urlscan.io logo urlscan.io
SecurityTrails logo

customscripts.us Open in urlscan Pro
50.87.170.67  Public Scan

Go To Rescan Add Verdict Report
URL: https://customscripts.us/PrintDocument.exe
Submission: On June 29 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 35 HTTP transactions. The main IP is 50.87.170.67, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is customscripts.us.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 15th 2020. Valid for: 3 months.
This is the only time customscripts.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    50.87.170.67 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 50-87-170-67.unifiedlayer.com
customscripts.us
2    35.225.175.237 (United States)

ASN15169 (GOOGLE, US)
PTR: 237.175.225.35.bc.googleusercontent.com
whp23374sbp.wpengine.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:821::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:20eb:7a00:7:e536:8b00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tag.brandcdn.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    52.215.9.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-9-203.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
1    13.224.115.202 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-115-202.mad50.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
2    52.52.117.168 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-117-168.us-west-1.compute.amazonaws.com
adservices.brandcdn.com
Domain Requested by
17 customscripts.us customscripts.us
3 insight.adsrvr.org 1 redirects customscripts.us
3 fonts.gstatic.com customscripts.us
2 adservices.brandcdn.com customscripts.us
adservices.brandcdn.com
2 www.google-analytics.com customscripts.us
2 www.google.com customscripts.us
www.gstatic.com
2 whp23374sbp.wpengine.com customscripts.us
1 d1eoo1tco6rr5e.cloudfront.net tag.brandcdn.com
1 www.gstatic.com www.google.com
1 stats.g.doubleclick.net customscripts.us
1 tag.brandcdn.com customscripts.us
1 fonts.googleapis.com customscripts.us
35 12

This site contains no links.

Subject Issuer Validity Valid
customscripts.us
Let's Encrypt Authority X3		 2020-05-15 -
2020-08-13		 3 months crt.sh
*.wpengine.com
RapidSSL RSA CA 2018		 2019-07-01 -
2021-08-29		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh
*.brandcdn.com
RapidSSL RSA CA 2018		 2019-06-10 -
2021-07-01		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://customscripts.us/PrintDocument.exe
Frame ID: 689DB20CBCC98E7A6534EDCDB232B403
Requests: 32 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/ccdb7eo/he9r91w/iframe
Frame ID: D3DB7E3DEDF319D301C26CF03E751631
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHKtEUAAAAAAJ95WuvfKidh3q7Y-bjjknw48LK&co=aHR0cHM6Ly9jdXN0b21zY3JpcHRzLnVzOjQ0Mw..&hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&size=invisible&cb=gjqkipevklaw
Frame ID: BF509A6B2150505398824850E9D5CCF0
Requests: 1 HTTP requests in this frame

Frame: https://adservices.brandcdn.com/pixel/cv?aid=208043&cv_ck=80b28199-de19-4a54-9e33-da5f8bd56068&m=customscripts.us&r=
Frame ID: 632E371877C8A93F91D8E7D53ED9FB96
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

35
Requests

100 %
HTTPS

58 %
IPv6

10
Domains

12
Subdomains

12
IPs

4
Countries

659 kB
Transfer

1730 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://insight.adsrvr.org/tags/ccdb7eo/he9r91w/iframe HTTP 303
  • https://d1eoo1tco6rr5e.cloudfront.net/ccdb7eo/he9r91w/iframe

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request PrintDocument.exe
customscripts.us/ 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash
29ce5340ae99d59ec2f272008ed22ea502ae20aa523c0b2ed4b3e77cc67103a9

