integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com Open in urlscan Pro
34.237.170.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Effective URL:
https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx
Submission: On June 28 via api (June 28th 2024, 1:08:30 pm UTC) from US — Scanned from US

Summary HTTP 42 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 18 IPs in 1 countries across 10 domains to perform 42 HTTP transactions. The main IP is 34.237.170.104, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on September 4th 2023. Valid for: a year.

This is the only time integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	34.237.170.104 34.237.170.104	14618 (AMAZON-AES) (AMAZON-AES)
3	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
3	108.138.85.47 108.138.85.47	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
1	15.197.151.86 15.197.151.86	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	3.162.125.33 3.162.125.33	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:400d:c0f::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::8b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::8b	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.175.99.61 35.175.99.61	14618 (AMAZON-AES) (AMAZON-AES)
4	2607:f8b0:400... 2607:f8b0:400d:c0c::68	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::9c	15169 (GOOGLE) (GOOGLE)
1	18.238.4.36 18.238.4.36	16509 (AMAZON-02) (AMAZON-02)
4	54.69.147.247 54.69.147.247	16509 (AMAZON-02) (AMAZON-02)
42	18

4 34.237.170.104 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-170-104.compute-1.amazonaws.com

integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.85.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-47.iad12.r.cloudfront.net

integ-cdn.skyslope.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c08::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.151.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: a9d4dea8e2661b2ed.awsglobalaccelerator.com

id-integ.skyslope.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.125.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-33.iad61.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c0f::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::8b (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::8b (Washington, United States)

ASN15169 (GOOGLE, US)

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.175.99.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-99-61.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c0c::68 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-36.phl51.r.cloudfront.net

cdn.skyslope.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.69.147.247 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-147-247.us-west-2.compute.amazonaws.com

integ-partnerships.skyslope.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	skyslope.com integ-cdn.skyslope.com id-integ.skyslope.com cdn.skyslope.com — Cisco Umbrella Rank: 198432 integ-partnerships.skyslope.com	5 MB
6	google.com google.com — Cisco Umbrella Rank: 1 www.google.com — Cisco Umbrella Rank: 5 analytics.google.com — Cisco Umbrella Rank: 174	272 B
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	536 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 70 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	5 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	6 KB
4	elasticbeanstalk.com 2 redirects integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com	17 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	77 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	68 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 2978 heapanalytics.com — Cisco Umbrella Rank: 2420	38 KB
42	10

	Domain	Requested by
6	www.googletagmanager.com	integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com www.googletagmanager.com
4	integ-partnerships.skyslope.com	cdn.skyslope.com
4	www.google.com	integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
4	www.facebook.com	integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
4	integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com	2 redirects integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	connect.facebook.net	integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com connect.facebook.net
3	integ-cdn.skyslope.com	integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
3	cdn.jsdelivr.net	integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	cdn.skyslope.com	integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
1	analytics.google.com	www.googletagmanager.com
1	heapanalytics.com	integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
1	google.com	www.googletagmanager.com
1	cdn.heapanalytics.com	integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
1	id-integ.skyslope.com	integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
42	17

This site contains links to these domains. Also see Links.

Domain
support.skyslope.com
www.skyslope.com
integ-partnerships.skyslope.com

Subject Issuer	Validity	Valid
*.skyslope.com Amazon RSA 2048 M03	`2023-09-04` - `2024-10-01`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
skyslope.com R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-06` - `2024-07-05`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2024-05-29` - `2025-06-26`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx
Frame ID: 09C8D707E7A2667B0911D92D963B4BC0
Requests: 41 HTTP requests in this frame

Frame: https://id-integ.skyslope.com/oauth2/ausku1rdgaFoooRXy357/v1/authorize?client_id=0oa4prf534IpS6gcV357&redirect_uri=https%3A%2F%2Finteg.skyslope.com%2FIndex.aspx&response_type=code&scope=openid%20profile%20email%20com.skyslope.groups%20com.skyslope.prime.subscriber%20com.skyslope.prime.accountid%20com.skyslope.digisign.userid%20com.skyslope.forms.api%20com.skyslope.marketplace.api&code_challenge=I-Otsiet6Px_eUUZZNvKFXMlth_LZaz7DGmhIKJ0bGQ&code_challenge_method=S256&state=OpenIdConnect.AuthenticationProperties%3DoBAPA3y7MZaE_9QkaSbrVx2SO-sct69x6hj4a3pyFRndG3Q7r23Ms4hR8TZt8gU74s3N1L3XNCf60qrwZGATPodKaVGn5SaUG6FcgIVT_Q41ALKsP559xTPE-pppPLahrj2dVcAfl_xdGBwsox2107YXKiVpST8ILGJJFg_APxb7Hx4UNc9Yb9ExWes8RLlulWVeIXGXStcHF3jp720JY9rVL7bm9FY-t9_y2Q655wAhOIW-hiO6SiMiGJqUqDfuyvVRe-ZGR50MhPXP4QYx0X_qbTjOAZDmfNIGzabN9rIS7Bqf4ntGD6qnpYbyR9nSmfVeJLx9Pb61GDH2gC-s3g&response_mode=form_post&nonce=638551769053557803.ZmYzYzNkNTEtNGIzNy00NmI3LTljMjMtN2Y2N2MyNzc4ZDQwZjIwYmExOTUtNTNkNS00MmJjLWJjOTItYjZlYzJkNjg1ZTAy&idp=0oa154s1ybu3Lbyo6357&x-client-SKU=ID_NET461&x-client-ver=5.3.0.0
Frame ID: 8AD11069D61A187236A3ADE239B1176D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SkySlope - Customer Secure Login Page

