epsilon7.safegardtravelmedicine.com Open in urlscan Pro
173.197.188.236 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://epsilon7.safegardtravelmedicine.com/
Submission: On July 23 via automatic, source certstream-suspicious (July 23rd 2020, 10:18:25 pm UTC)

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 22 HTTP transactions. The main IP is 173.197.188.236, located in Pullman, United States and belongs to OCEANIC-INTERNET-RR, US. The main domain is epsilon7.safegardtravelmedicine.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on July 23rd 2020. Valid for: 3 months.

This is the only time epsilon7.safegardtravelmedicine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	173.197.188.236 173.197.188.236	10838 (OCEANIC-I...) (OCEANIC-INTERNET-RR)
2 5	104.16.84.55 104.16.84.55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.71.113 104.18.71.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
22	10

9 173.197.188.236 (Pullman, United States)

ASN10838 (OCEANIC-INTERNET-RR, US)

epsilon7.safegardtravelmedicine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.84.55 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

v2.zopim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.71.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (United States)

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	safegardtravelmedicine.com epsilon7.safegardtravelmedicine.com	190 KB
5	zopim.com 2 redirects v2.zopim.com	258 KB
2	facebook.com www.facebook.com	478 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	facebook.net connect.facebook.net	166 KB
2	zdassets.com static.zdassets.com ekr.zdassets.com	8 KB
1	doubleclick.net stats.g.doubleclick.net	99 B
1	crazyegg.com script.crazyegg.com
1	googleapis.com fonts.googleapis.com	670 B
22	9

	Domain	Requested by
9	epsilon7.safegardtravelmedicine.com	epsilon7.safegardtravelmedicine.com
5	v2.zopim.com	2 redirects epsilon7.safegardtravelmedicine.com v2.zopim.com
2	www.facebook.com	epsilon7.safegardtravelmedicine.com
2	www.google-analytics.com	1 redirects epsilon7.safegardtravelmedicine.com
2	connect.facebook.net	epsilon7.safegardtravelmedicine.com connect.facebook.net
1	stats.g.doubleclick.net	epsilon7.safegardtravelmedicine.com
1	ekr.zdassets.com	static.zdassets.com
1	script.crazyegg.com	epsilon7.safegardtravelmedicine.com
1	fonts.googleapis.com	epsilon7.safegardtravelmedicine.com
1	static.zdassets.com	epsilon7.safegardtravelmedicine.com
22	10

This site contains links to these domains. Also see Links.

Domain
safegardtravelmedicine.com

Subject Issuer	Validity	Valid
epsilon7.safegardtravelmedicine.com ZeroSSL RSA Domain Secure Site CA	`2020-07-23` - `2020-10-21`	3 months	crt.sh
ssl911790.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-05-20` - `2020-11-26`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-09` - `2021-06-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.zopim.com COMODO RSA Domain Validation Secure Server CA	`2017-12-06` - `2020-12-29`	3 years	crt.sh

This page contains 3 frames:

Primary Page: https://epsilon7.safegardtravelmedicine.com/
Frame ID: 24563FED9EB412D8999B4E977F85E9AC
Requests: 20 HTTP requests in this frame

Frame: https://v2.zopim.com/widget/images/avatar_simple_visitor.png
Frame ID: 262080BBA1B0D51E994F79E754E18276
Requests: 1 HTTP requests in this frame

Frame: https://v2.zopim.com/widget/fonts/zopim.woff
Frame ID: FD2AFEA6DC86C91962EACE4413AAD2B4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

10
IPs

4
Countries

641 kB
Transfer

1965 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://safegardtravelmedicine.com/
Title: Safegard Travel Medicine

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://v2.zopim.com/?4XpRNRJ8gNhu6qwUdYEue53GmmV7oHxp HTTP 302
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 14