Request headers

:method
GET
:authority
customscripts.us
:scheme
https
:path
/PrintDocument.exe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
date
Mon, 29 Jun 2020 00:19:31 GMT
server
Apache
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<https://customscripts.us/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding
content-encoding
gzip
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
8291
content-type
text/html; charset=UTF-8
style.min.css
customscripts.us/wp-includes/css/dist/block-library/ 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/wp-includes/css/dist/block-library/style.min.css?ver=5.3.4
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 00:19:32 GMT
content-encoding
gzip
last-modified
Thu, 11 Jun 2020 03:35:04 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
status
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
7869
styles.css
customscripts.us/wp-content/plugins/contact-form-7/includes/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
409
date
Mon, 29 Jun 2020 00:19:32 GMT
server
Apache
content-length
83
content-type
text/html; charset=iso-8859-1
style.css
customscripts.us/wp-content/themes/Divi/ 		617 KB
100 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/wp-content/themes/Divi/style.css?ver=5.3.4
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash
999d39481dd09e11527c4f4cbfd770dd86bac955c5c5dc09fedba165dd1534f7

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 00:19:32 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 18:42:09 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
status
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
style.css
customscripts.us/wp-content/themes/divi-child/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/wp-content/themes/divi-child/style.css?ver=3.19.18
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash
8430499ee47aec5eb844c3650941f0b31da0dfd32b3a03e1154de402f919188e

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 00:19:32 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 15:35:19 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
status
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
1332
dashicons.min.css
customscripts.us/wp-includes/css/ 		46 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/wp-includes/css/dashicons.min.css?ver=5.3.4
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 00:19:32 GMT
content-encoding
gzip
last-modified
Tue, 10 Mar 2020 16:10:56 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
status
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
jquery.js
customscripts.us/wp-includes/js/jquery/ 		95 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 00:19:32 GMT
content-encoding
gzip
last-modified
Mon, 23 Dec 2019 19:28:10 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
jquery-migrate.min.js
customscripts.us/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 00:19:32 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 03:50:48 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
4444
frontend.min.js
customscripts.us/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.4
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 00:19:32 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 03:45:43 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
3153
et-divi-customizer-global-15924979218683.min.css
customscripts.us/wp-content/cache/et/global/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/wp-content/cache/et/global/et-divi-customizer-global-15924979218683.min.css
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash
1c80680cdfb21a6930a4c832d1910bdc77a9ccf3b39ed593af49e62b143b813f

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 00:19:32 GMT
content-encoding
gzip
last-modified
Thu, 18 Jun 2020 16:32:03 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
status
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
3578
customprescriptions-notag.jpg
whp23374sbp.wpengine.com/wp-content/uploads/2018/02/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whp23374sbp.wpengine.com/wp-content/uploads/2018/02/customprescriptions-notag.jpg
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.175.237 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.175.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
071428847fc2e59836d279aefd20b7ec670ee879d54398662062e26e6bf5cb99

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 00:19:33 GMT
last-modified
Thu, 12 Dec 2019 18:10:27 GMT
server
nginx
status
200
etag
"5df28293-a03b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
41019
css
fonts.googleapis.com/ 		10 KB
881 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:200,300,regular,500,600,700|Droid+Sans:regular,700&subset=cyrillic,vietnamese,latin,latin-ext
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0a5eec381f454383f4fe66caa67a3c07ddb228e70a61b5df6bc1ed3910cc567d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 29 Jun 2020 00:19:33 GMT
server
ESF
date
Mon, 29 Jun 2020 00:19:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Jun 2020 00:19:33 GMT
scripts.js
customscripts.us/wp-content/plugins/contact-form-7/includes/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
409
date
Mon, 29 Jun 2020 00:19:33 GMT
server
Apache
content-length
83
content-type
text/html; charset=iso-8859-1
api.js
www.google.com/recaptcha/ 		708 B
573 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfHKtEUAAAAAAJ95WuvfKidh3q7Y-bjjknw48LK&ver=3.0
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d10e15e06b38c6155dbd0dc4d741b19309c92b50baba7f68e703f8dbebc65564
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 00:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
478
x-xss-protection
1; mode=block
expires
Mon, 29 Jun 2020 00:19:33 GMT
custom.min.js
customscripts.us/wp-content/themes/Divi/js/ 		257 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/wp-content/themes/Divi/js/custom.min.js?ver=3.19.18
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash
531130244ef0e6a106982f34883db12b1b8ec9c5c3b6396d5bcfbe270f3576b7