Page URL History Show full URLs

https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/ HTTP 302
https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

42
Requests

95 %
HTTPS

59 %
IPv6

10
Domains

17
Subdomains

18
IPs

1
Countries

5448 kB
Transfer

7046 kB
Size

14
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://support.skyslope.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://www.skyslope.com/terms-conditions/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.skyslope.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://integ-partnerships.skyslope.com/c/65f082150fd3900a377b3c37?m=eyJyIjoiaHR0cHM6Ly9pbnRlZy1wcmltZS51ZnFid2pqcmNqLnVzLWVhc3QtMS5lbGFzdGljYmVhbnN0YWxrLmNvbS9Mb2dpbkludGVncmF0ZWQuYXNweCIsImlkIjoibG9naW4iLCJ1cmwiOiJodHRwczovL2xvY2FsaXplb3MuY29tL3NreS1zbG9wZS8iLCJ2IjoibG9naW4iLCJoaWQiOiIzMzA5NjE3MTc2ODE5MjMyIn0=

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/ HTTP 302
https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/Auth/BackgroundLogin.ashx HTTP 302
https://id-integ.skyslope.com/oauth2/ausku1rdgaFoooRXy357/v1/authorize?client_id=0oa4prf534IpS6gcV357&redirect_uri=https%3A%2F%2Finteg.skyslope.com%2FIndex.aspx&response_type=code&scope=openid%20profile%20email%20com.skyslope.groups%20com.skyslope.prime.subscriber%20com.skyslope.prime.accountid%20com.skyslope.digisign.userid%20com.skyslope.forms.api%20com.skyslope.marketplace.api&code_challenge=I-Otsiet6Px_eUUZZNvKFXMlth_LZaz7DGmhIKJ0bGQ&code_challenge_method=S256&state=OpenIdConnect.AuthenticationProperties%3DoBAPA3y7MZaE_9QkaSbrVx2SO-sct69x6hj4a3pyFRndG3Q7r23Ms4hR8TZt8gU74s3N1L3XNCf60qrwZGATPodKaVGn5SaUG6FcgIVT_Q41ALKsP559xTPE-pppPLahrj2dVcAfl_xdGBwsox2107YXKiVpST8ILGJJFg_APxb7Hx4UNc9Yb9ExWes8RLlulWVeIXGXStcHF3jp720JY9rVL7bm9FY-t9_y2Q655wAhOIW-hiO6SiMiGJqUqDfuyvVRe-ZGR50MhPXP4QYx0X_qbTjOAZDmfNIGzabN9rIS7Bqf4ntGD6qnpYbyR9nSmfVeJLx9Pb61GDH2gC-s3g&response_mode=form_post&nonce=638551769053557803.ZmYzYzNkNTEtNGIzNy00NmI3LTljMjMtN2Y2N2MyNzc4ZDQwZjIwYmExOTUtNTNkNS00MmJjLWJjOTItYjZlYzJkNjg1ZTAy&idp=0oa154s1ybu3Lbyo6357&x-client-SKU=ID_NET461&x-client-ver=5.3.0.0

42 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request LoginIntegrated.aspx Show response
integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Redirect Chain

https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

12 KB
13 KB

22ms
21ms

Document
text/html

34.237.170.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.170.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-170-104.compute-1.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

531a36b81446f4b767f69367e2f225a8cd631be1c6ac8cd3af75dde9fabd0d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: https://integ-digisign.skyslope.com
cache-control: private,no-store
content-length: 12440
content-type: text/html; charset=utf-8
date: Fri, 28 Jun 2024 13:08:25 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-aspnet-version: 4.0.30319
x-content-type-options: nosniff
x-powered-by: ASP.NET

Redirect headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: https://integ-digisign.skyslope.com
cache-control: private,no-store
content-length: 138
content-type: text/html; charset=utf-8
date: Fri, 28 Jun 2024 13:08:25 GMT
location: /LoginIntegrated.aspx
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-powered-by: ASP.NET

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/ 158 KB
26 KB 29ms
7ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Origin: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jun 2024 13:08:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 15825508
x-jsd-version: 4.6.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26373
x-served-by: cache-fra-eddf8230063-FRA, cache-lga21943-LGA
x-jsd-version-type: version
etag: W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 skyslope-auth-widget.js Show response
integ-cdn.skyslope.com/login/widget/latest/dist/ 4 MB
4 MB 314ms
259ms Script
application/javascript 108.138.85.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integ-cdn.skyslope.com/login/widget/latest/dist/skyslope-auth-widget.js
Requested by: Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.85.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-85-47.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa74548b7e84d29ef14b657493981f3e289f57f6d277b8de0c025ac0f17d742c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Origin: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 13:08:26 GMT
x-amz-version-id: YkpvTuSnbHGNZkK3TIpWJC4Zm4UVYcJw
via: 1.1 7f211c0cbc2233e773b715bc4f4a435c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3817932
last-modified: Fri, 14 Jun 2024 19:34:17 GMT
server: AmazonS3
etag: "953482040ac3515d715049506f768eee"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 7wTsk0C_cZfEoJOtoP4rfZlJl4LqE6lNVlHJ3fxzQeQrmobZS3t9nA==