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=612353454&t=pageview&_s=1&dl=https%3A%2F%2Fepsilon7.safegardtravelmedicine.com%2F&ul=en-us&de=windows-1252&dt=Safegard%20Travel%20Medicine%20-%20Promoting%20health%20and%20wellness%20when%20traveling%20abroad.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAAB~&jid=162266106&gjid=1103178712&cid=765861174.1595542689&tid=UA-48591516-3&_gid=1586524201.1595542689&_r=1&z=111877895 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-48591516-3&cid=765861174.1595542689&jid=162266106&_gid=1586524201.1595542689&gjid=1103178712&_v=j83&z=111877895

Request Chain 16

https://v2.zopim.com/w?4XpRNRJ8gNhu6qwUdYEue53GmmV7oHxp HTTP 302
https://v2.zopim.com/bin/v/widget_v2.329.js

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
epsilon7.safegardtravelmedicine.com/ 11 KB
12 KB 781ms
195ms Document
text/html 173.197.188.236
OCEANIC-INTERNET-RR

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon7.safegardtravelmedicine.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.197.188.236 Pullman, United States, ASN10838 (OCEANIC-INTERNET-RR, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: bb05abe56bcae35117b707985c723e55c7018b024b0734776cb20ae158519a1c

Request headers

:method: GET
:authority: epsilon7.safegardtravelmedicine.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: private
content-type: text/html
server: Microsoft-IIS/10.0
set-cookie: ASPSESSIONIDSUBSDRBA=MDALIDABCKLODOIONCPJAACI; secure; path=/
date: Thu, 23 Jul 2020 22:18:07 GMT
content-length: 11657

GET
H2 200 testimonials-widget.css
epsilon7.safegardtravelmedicine.com/css/ 3 KB
3 KB 198ms
197ms Stylesheet
text/css 173.197.188.236
OCEANIC-INTERNET-RR

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon7.safegardtravelmedicine.com/css/testimonials-widget.css?ver=3.6.1
Requested by: Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.197.188.236 Pullman, United States, ASN10838 (OCEANIC-INTERNET-RR, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: fc19128648963188bb3c72ddb445f6c71345e4553952c5f4dbac5f3bd8cb2cc4

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:18:08 GMT
last-modified: Thu, 23 Jul 2020 21:09:02 GMT
server: Microsoft-IIS/10.0
etag: "b4def67d3561d61:0"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 2857

GET
H2 200 style.css
epsilon7.safegardtravelmedicine.com/css/ 50 KB
50 KB 212ms
211ms Stylesheet
text/css 173.197.188.236
OCEANIC-INTERNET-RR

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon7.safegardtravelmedicine.com/css/style.css?ver=2.0.1
Requested by: Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.197.188.236 Pullman, United States, ASN10838 (OCEANIC-INTERNET-RR, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d40ce7a55eb026b870b7ed9af8b343d6fe8bdd89db8f20cf95b55346aa111cb5

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:18:08 GMT
last-modified: Thu, 23 Jul 2020 21:09:02 GMT
server: Microsoft-IIS/10.0
etag: "e5e1f27d3561d61:0"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 50872

GET
H2 200 jquery.fancybox-1.3.5.pack.css
epsilon7.safegardtravelmedicine.com/css/ 4 KB
4 KB 392ms
391ms Stylesheet
text/css 173.197.188.236
OCEANIC-INTERNET-RR

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon7.safegardtravelmedicine.com/css/jquery.fancybox-1.3.5.pack.css?ver=1.5.5
Requested by: Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.197.188.236 Pullman, United States, ASN10838 (OCEANIC-INTERNET-RR, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a8f8e5f92f84a1f7955b9f5794a76c56a64e4b9dbcfabe11dddb7790a308c6b2

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:18:08 GMT
last-modified: Thu, 23 Jul 2020 21:09:02 GMT
server: Microsoft-IIS/10.0
etag: "2b1dee7d3561d61:0"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 3982

