057a807da59b59d510593ee7dedd249eaaa97b5e1e82dd52d7273279b61612d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3403d613f50bceb4070b9508d6dfa464af83220d181f51a25c5aa7b082a3f6f2
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
35e0e5ed1320a9a2c97661801b8fa39a8eb6c1720619d47552509bd84088d237
36aeabf490693f214315f98655aa5e871863fb6e4827d5e51aa70ee4578efa64
3cf657ff4006b51586ff78e1237ec1122d2ecf1a8c94037ec677164f21302d16
3e54d3a718f01690ef84406be953591f053c79c882567715ca740aac52617747
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3ea2d4f75e79041c433c0485f9c6abcd11534a49ddaea301aef0f32765bbdf0d
400685debe4eb400544d951739c1b096ff0b182e9e6874180a6dfaf9e8b20b9d
4264ee6537b2ac1024a1008887945010402537c147507799c0e5aa978c1dcfc9
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
48be3435b3e8ba49286ff9015ddfbd2fcbaa0b782a7596dc1831b784360fbc7d
49b26516c51896a37ff70afaa57bbc3424366fc15e8cbf8113d4a183483a4808
49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50ec49f1180683dcd7c9d21d73483bc0b5533f821a8186ba93df4b507b602b83
54456556640a2a051e8222dc7e15f43dad3c80560b704b291bb2596d7c0be418
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552ef87970896225e0b6556df77d222caf5f2e08a785f6100eb62ff0daba2998
55bdb1700149e5204204c06b154ee3d44990039e1227e75da7193378d160de01
5cf16ed82118de0ef58f633b7b55b298747bac9e2eb4238ca4612f869fb399ea
5f5b9284b06bbb2de1dd0a3439bc93fd2e077a8eb67854e4d03f08cb8e7d538e
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
6104bdac5ac5de208c611137a48b76467ceb7dc45ffea7aeeb16abc1424c29e4
64ca0467fb4d0b14d0d403291c23dcf391c1a7a908307b094ddf6c978960f4e8
659612c858fdfd3b2bc564921fe199ed52eca03f7231317a08a8a7ee367d32d7
682d024eb13106e55aca8b26b9d95237ceacfe0f42f219c48c62e802f3a97fa3
7076a267f5614e45d4e08ecfa77c5d2c745b41576384d2099b7251b6ab094c1b
70bc9143bc98ba538566dcf61e4b25d6599f2592fcd401799e80683561645282
73702294091d20bfe2a7043ca982f37c6bc2367cfff622e309689b4b61f51543
7a01dccccd2c1eb4f2d97e438f9f2daf1b62a608074a8f98bbda8898a6181d59
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c8785f1b9882dabf96c8a3d9237f69133a82a1848404997fc74ab265d987afb
7e7e966cc4e3469d13b4921c2b7ea46b8581067d437cdeb9f30520b81338369e
815669bf882aa43c81d783e12ec71170f19e4740d238e2d562ae0ec3181291fd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
890f5d6859bb913dc2935ad99403a1fe79e9a26b83def87e97c1b413a34efbef
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
90734058f9833d9278ec4e2e8afb1a017e502b20d37038b9584ca8e00fc9b46a
9215786e740e3155a7a8e95e0ecb288d1e0d34cd2f2899baec01c101a83ac0e0
92a7286915985324213bbcd17fac7423d4a367971a865ed649ce3707b00f8a50
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d520b5baee197890785eda3c96fd8541d7b6c2ef85e50d41193f7163c170f14
a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f
a79e80efd02e155f0c808dd3e860c5425ef7826a664016f840ed31c2f27ddda3
a7b2944d1b7299220154f642ad0eab51f84dd3ea7dcf26c604160b50bc234b9c
aa371e034a981b24b77c5a36399f6ee3110cc109e5add1dd92c19b8601debe79
ab318c83c67b7098e4148ac3f3c0106d01fd8ca507578db6e9fe6d11a013a3a3
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04bd4821e0d92a4b473f4d7c87ed5d9f119728b31c567214be9fb06579178b8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b
b7a9cde8317792327c112065ec423196947efcc8059b14745c6a1c59cd77a66a
b8b923dc38765cde254bb77f2a778fbeeca2003089a6a41c9759692e4ee55c28
bb11bb30a77c79bdce6a1676fbcdc8db7bdb4f278cf865600762d43bc56084f3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbe3337cfc2901d3873a39713d3b5937a6cc5865b714dd2f313c2f447127fc1f
bd5f1393052d54adb5c5bd7460e398e3225665347823b41c3d61a61dc3d12d45
c46a7eab65eba181b392b9a2f90c549184f5db2acfb6a156a895e0246497853d
c99ff58c3dc4deb821c87dc9c45aed4af66541ceb1b0f62ec208114ffc37dbf4
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cda9076b32d2a74811697eb5aaf9619818f5ca900c09c4495b7465864976922e
d0bbe7e675b2b8074b3325ef5e48814f6e446c0570b1614cc9d9137f899c4c9b
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d302bc4557acc55b877b474d2ada718067dc8298acc22cc08b942f562f0a204e
d82a64d201223f5c3bb5d03af3306a6c9ada1b9ff1070d2e00a6261896a607fd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de81739aca8e79c1467ea25444a2a702f4ae2b71b0b752fbb25f4244d9dd2dc1
df904a0cf268792700550e67132c83bc7124552151fb43c10cc09134578ac633
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e82346cb8dbe953e34113ccc846918d0d71609080fdef2bb13f4e6b663dd7e11
ece9c2dcd8e47cdcdbbf79551d6f6f0e5f9233f783c2d0433500a62b72122887
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e0822f04ef4703af3e00d44be48b72cc382ec0d5e009e47107714d03c4581e
f47610b3fdc05db98b88943cb3e12d8c7fbe96f224e5db8f99be96cbfb27a134
f49b01d5fc657275b8ef5301d11893a555540f071cf942318b563d382d44e855
f862b75852f41af6425a1637fbc250a5755de256b28e8d57776695d7e66958a5
f90f1a35920e7c50743e786647dc78ea23875bd5ead6cac3fe24abc5edc2e26d
f93dd70e1b6aaa475552f3166599b0ad29a8de1d0e80c11a9d62c356108dcab2
f9bc415f93867590112624be30ff842bdd5da1bf9525aa718440097c5b5adffc
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fbcdfce7a8a9980e7c9efafc0ee26f9dd6fbcefa31cba847f21a7ce0db4f212e