GET
H2 200 jquery.slim.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/ 71 KB
26 KB 31ms
10ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Origin: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jun 2024 13:08:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 14113244
x-jsd-version: 3.5.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26139
x-served-by: cache-fra-eddf8230022-FRA, cache-lga21943-LGA
x-jsd-version-type: version
etag: W/"11abc-z42YIVUtUbtQzlcuaWq6EwkGWAA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/ 61 KB
16 KB 30ms
9ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.min.js

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Origin: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jun 2024 13:08:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5119353
x-jsd-version: 4.6.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16588
x-served-by: cache-fra-eddf8230140-FRA, cache-lga21943-LGA
x-jsd-version-type: version
etag: W/"f463-4yQGPI9GxrKUJ98VQvECatIw9gQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 69ms
36ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-108391665-2

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

703e4e419d4a81297b8eac27149ec554905f5c82cb2d4f3d8fb7edcf9d96d57b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 13:08:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76692
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jun 2024 13:08:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 61ms
32ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-871394995

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a516e5a8600f95439b5f6a648a770a7b8b7d624365e60f1a25b3003bac4b2d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 13:08:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93274
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jun 2024 13:08:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
93 KB 92ms
63ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-858449108

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e52290036b958008eabecfc5c839395f64c33a45d942c945479014ceaa0cabe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 13:08:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94654
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jun 2024 13:08:25 GMT

GET
H/1.1

403
Forbidden

authorize
id-integ.skyslope.com/oauth2/ausku1rdgaFoooRXy357/v1/ Frame 8AD1
Redirect Chain

https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/Auth/BackgroundLogin.ashx
https://id-integ.skyslope.com/oauth2/ausku1rdgaFoooRXy357/v1/authorize?client_id=0oa4prf534IpS6gcV357&redirect_uri=https%3A%2F%2Finteg.skyslope.com%2FIndex.aspx&response_type=code&scope=openid%20pr...

0
0

336ms
123ms

Document
text/html

15.197.151.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id-integ.skyslope.com/oauth2/ausku1rdgaFoooRXy357/v1/authorize?client_id=0oa4prf534IpS6gcV357&redirect_uri=https%3A%2F%2Finteg.skyslope.com%2FIndex.aspx&response_type=code&scope=openid%20profile%20email%20com.skyslope.groups%20com.skyslope.prime.subscriber%20com.skyslope.prime.accountid%20com.skyslope.digisign.userid%20com.skyslope.forms.api%20com.skyslope.marketplace.api&code_challenge=I-Otsiet6Px_eUUZZNvKFXMlth_LZaz7DGmhIKJ0bGQ&code_challenge_method=S256&state=OpenIdConnect.AuthenticationProperties%3DoBAPA3y7MZaE_9QkaSbrVx2SO-sct69x6hj4a3pyFRndG3Q7r23Ms4hR8TZt8gU74s3N1L3XNCf60qrwZGATPodKaVGn5SaUG6FcgIVT_Q41ALKsP559xTPE-pppPLahrj2dVcAfl_xdGBwsox2107YXKiVpST8ILGJJFg_APxb7Hx4UNc9Yb9ExWes8RLlulWVeIXGXStcHF3jp720JY9rVL7bm9FY-t9_y2Q655wAhOIW-hiO6SiMiGJqUqDfuyvVRe-ZGR50MhPXP4QYx0X_qbTjOAZDmfNIGzabN9rIS7Bqf4ntGD6qnpYbyR9nSmfVeJLx9Pb61GDH2gC-s3g&response_mode=form_post&nonce=638551769053557803.ZmYzYzNkNTEtNGIzNy00NmI3LTljMjMtN2Y2N2MyNzc4ZDQwZjIwYmExOTUtNTNkNS00MmJjLWJjOTItYjZlYzJkNjg1ZTAy&idp=0oa154s1ybu3Lbyo6357&x-client-SKU=ID_NET461&x-client-ver=5.3.0.0

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.197.151.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9d4dea8e2661b2ed.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Fri, 28 Jun 2024 13:08:25 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
accept-ch: Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store
content-language: en
content-security-policy-report-only: default-src 'self' dev-628030.okta.com id-integ.skyslope.com *.oktacdn.com; connect-src 'self' dev-628030.okta.com dev-628030-admin.okta.com id-integ.skyslope.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com dev-628030.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' dev-628030.okta.com id-integ.skyslope.com *.oktacdn.com; style-src 'unsafe-inline' 'self' dev-628030.okta.com id-integ.skyslope.com *.oktacdn.com; frame-src 'self' dev-628030.okta.com dev-628030-admin.okta.com id-integ.skyslope.com login.okta.com *.vidyard.com api-78725686.duosecurity.com; img-src 'self' dev-628030.okta.com id-integ.skyslope.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' dev-628030.okta.com id-integ.skyslope.com data: *.oktacdn.com fonts.gstatic.com
expires: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-okta-request-id: Zn61yUaAkfZFDHr6C7A06QAAAxY
x-xss-protection: 0