GET
H2 200 jquery.js Show response
epsilon7.safegardtravelmedicine.com/scripts/ 91 KB
91 KB 408ms
407ms Script
application/javascript 173.197.188.236
OCEANIC-INTERNET-RR

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon7.safegardtravelmedicine.com/scripts/jquery.js?ver=1.10.2
Requested by: Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.197.188.236 Pullman, United States, ASN10838 (OCEANIC-INTERNET-RR, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ac8e31ca027b7b2aca9fae073010b75af86df534c88fa3a6783b1c30c96e6caa

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:18:08 GMT
last-modified: Thu, 23 Jul 2020 21:11:03 GMT
server: Microsoft-IIS/10.0
etag: "967c2c63561d61:0"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 93085

GET
H2 200 jquery-migrate.min.js Show response
epsilon7.safegardtravelmedicine.com/scripts/ 7 KB
7 KB 397ms
396ms Script
application/javascript 173.197.188.236
OCEANIC-INTERNET-RR

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon7.safegardtravelmedicine.com/scripts/jquery-migrate.min.js?ver=1.2.1
Requested by: Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.197.188.236 Pullman, United States, ASN10838 (OCEANIC-INTERNET-RR, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:18:08 GMT
last-modified: Thu, 23 Jul 2020 21:11:03 GMT
server: Microsoft-IIS/10.0
etag: "29278c63561d61:0"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 7200

GET
H2 200 content-column-classes.css
epsilon7.safegardtravelmedicine.com/css/ 865 B
920 B 400ms
399ms Stylesheet
text/css 173.197.188.236
OCEANIC-INTERNET-RR

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon7.safegardtravelmedicine.com/css/content-column-classes.css
Requested by: Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.197.188.236 Pullman, United States, ASN10838 (OCEANIC-INTERNET-RR, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: aeede9247a966d5f5974efeda54a005786ef3c3ff5de7aabd62711feabfb4154

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:18:08 GMT
last-modified: Thu, 23 Jul 2020 21:09:02 GMT
server: Microsoft-IIS/10.0
etag: "e1dea37d3561d61:0"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 865

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/
Redirect Chain

https://v2.zopim.com/?4XpRNRJ8gNhu6qwUdYEue53GmmV7oHxp
https://static.zdassets.com/ekr/asset_composer.js

24 KB
7 KB

87ms
25ms

Script
application/javascript

104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Requested by

Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:18:08 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 30
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 522B8A71B466E8BA
x-amz-id-2: ybAe/DASedGD0Z5vpKiOvNrykBJ+7URtE0cT3Piq0mV13PbqwgGin5JZDRRptn2GG68hOaH2WeY=
last-modified: Tue, 10 Mar 2020 23:13:51 GMT
server: cloudflare
etag: W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: sY6Zq5SXmxNkbgD1V_h8h9T.ZhWYQwC3
cf-request-id: 041f5a6bc200000c092790b200000001
cf-ray: 5b78c68c6a3a0c09-AMS

Redirect headers

date: Thu, 23 Jul 2020 22:18:08 GMT
cf-cache-status: MISS
server: cloudflare
status: 302
etag: "5ee9874c-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
location: https://static.zdassets.com/ekr/asset_composer.js
cache-control: max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray: 5b78c68b9fb09d5a-AMS
content-length: 0
cf-request-id: 041f5a6b4100009d5a58bf1200000001
expires: Fri, 24 Jul 2020 02:18:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
34 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34220
x-xss-protection: 0
pragma: public
x-fb-debug: uLyqtkNhU2+593SPURGWdNdCDSQiabIWzVATbvYhRSMmVVGgy2ivttdokx8yE6pKA0iu3FVOK3h/CJ0s6w47Lg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 23 Jul 2020 22:18:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
670 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 22:14:56 GMT
server: ESF
date: Thu, 23 Jul 2020 22:18:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Jul 2020 22:18:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 149
date: Thu, 23 Jul 2020 22:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Fri, 24 Jul 2020 00:15:39 GMT