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 00:19:33 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 18:42:09 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
common.js
customscripts.us/wp-content/themes/Divi/core/admin/js/ 		1 KB
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/wp-content/themes/Divi/core/admin/js/common.js?ver=3.19.18
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 00:19:33 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 18:42:10 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
583
wp-embed.min.js
customscripts.us/wp-includes/js/ 		1 KB
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/wp-includes/js/wp-embed.min.js?ver=5.3.4
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 00:19:33 GMT
content-encoding
gzip
last-modified
Tue, 10 Mar 2020 16:10:56 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
756
LNPTracking.js
tag.brandcdn.com/autoscript/customprescriptionsoflancaster_vfzsrk5fnxfxvda9/ 		791 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.brandcdn.com/autoscript/customprescriptionsoflancaster_vfzsrk5fnxfxvda9/LNPTracking.js
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:7a00:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25976c5ae6aced7b099cc2d364bdb16992631ac3ff2eb2b198b4d8dc0b8cca67

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 00:19:35 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
last-modified
Sun, 28 Jun 2020 09:09:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"7d1b098ebd0f38d8296ac0fb80e4a558"
x-cache
Miss from cloudfront
content-type
text/javascript
status
200
accept-ranges
bytes
content-length
791
x-amz-cf-id
e9aUeviUFjpVUkDIWi6Ew5-J9UIuqXwSqGh_PjZh9hK4GiLdEUa_Bw==
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
4994
date
Sun, 28 Jun 2020 22:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Mon, 29 Jun 2020 00:56:19 GMT
wp-emoji-release.min.js
customscripts.us/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/wp-includes/js/wp-emoji-release.min.js?ver=5.3.4
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 00:19:33 GMT
content-encoding
gzip
last-modified
Tue, 10 Mar 2020 16:10:56 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
4902
modules.ttf
customscripts.us/wp-content/themes/Divi/core/admin/fonts/ 		90 KB
91 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/wp-content/themes/Divi/core/admin/fonts/modules.ttf
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://customscripts.us/wp-content/themes/Divi/style.css?ver=5.3.4
Origin
https://customscripts.us

Response headers

date
Mon, 29 Jun 2020 00:19:33 GMT
last-modified
Wed, 27 Feb 2019 18:42:10 GMT
server
Apache
accept-ranges
bytes
content-type
font/ttf
status
200
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
92400
SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2
fonts.gstatic.com/s/droidsans/v12/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Oswald:200,300,regular,500,600,700|Droid+Sans:regular,700&subset=cyrillic,vietnamese,latin,latin-ext
Origin
https://customscripts.us

Response headers

date
Wed, 10 Jun 2020 14:39:32 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Feb 2020 02:52:18 GMT
server
sffe
age
1590001
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11396
x-xss-protection
0
expires
Thu, 10 Jun 2021 14:39:32 GMT
TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v34/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v34/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Oswald:200,300,regular,500,600,700|Droid+Sans:regular,700&subset=cyrillic,vietnamese,latin,latin-ext
Origin
https://customscripts.us

Response headers

date
Fri, 26 Jun 2020 04:12:16 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:39:16 GMT
server
sffe
age
245237
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25376
x-xss-protection
0
expires
Sat, 26 Jun 2021 04:12:16 GMT
SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2
fonts.gstatic.com/s/droidsans/v12/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Oswald:200,300,regular,500,600,700|Droid+Sans:regular,700&subset=cyrillic,vietnamese,latin,latin-ext
Origin
https://customscripts.us