Redirect headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: https://integ-digisign.skyslope.com
cache-control: private,no-store
content-length: 0
content-type: text/html
date: Fri, 28 Jun 2024 13:08:25 GMT
location: https://id-integ.skyslope.com/oauth2/ausku1rdgaFoooRXy357/v1/authorize?client_id=0oa4prf534IpS6gcV357&redirect_uri=https%3A%2F%2Finteg.skyslope.com%2FIndex.aspx&response_type=code&scope=openid%20profile%20email%20com.skyslope.groups%20com.skyslope.prime.subscriber%20com.skyslope.prime.accountid%20com.skyslope.digisign.userid%20com.skyslope.forms.api%20com.skyslope.marketplace.api&code_challenge=I-Otsiet6Px_eUUZZNvKFXMlth_LZaz7DGmhIKJ0bGQ&code_challenge_method=S256&state=OpenIdConnect.AuthenticationProperties%3DoBAPA3y7MZaE_9QkaSbrVx2SO-sct69x6hj4a3pyFRndG3Q7r23Ms4hR8TZt8gU74s3N1L3XNCf60qrwZGATPodKaVGn5SaUG6FcgIVT_Q41ALKsP559xTPE-pppPLahrj2dVcAfl_xdGBwsox2107YXKiVpST8ILGJJFg_APxb7Hx4UNc9Yb9ExWes8RLlulWVeIXGXStcHF3jp720JY9rVL7bm9FY-t9_y2Q655wAhOIW-hiO6SiMiGJqUqDfuyvVRe-ZGR50MhPXP4QYx0X_qbTjOAZDmfNIGzabN9rIS7Bqf4ntGD6qnpYbyR9nSmfVeJLx9Pb61GDH2gC-s3g&response_mode=form_post&nonce=638551769053557803.ZmYzYzNkNTEtNGIzNy00NmI3LTljMjMtN2Y2N2MyNzc4ZDQwZjIwYmExOTUtNTNkNS00MmJjLWJjOTItYjZlYzJkNjg1ZTAy&idp=0oa154s1ybu3Lbyo6357&x-client-SKU=ID_NET461&x-client-ver=5.3.0.0
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-aspnet-version: 4.0.30319
x-content-type-options: nosniff
x-powered-by: ASP.NET

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 221 KB
59 KB 51ms
14ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Jun 2024 13:08:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58251
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=12, mss=1328, tbw=2783, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: GlntgsUy6A3/u5/jHepndfOG6P0UGdg/8HKNCek98DVbJL6Rp8mQ5qaTav/Uuj5lLmsM7bKNL0DkcoSgPtMzVQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 heap-1196387243.js Show response
cdn.heapanalytics.com/js/ 117 KB
37 KB 160ms
125ms Script
application/javascript 3.162.125.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1196387243.js

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.125.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-125-33.iad61.r.cloudfront.net

Software

nginx / Express

Resource Hash

e129d25d4613382bf2775f29b802da84ad3be890c82d52efb05512bcba2b41ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 13:08:25 GMT
content-encoding: br
via: 1.1 7af6fcba5fc7d18afd4c6d456b52e886.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: IAD61-P3
x-powered-by: Express
etag: W/"1d207-B01CnjHNEyDHsnvY2w6Y78CmRYY"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: rXyevmzdgfaaQx5IzpmWL8nQX5Q7o57Zf97-P6OpgII98kuwp7f6EQ==

GET
H2 200 395120190693385 Show response
connect.facebook.net/signals/config/ 66 KB
14 KB 70ms
68ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/395120190693385?v=2.9.159&r=stable&domain=integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be66f32cf01a55dc9237bf1cf86fa95fd650af7d357c02e53fa7dd29455aea13

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Jun 2024 13:08:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=63, mss=1328, tbw=63745, tp=-1, tpl=-1, uplat=54, ullat=0
pragma: public
x-fb-debug: 02Rt3gCNjlbI68TrDtuHQwX/6ASY9L21xzShfsGrt5za7gqgMt19yQ8Z4N2VtJjlYTdWTyvvNCerorgq6HGaqQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 34ms
33ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-108391665-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-871394995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc70b76f0a70a647f60c705a03416bcaf63dee39cc13bcd28efe6eeb21725130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 13:08:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76686
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jun 2024 13:08:25 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/871394995/ 3 KB
1 KB 73ms
29ms Script
text/javascript 2607:f8b0:400d:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/871394995/?random=1719580105498&cv=11&fst=1719580105498&bg=ffffff&guid=ON&async=1&gtm=45be46q0v882239311za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Finteg-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com%2FLoginIntegrated.aspx&hn=www.googleadservices.com&frm=0&tiba=SkySlope%20-%20Customer%20Secure%20Login%20Page&npa=0&pscdl=noapi&auid=622929687.1719580106&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-871394995

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a70dcc541ad1ef1f2d684261f270f48e1b7129e971382a85ef1b4b3a498f02e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 13:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1473
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
93 KB 37ms
35ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-858449108&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-871394995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18d8e4ee624d4a4f677c7417afac4a4508d4702cdb122e973d81ccdd7ee868dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 13:08:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94658
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jun 2024 13:08:25 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 346 KB
109 KB 32ms
31ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F5E3DZNMEB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108391665-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e87abe5aea7573452a2ffd84c39882188722afb2cff0dd94f8055fce849ed92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 13:08:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111860
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Jun 2024 13:08:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 51ms
16ms Script
text/javascript 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108391665-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Jun 2024 12:40:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1698
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 28 Jun 2024 14:40:07 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/858449108/ 3 KB
1 KB 30ms
29ms Script
text/javascript 2607:f8b0:400d:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/858449108/?random=1719580105583&cv=11&fst=1719580105583&bg=ffffff&guid=ON&async=1&gtm=45be46q0za200zb882239311&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Finteg-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com%2FLoginIntegrated.aspx&hn=www.googleadservices.com&frm=0&tiba=SkySlope%20-%20Customer%20Secure%20Login%20Page&npa=0&pscdl=noapi&auid=622929687.1719580106&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-858449108