GET
H2 200 bg.gif
epsilon7.safegardtravelmedicine.com/images/ 51 B
135 B 193ms
192ms Image
image/gif 173.197.188.236
OCEANIC-INTERNET-RR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epsilon7.safegardtravelmedicine.com/images/bg.gif
Requested by: Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/scripts/jquery.js?ver=1.10.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.197.188.236 Pullman, United States, ASN10838 (OCEANIC-INTERNET-RR, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8060412680c00ddee726de7c0bf03a8f7128cbce8466d622147e748c5a46d885

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/css/style.css?ver=2.0.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:18:08 GMT
last-modified: Thu, 23 Jul 2020 21:09:03 GMT
server: Microsoft-IIS/10.0
etag: "36d7e7e3561d61:0"
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 51

GET
H2 200 safeguard-travel-logo.png
epsilon7.safegardtravelmedicine.com/images/ 23 KB
23 KB 196ms
195ms Image
image/png 173.197.188.236
OCEANIC-INTERNET-RR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epsilon7.safegardtravelmedicine.com/images/safeguard-travel-logo.png
Requested by: Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/scripts/jquery.js?ver=1.10.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.197.188.236 Pullman, United States, ASN10838 (OCEANIC-INTERNET-RR, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 626b7ddec33658f52785cc4ad89399e5102654d0792d87fa6b016b351f0981cd

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:18:08 GMT
last-modified: Thu, 23 Jul 2020 21:09:04 GMT
server: Microsoft-IIS/10.0
etag: "cdb7ed7e3561d61:0"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 23118

GET
H2 410 4222.js
script.crazyegg.com/pages/scripts/0051/ 0
0 559ms
538ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0051/4222.js?443206
Requested by: Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:18:09 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Jul 2020 22:18:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 410
cache-control: public, max-age=86400
cf-ray: 5b78c68d2e9596d4-FRA
content-length: 0
cf-request-id: 041f5a6c35000096d43a0bc200000001

GET
H2 200 4XpRNRJ8gNhu6qwUdYEue53GmmV7oHxp Show response
ekr.zdassets.com/compose/zopim_chat/ 194 B
658 B 225ms
186ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/zopim_chat/4XpRNRJ8gNhu6qwUdYEue53GmmV7oHxp

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c68f67eb7dcb8cf7dabdf99322685d57ab35e777912300547423dda3ef647fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:18:09 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: MISS
status: 200, 200 OK
strict-transport-security: max-age=0
cf-request-id: 041f5a6c530000fa68d539a200000001
x-request-id: 068e6dc1-d52f-478f-9931-9b23f7a0d333
x-runtime: 0.003821
server: cloudflare
etag: W/"7c68f67eb7dcb8cf7dabdf99322685d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 5b78c68d5896fa68-AMS

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=612353454&t=pageview&_s=1&dl=https%3A%2F%2Fepsilon7.safegardtravelmedicine.com%2F&ul=en-us&de=windows-1252&dt=Safegard%20Travel%20Medicine%20...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-48591516-3&cid=765861174.1595542689&jid=162266106&_gid=1586524201.1595542689&gjid=1103178712&_v=j83&z=111877895

35 B
99 B

14ms
14ms

Image
image/gif

2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-48591516-3&cid=765861174.1595542689&jid=162266106&_gid=1586524201.1595542689&gjid=1103178712&_v=j83&z=111877895

Requested by

Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 23 Jul 2020 22:18:08 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Jul 2020 22:18:08 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-48591516-3&cid=765861174.1595542689&jid=162266106&_gid=1586524201.1595542689&gjid=1103178712&_v=j83&z=111877895
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1794327957450602 Show response
connect.facebook.net/signals/config/ 522 KB
132 KB 122ms
122ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1794327957450602?v=2.9.22&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