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95dbe1dffe64fc20a200f0a1aa2a59e8c12e26db29feaf3c03395b5086c4e32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 13:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1486
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/858449108/ 3 KB
2 KB 31ms
30ms Script
text/javascript 2607:f8b0:400d:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/858449108/?random=1719580105601&cv=11&fst=1719580105601&bg=ffffff&guid=ON&async=1&gtm=45be46q0za200zb882239311&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Finteg-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com%2FLoginIntegrated.aspx&label=zm81CIvIubIDENTJq5kD&hn=www.googleadservices.com&frm=0&tiba=SkySlope%20-%20Customer%20Secure%20Login%20Page&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=622929687.1719580106&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-858449108

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1fc307f3fbb777cd25b2d88e92da0feb1aa454f01b53763b23670fdd16f139d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 13:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1555
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 858449108
google.com/ccm/form-data/ 0
17 B 55ms
23ms Ping
text/plain 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/858449108?gtm=45be46q0za200zb882239311&gcd=13l3l3l3l1&dma=0&tag_exp=0&label=zm81CIvIubIDENTJq5kD&npa=0&frm=0&pscdl=noapi&auid=622929687.1719580106&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-858449108
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 13:08:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 604456323367030 Show response
connect.facebook.net/signals/config/ 27 KB
4 KB 70ms
69ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/604456323367030?v=2.9.159&r=stable&domain=integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C127%2C115%2C143

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e7fcf5d70822479f3b88d0e68abcb47503c7dfd038863b2eaeeb49e27a67a711

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Jun 2024 13:08:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=23, mss=1232, tbw=4331, tp=9, tpl=0, uplat=48, ullat=0
pragma: public
x-fb-debug: jGvsqBOmpfnBXpITndtPbGh34fMJJjXHg8jQKEMypSkEciEH7uJF1PqRsaECFb7O+Qsxn6gJNyYDE72jrRgBUg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 65ms
31ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=395120190693385&ev=PageView&dl=https%3A%2F%2Finteg-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com%2FLoginIntegrated.aspx&rl=&if=false&ts=1719580105644&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.3.1719580105639.772336332280329889&cs_est=true&ler=empty&cdl=API_unavailable&it=1719580105462&coo=false&rqm=GET

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1328, tbw=2832, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Jun 2024 13:08:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 125ms
92ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=395120190693385&ev=PageView&dl=https%3A%2F%2Finteg-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com%2FLoginIntegrated.aspx&rl=&if=false&ts=1719580105644&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.3.1719580105639.772336332280329889&cs_est=true&ler=empty&cdl=API_unavailable&it=1719580105462&coo=false&rqm=FGET

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x861f24739d11facd","source_keys":["1","2"]},{"key_piece":"0x4a6383d8d5435424","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 28 Jun 2024 13:08:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7385540314857282020", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=15, mss=1328, tbw=3150, tp=-1, tpl=-1, uplat=78, ullat=0
pragma: no-cache
x-fb-debug: U1diJ/xvUK5wKtNEynsokcmn5Z5k9ZCEjHvZXlNYpYEoQ13lIl9+NXeJQxPeYyVRnpG48Y8KU0+Y9o70wX0G8g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7385540314857282020"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 70ms
14ms Image
image/gif 35.175.99.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1196387243&u=3309617176819232&v=2314853754080141&s=1784674349992828&b=web&tv=4.0&z=0&h=%2FLoginIntegrated.aspx&d=integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com&t=SkySlope%20-%20Customer%20Secure%20Login%20Page&ts=1719580105656&ubv=126.0.6478.126&upv=10.0.0&sch=1200&scw=1600&st=1719580105667

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.175.99.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-175-99-61.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 13:08:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H3 200 /
www.google.com/pagead/1p-user-list/871394995/ 42 B
64 B 84ms
25ms Image
image/gif 2607:f8b0:400d:c0c::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/871394995/?random=1719580105498&cv=11&fst=1719579600000&bg=ffffff&guid=ON&async=1&gtm=45be46q0v882239311za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Finteg-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com%2FLoginIntegrated.aspx&hn=www.googleadservices.com&frm=0&tiba=SkySlope%20-%20Customer%20Secure%20Login%20Page&npa=0&pscdl=noapi&auid=622929687.1719580106&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLBXz5xVpv-xnCvnKptz2_6Co4iLYWhw&random=4115480993&rmt_tld=0&ipr=y

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::68 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 13:08:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 49ms
23ms Fetch
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-F5E3DZNMEB&gtm=45je46q0v887192334za200&_p=1719580105355&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1185740688.1719580106&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1719580105&sct=1&seg=0&dl=https%3A%2F%2Finteg-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com%2FLoginIntegrated.aspx&dt=SkySlope%20-%20Customer%20Secure%20Login%20Page&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=555&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F5E3DZNMEB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 13:08:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
272 B 56ms
23ms Ping
text/plain 2607:f8b0:4004:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-F5E3DZNMEB&cid=1185740688.1719580106&gtm=45je46q0v887192334za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F5E3DZNMEB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 13:08:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
234 B 24ms
23ms XHR
text/plain 2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1833476646&t=pageview&_s=1&dl=https%3A%2F%2Finteg-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com%2FLoginIntegrated.aspx&ul=en-us&de=UTF-8&dt=SkySlope%20-%20Customer%20Secure%20Login%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=687604392&gjid=804808148&cid=1185740688.1719580106&tid=UA-108391665-2&_gid=529255886.1719580106&_r=1&gtm=457e46q0za200zb882239311&gcd=13l3l3l3l1&dma=0&tag_exp=0&jsscut=1&z=1952819693