297410423d0bee0ab9af3949fd5ef6ebd77bfa37a0409038e027b314a91c9ca1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: JRyhbkNwyO30MY1cEMkGxQyiOt/GpV7aq3MVCJrChIJzCLvRD+TfM/4ffPDPzyCd1cNsKfJVmRorTGco1ATKlw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 23 Jul 2020 22:18:09 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

widget_v2.329.js Show response
v2.zopim.com/bin/v/
Redirect Chain

https://v2.zopim.com/w?4XpRNRJ8gNhu6qwUdYEue53GmmV7oHxp
https://v2.zopim.com/bin/v/widget_v2.329.js

1 MB
244 KB

27ms
27ms

Script
application/javascript

104.16.84.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.zopim.com/bin/v/widget_v2.329.js
Requested by: Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.84.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ee72cd0f4913e403cd7af2c329f3220ac721873ea79e7006ac153e3bfc92f47

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:18:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Jun 2020 07:11:49 GMT
server: cloudflare
age: 58241
etag: W/"5ee087b5-102db5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=315360000
cf-ray: 5b78c68ec93b9d5a-AMS
cf-request-id: 041f5a6d3900009d5a58805200000001
expires: Sun, 21 Jul 2030 22:18:09 GMT

Redirect headers

date: Thu, 23 Jul 2020 22:18:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: "5ee9874c-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 302
content-type: application/octet-stream
location: https://v2.zopim.com/bin/v/widget_v2.329.js
cache-control: max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray: 5b78c68e79259d5a-AMS
content-length: 0
cf-request-id: 041f5a6d0f00009d5a58802200000001
expires: Fri, 24 Jul 2020 02:18:09 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
378 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1794327957450602&ev=PageView&dl=https%3A%2F%2Fepsilon7.safegardtravelmedicine.com%2F&rl=&if=false&ts=1595542689071&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&fbp=fb.1.1595542689070.239674797&it=1595542688903&coo=false&rqm=GET

Requested by

Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:18:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 23 Jul 2020 22:18:09 GMT

GET
H2 200 avatar_simple_visitor.png
v2.zopim.com/widget/images/ Frame 2620 638 B
861 B 26ms
25ms Image
image/png 104.16.84.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2.zopim.com/widget/images/avatar_simple_visitor.png
Requested by: Host: epsilon7.safegardtravelmedicine.com
URL: https://epsilon7.safegardtravelmedicine.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.84.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59b0b341f2377d03855e6151484cc22019c58f997a11577715121d710fd2386c

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:18:09 GMT
cf-cache-status: HIT
age: 58243
cf-polished: origSize=1922
status: 200
content-length: 638
cf-request-id: 041f5a6ef300009d5a5880d200000001
last-modified: Thu, 02 Mar 2017 11:22:19 GMT
server: cloudflare
etag: "58b8006b-782"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Thu, 30 Jul 2020 22:18:09 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 5b78c6918a769d5a-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 zopim.woff
v2.zopim.com/widget/fonts/ Frame FD2A 13 KB
13 KB 106ms
68ms Font
application/font-woff 104.16.84.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.zopim.com/widget/fonts/zopim.woff
Requested by: Host: v2.zopim.com
URL: https://v2.zopim.com/bin/v/widget_v2.329.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.84.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://epsilon7.safegardtravelmedicine.com/
Origin: https://epsilon7.safegardtravelmedicine.com