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 13:08:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/858449108/ 42 B
64 B 29ms
29ms Image
image/gif 2607:f8b0:400d:c0c::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/858449108/?random=1719580105583&cv=11&fst=1719579600000&bg=ffffff&guid=ON&async=1&gtm=45be46q0za200zb882239311&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Finteg-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com%2FLoginIntegrated.aspx&hn=www.googleadservices.com&frm=0&tiba=SkySlope%20-%20Customer%20Secure%20Login%20Page&npa=0&pscdl=noapi&auid=622929687.1719580106&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLUTKDeUr363gDV3CaI3_fO5zKp__ichMN5ZnMOFk6sN7hXi1f&random=3460516490&rmt_tld=0&ipr=y

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::68 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 13:08:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/858449108/ 42 B
64 B 30ms
30ms Image
image/gif 2607:f8b0:400d:c0c::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/858449108/?random=1719580105601&cv=11&fst=1719579600000&bg=ffffff&guid=ON&async=1&gtm=45be46q0za200zb882239311&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Finteg-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com%2FLoginIntegrated.aspx&label=zm81CIvIubIDENTJq5kD&hn=www.googleadservices.com&frm=0&tiba=SkySlope%20-%20Customer%20Secure%20Login%20Page&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=622929687.1719580106&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLF99ACi6f4HajJuNUzRVhvwTryIeZP8QLROUWtN1ww48aHAVG&random=281507234&rmt_tld=0&ipr=y

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::68 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 13:08:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 25ms
24ms XHR
text/plain 2607:f8b0:4004:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-108391665-2&cid=1185740688.1719580106&jid=687604392&gjid=804808148&_gid=529255886.1719580106&_u=YADAAUAAAAAAACAAI~&z=39614475

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jun 2024 13:08:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 15ms
13ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=604456323367030&ev=PageView&dl=https%3A%2F%2Finteg-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com%2FLoginIntegrated.aspx&rl=&if=false&ts=1719580105827&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.3.1719580105639.772336332280329889&cs_est=true&ler=empty&cdl=API_unavailable&it=1719580105462&coo=false&rqm=GET

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=15, mss=1328, tbw=6953, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Jun 2024 13:08:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
2 KB 73ms
73ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=604456323367030&ev=PageView&dl=https%3A%2F%2Finteg-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com%2FLoginIntegrated.aspx&rl=&if=false&ts=1719580105827&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.3.1719580105639.772336332280329889&cs_est=true&ler=empty&cdl=API_unavailable&it=1719580105462&coo=false&rqm=FGET

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xbc81d205cba01899","source_keys":["1","2"]},{"key_piece":"0x2ca319fa1884b3cc","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 28 Jun 2024 13:08:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7385540315059947366", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=15, mss=1328, tbw=7099, tp=-1, tpl=-1, uplat=25, ullat=0
pragma: no-cache
x-fb-debug: WCmZuPGqr5aVfZ5+VEpQEcxcZEfQ+loticlh0BXYrbD8iO61C/UIgFK/XcfQSyV2yznZowqnxGytJY7H4y2fxg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7385540315059947366"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 75ms
73ms Image
image/gif 2607:f8b0:400d:c0c::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-108391665-2&cid=1185740688.1719580106&jid=687604392&_u=YADAAUAAAAAAACAAI~&z=116153431

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::68 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 13:08:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.mjs Show response
cdn.skyslope.com/parnerships-sdk/2.0.0/ 6 KB
3 KB 108ms
68ms Script
application/javascript 18.238.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.skyslope.com/parnerships-sdk/2.0.0/index.mjs
Requested by: Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-36.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 58b327873e2b75a12c9fe17e705ac671d501b7914765ce46d1f43ddcba53f213

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Origin: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: xiI9nJME5FYCZDSlpSqcmeNXrGlHvhAs
content-encoding: gzip
via: 1.1 a7253311f94fb967603a1d22f7a3c43a.cloudfront.net (CloudFront)
date: Fri, 28 Jun 2024 13:08:27 GMT
x-amz-cf-pop: PHL51-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 14 Feb 2024 00:02:42 GMT
server: AmazonS3
etag: W/"e7f79ca0634f05f640495882306f3cb3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
x-amz-cf-id: dJu9k8ut_dqGFxR9ctm0j__9JpFKebpJ_JRKl7qluTeAznglDthbHw==

GET
H2 200 GetNotifications Show response
integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/Api/NotificationsApi.asmx/ 846 B
1 KB 27ms
26ms Fetch
application/json 34.237.170.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/Api/NotificationsApi.asmx/GetNotifications

Requested by

Host: integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
URL: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.170.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-170-104.compute-1.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2225da2550c28cd79fa62a65a485f38584198307a69ba66b39ba061614d2fdce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/LoginIntegrated.aspx
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 13:08:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://integ-digisign.skyslope.com
cache-control: private, max-age=0,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 846

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b439cd165eed39d54186152532d29896b1137c27d4a1d4df6411d5e13643665

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 partnerships Show response
integ-partnerships.skyslope.com/ 8 KB
8 KB 219ms
218ms Fetch
application/json 54.69.147.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integ-partnerships.skyslope.com/partnerships?
Requested by: Host: cdn.skyslope.com
URL: https://cdn.skyslope.com/parnerships-sdk/2.0.0/index.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.69.147.247 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-147-247.us-west-2.compute.amazonaws.com
Software: envoy /
Resource Hash: 3c2ec3c3d61ab393c24b12934d9fca6597b505459f51608cccc151c3b3efb264

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 28 Jun 2024 13:08:26 GMT
x-envoy-upstream-service-time: 132
server: envoy
content-length: 8460
vary: Origin
content-type: application/json; charset=utf-8

OPTIONS
H2 204 partnerships
integ-partnerships.skyslope.com/ Frame 0
0 289ms
86ms Preflight 54.69.147.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integ-partnerships.skyslope.com/partnerships?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.69.147.247 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-147-247.us-west-2.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 28 Jun 2024 13:08:26 GMT
server: envoy
vary: Origin, Access-Control-Request-Headers
x-envoy-upstream-service-time: 1

GET
H3 200 favicon.ico
integ-cdn.skyslope.com/theme/img/ 15 KB
15 KB 157ms
140ms Other
image/vnd.microsoft.icon 108.138.85.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integ-cdn.skyslope.com/theme/img/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.85.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-85-47.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6031db9d2bd4fd5a5004e832becde8967d1958fb3611dc258a26d6026e15e5c4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 13:08:27 GMT
x-amz-version-id: yqKqd6Aa3ZWqB4JGWN9WotE.8SPEaCJf
via: 1.1 0cba74644cedf83bb6fb7dc90d8b0980.cloudfront.net (CloudFront)
last-modified: Wed, 07 Sep 2022 22:51:26 GMT
server: AmazonS3
x-amz-cf-pop: IAD12-P2
etag: "0bb4c1f660353979b4a665817000bbc0"
x-cache: Miss from cloudfront
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 15086
x-amz-cf-id: IMA-s9kng1mNVhuZi44yFFRl5EaSOX2Rl-J0bxQsPlyBwXieOQoYNQ==

OPTIONS
H2 204 65f082150fd3900a377b3c37
integ-partnerships.skyslope.com/i/ Frame 0
0 88ms
87ms Preflight 54.69.147.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integ-partnerships.skyslope.com/i/65f082150fd3900a377b3c37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.69.147.247 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-147-247.us-west-2.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 28 Jun 2024 13:08:26 GMT
server: envoy
vary: Origin, Access-Control-Request-Headers
x-envoy-upstream-service-time: 2

POST
H2 200 65f082150fd3900a377b3c37 Show response
integ-partnerships.skyslope.com/i/ 11 B
164 B 153ms
153ms Fetch
application/json 54.69.147.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integ-partnerships.skyslope.com/i/65f082150fd3900a377b3c37
Requested by: Host: cdn.skyslope.com
URL: https://cdn.skyslope.com/parnerships-sdk/2.0.0/index.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.69.147.247 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-147-247.us-west-2.compute.amazonaws.com
Software: envoy /
Resource Hash: 4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 28 Jun 2024 13:08:27 GMT
x-envoy-upstream-service-time: 67
server: envoy
content-length: 11
vary: Origin
content-type: application/json; charset=utf-8

GET
H3 200 4b2d0cd3-8bdc-4bc6-b50a-2470c4a5770a.svg
integ-cdn.skyslope.com/marketing/ 922 KB
923 KB 109ms
108ms Image
image/svg+xml 108.138.85.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://integ-cdn.skyslope.com/marketing/4b2d0cd3-8bdc-4bc6-b50a-2470c4a5770a.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.85.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-85-47.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1745526c9bc34d27ec792134b4e2d3077b86ba03eab5e99402b5b859ef76704

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 13:08:27 GMT
x-amz-version-id: blJL6GVPhg4_6rrI8iJEnt.ZeNJ4MxSP
via: 1.1 0cba74644cedf83bb6fb7dc90d8b0980.cloudfront.net (CloudFront)
last-modified: Tue, 12 Mar 2024 16:25:55 GMT
server: AmazonS3
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
etag: "05c807543a0790a63d6de85bd583c657"
x-cache: Miss from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 944180
x-amz-cf-id: 1DFRowSiYudOjvUgzdfNaaC5jjJQW83WI05C7S-mxpAJra5l8zABdg==