Response headers

date: Thu, 23 Jul 2020 22:18:09 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 22 Jan 2019 04:24:47 GMT
server: cloudflare
status: 200
etag: W/"5c469b0f-32c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 5b78c691dc9a0bfd-AMS
cf-request-id: 041f5a6f2800000bfd90068200000001
expires: Fri, 24 Jul 2020 02:18:09 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1794327957450602&ev=Microdata&dl=https%3A%2F%2Fepsilon7.safegardtravelmedicine.com%2F&rl=&if=false&ts=1595542689575&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Safegard%20Travel%20Medicine%20-%20Promoting%20health%20and%20wellness%20when%20traveling%20abroad.%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Safegard%20Travel%20Medicine%20-%20Promoting%20health%20and%20wellness%20when%20traveling%20abroad.%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fsafegardtravelmedicine.com%2F%22%2C%22og%3Asite_name%22%3A%22Safegard%20Travel%20Medicine%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A42%2C%22w%22%3A576%7D%2C%22properties%22%3A%7B%22name%22%3A%22The%20Best%20Travel%20Medicine%20Service%20Available%22%2C%22addressLocality%22%3A%22Woodinville%22%2C%22addressRegion%22%3A%22WA%22%2C%22telephone%22%3A%22800-792-5972%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FLocalBusiness%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.22&r=stable&ec=1&o=30&fbp=fb.1.1595542689070.239674797&it=1595542688903&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://epsilon7.safegardtravelmedicine.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:18:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 23 Jul 2020 22:18:09 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.safegardtravelmedicine.com/	1970-01-19 11:13:49	Name: _gid Value: GA1.2.1586524201.1595542689
.safegardtravelmedicine.com/	1970-01-19 13:21:58	Name: _fbp Value: fb.1.1595542689070.239674797
.safegardtravelmedicine.com/	1970-01-19 11:12:22	Name: _gat Value: 1
.safegardtravelmedicine.com/	1970-01-20 04:43:34	Name: _ga Value: GA1.2.765861174.1595542689
epsilon7.safegardtravelmedicine.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDSUBSDRBA Value: MDALIDABCKLODOIONCPJAACI

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 1794327957450602.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
ekr.zdassets.com
epsilon7.safegardtravelmedicine.com
fonts.googleapis.com
script.crazyegg.com
static.zdassets.com
stats.g.doubleclick.net
v2.zopim.com
www.facebook.com
www.google-analytics.com
104.16.84.55
104.18.70.113
104.18.71.113
173.197.188.236
2606:4700::6813:9308
2a00:1450:4001:816::200e
2a00:1450:4001:81e::200a
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1ee72cd0f4913e403cd7af2c329f3220ac721873ea79e7006ac153e3bfc92f47
297410423d0bee0ab9af3949fd5ef6ebd77bfa37a0409038e027b314a91c9ca1
59b0b341f2377d03855e6151484cc22019c58f997a11577715121d710fd2386c
626b7ddec33658f52785cc4ad89399e5102654d0792d87fa6b016b351f0981cd
7c68f67eb7dcb8cf7dabdf99322685d57ab35e777912300547423dda3ef647fe
8060412680c00ddee726de7c0bf03a8f7128cbce8466d622147e748c5a46d885
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
a8f8e5f92f84a1f7955b9f5794a76c56a64e4b9dbcfabe11dddb7790a308c6b2
ac8e31ca027b7b2aca9fae073010b75af86df534c88fa3a6783b1c30c96e6caa
aeede9247a966d5f5974efeda54a005786ef3c3ff5de7aabd62711feabfb4154
bb05abe56bcae35117b707985c723e55c7018b024b0734776cb20ae158519a1c
c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
d40ce7a55eb026b870b7ed9af8b343d6fe8bdd89db8f20cf95b55346aa111cb5
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
fc19128648963188bb3c72ddb445f6c71345e4553952c5f4dbac5f3bd8cb2cc4
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

epsilon7.safegardtravelmedicine.com Open in urlscan Pro 173.197.188.236 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

60 %IPv6

9 Domains

10 Subdomains

10 IPs

4 Countries

641 kBTransfer

1965 kBSize

5 Cookies

1 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

5 Cookies

1 Console Messages

Indicators

epsilon7.safegardtravelmedicine.com Open in urlscan Pro
173.197.188.236 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

10
IPs

4
Countries

641 kB
Transfer

1965 kB
Size

5
Cookies

22 HTTP transactions
0 data transactions