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/	1969-12-31 23:59:59	Name: app.skyslope.com-dev Value: izunya0er3uhp02wqf4mxz0a
integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/	1970-01-20 21:39:41	Name: OpenIdConnect.nonce.ptZVqSeS3vULf3UqaXDTtt5%2B4uAaeg7ERqDL77mJ9cY%3D Value: azBvSzI1czh3TlN6ZXJFQlh2LVo3a3hlcERkNl9weXQ0NlZvbTNyS3cyQWhRT0piWEpOSW9YeDhoVk5IWE5EM1NfMHlRR0t4SHBpM3hGamdPejd5QTAzcTJGX291X2ViWjRRVGFGeGZlSkpSQk5vVERTbF9Jc0RaT1A3OTFlU2JJT2Eyc3ladmFYc0hMd21yNUVuRFdqdTd4SmZaTXYyZGlkRHVrbzBmanJjZWVZMS12OGpNMlh6YWNYZFhwNF9JV1lKNmlZV0F2cVdqMkZMUTJqX043dEZKVDFENUY1MHNXcC1GU0Vwb3hRdw%3D%3D
.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/	1970-01-20 23:49:16	Name: _gcl_au Value: 1.1.622929687.1719580106
.doubleclick.net/	1970-01-21 07:15:40	Name: IDE Value: AHWqTUnpdT4H6Yg43T-GzAyOv2D1X9t9zE5YkDmGGI-M9SHdVnCXCPXhtoZlwSkR
.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/	1970-01-20 23:49:16	Name: _fbp Value: fb.3.1719580105639.772336332280329889
.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/	1970-01-21 07:07:37	Name: _hp2_id.1196387243 Value: %7B%22userId%22%3A%223309617176819232%22%2C%22pageviewId%22%3A%222314853754080141%22%2C%22sessionId%22%3A%221784674349992828%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
id-integ.skyslope.com/	1970-01-21 07:15:40	Name: DT Value: DI1Bfd7pFm9SuGxw-OfMqniMg
.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/	1970-01-21 07:15:40	Name: _ga Value: GA1.4.1185740688.1719580106
.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/	1970-01-20 21:41:06	Name: _gid Value: GA1.4.529255886.1719580106
.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/	1970-01-20 21:39:40	Name: _gat_gtag_UA_108391665_2 Value: 1
.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/	1970-01-21 07:15:40	Name: _ga_F5E3DZNMEB Value: GS1.1.1719580105.1.0.1719580105.60.0.0
.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/	1970-01-20 21:39:41	Name: _hp2_ses_props.1196387243 Value: %7B%22ts%22%3A1719580105656%2C%22d%22%3A%22integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com%22%2C%22h%22%3A%22%2FLoginIntegrated.aspx%22%7D
integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/	1970-01-20 21:49:44	Name: AWSALB Value: DS+3ndCmdLwuWBlFahaChYA0zKif92ipnLgqPPUfda4YsW80R2rYHq9oboyMBmBVIq8+Z3+Q2iKoEEY3XWCJv2pWTADT31HKjAmILpMHyfcrghfT+ipQBpfXXoUM
integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com/	1970-01-20 21:49:44	Name: AWSALBCORS Value: DS+3ndCmdLwuWBlFahaChYA0zKif92ipnLgqPPUfda4YsW80R2rYHq9oboyMBmBVIq8+Z3+Q2iKoEEY3XWCJv2pWTADT31HKjAmILpMHyfcrghfT+ipQBpfXXoUM

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.heapanalytics.com
cdn.jsdelivr.net
cdn.skyslope.com
connect.facebook.net
google.com
googleads.g.doubleclick.net
heapanalytics.com
id-integ.skyslope.com
integ-cdn.skyslope.com
integ-partnerships.skyslope.com
integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
108.138.85.47
15.197.151.86
18.238.4.36
2001:4860:4802:34::181
2607:f8b0:4004:c06::8b
2607:f8b0:4004:c08::61
2607:f8b0:4004:c0b::9c
2607:f8b0:4004:c1b::8b
2607:f8b0:400d:c0c::68
2607:f8b0:400d:c0f::9b
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:400::485
3.162.125.33
34.237.170.104
35.175.99.61
54.69.147.247
18d8e4ee624d4a4f677c7417afac4a4508d4702cdb122e973d81ccdd7ee868dd
2225da2550c28cd79fa62a65a485f38584198307a69ba66b39ba061614d2fdce
3a70dcc541ad1ef1f2d684261f270f48e1b7129e971382a85ef1b4b3a498f02e
3b439cd165eed39d54186152532d29896b1137c27d4a1d4df6411d5e13643665
3c2ec3c3d61ab393c24b12934d9fca6597b505459f51608cccc151c3b3efb264
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
531a36b81446f4b767f69367e2f225a8cd631be1c6ac8cd3af75dde9fabd0d89
58b327873e2b75a12c9fe17e705ac671d501b7914765ce46d1f43ddcba53f213
6031db9d2bd4fd5a5004e832becde8967d1958fb3611dc258a26d6026e15e5c4
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
703e4e419d4a81297b8eac27149ec554905f5c82cb2d4f3d8fb7edcf9d96d57b
8e87abe5aea7573452a2ffd84c39882188722afb2cff0dd94f8055fce849ed92
95dbe1dffe64fc20a200f0a1aa2a59e8c12e26db29feaf3c03395b5086c4e32f
a516e5a8600f95439b5f6a648a770a7b8b7d624365e60f1a25b3003bac4b2d02
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be66f32cf01a55dc9237bf1cf86fa95fd650af7d357c02e53fa7dd29455aea13
c1745526c9bc34d27ec792134b4e2d3077b86ba03eab5e99402b5b859ef76704
dc70b76f0a70a647f60c705a03416bcaf63dee39cc13bcd28efe6eeb21725130
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e129d25d4613382bf2775f29b802da84ad3be890c82d52efb05512bcba2b41ff
e1fc307f3fbb777cd25b2d88e92da0feb1aa454f01b53763b23670fdd16f139d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
e52290036b958008eabecfc5c839395f64c33a45d942c945479014ceaa0cabe0
e7fcf5d70822479f3b88d0e68abcb47503c7dfd038863b2eaeeb49e27a67a711
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
fa74548b7e84d29ef14b657493981f3e289f57f6d277b8de0c025ac0f17d742c

integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com Open in urlscan Pro 34.237.170.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

95 %HTTPS

59 %IPv6

10 Domains

17 Subdomains

18 IPs

1 Countries

5448 kBTransfer

7046 kBSize

14 Cookies

4 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

integ-prime.ufqbwjjrcj.us-east-1.elasticbeanstalk.com Open in urlscan Pro
34.237.170.104 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

95 %
HTTPS

59 %
IPv6

10
Domains

17
Subdomains

18
IPs

1
Countries

5448 kB
Transfer

7046 kB
Size

14
Cookies

42 HTTP transactions
2 data transactions