Response headers

date
Fri, 12 Jun 2020 20:15:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Feb 2020 02:00:07 GMT
server
sffe
age
1397018
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11236
x-xss-protection
0
expires
Sat, 12 Jun 2021 20:15:55 GMT
scripts.js
customscripts.us/wp-content/plugins/contact-form-7/includes/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://customscripts.us/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.170.67 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-170-67.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
409
date
Mon, 29 Jun 2020 00:19:33 GMT
server
Apache
content-length
83
content-type
text/html; charset=iso-8859-1
collect
www.google-analytics.com/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=1575604931&t=pageview&_s=1&dl=https%3A%2F%2Fcustomscripts.us%2FPrintDocument.exe&dp=%2F404.html%3Fpage%3D%2FPrintDocument.exe%26from%3D&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Custom%20Prescriptions%20of%20Lancaster&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABC~&jid=1756755099&gjid=668278565&cid=1227384786.1593389974&tid=UA-120924305-1&_gid=1993848195.1593389974&z=240437655
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jun 2020 03:18:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1717281
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-120924305-1&cid=1227384786.1593389974&jid=1756755099&gjid=668278565&_gid=1993848195.1593389974&_u=YGBAgUABC~&z=1589400867
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 29 Jun 2020 00:19:33 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/ 		323 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfHKtEUAAAAAAJ95WuvfKidh3q7Y-bjjknw48LK&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1533bc39e2dd8ede3893909d6f42760e0598d075951447afe88158e57b0961a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Jun 2020 16:39:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Jun 2020 20:56:25 GMT
server
sffe
age
459601
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129939
x-xss-protection
0
expires
Wed, 23 Jun 2021 16:39:32 GMT
iframe
d1eoo1tco6rr5e.cloudfront.net/ccdb7eo/he9r91w/ Frame D3DB
Redirect Chain
  • https://insight.adsrvr.org/tags/ccdb7eo/he9r91w/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/ccdb7eo/he9r91w/iframe
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/ccdb7eo/he9r91w/iframe
Requested by
Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/customprescriptionsoflancaster_vfzsrk5fnxfxvda9/LNPTracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.115.202 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-115-202.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
d1eoo1tco6rr5e.cloudfront.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://customscripts.us/PrintDocument.exe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://customscripts.us/PrintDocument.exe

Response headers

Content-Type
text/html
Content-Length
138
Connection
keep-alive
Date
Mon, 29 Jun 2020 00:19:35 GMT
Last-Modified
Wed, 20 May 2020 16:25:35 GMT
ETag
"7a98849a2297b99551161083acd71572"
Cache-Control
max-age=86400
Accept-Ranges
bytes
Server
AmazonS3
X-Cache
Miss from cloudfront
Via
1.1 77fcce204f96e329df7227f192690939.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MAD50-C1
X-Amz-Cf-Id
Fo4ryb-WjD6x5abunJgyJwEjnS_ukXd2yjZh9jkJXT0mKDpQWJZxfQ==

Redirect headers

status
303
date
Mon, 29 Jun 2020 00:19:34 GMT
content-type
text/html; charset=UTF-8
content-length
183
location
https://d1eoo1tco6rr5e.cloudfront.net/ccdb7eo/he9r91w/iframe
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
cv_pixel.js
adservices.brandcdn.com/pixel/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adservices.brandcdn.com/pixel/cv_pixel.js
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.117.168 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-117-168.us-west-1.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 00:19:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 22:36:17 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"613-59c5d91ee7ce4-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
745
/
insight.adsrvr.org/track/evnt/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/evnt/?adv=ccdb7eo&ct=0:he9r91w&fmt=3
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.9.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-9-203.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Mon, 29 Jun 2020 00:19:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
insight.adsrvr.org/track/conv/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/conv/?adv=ccdb7eo&ct=0:isks5vr&fmt=3
Requested by
Host: customscripts.us
URL: https://customscripts.us/PrintDocument.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.9.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-9-203.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Mon, 29 Jun 2020 00:19:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
anchor
www.google.com/recaptcha/api2/ Frame BF50 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHKtEUAAAAAAJ95WuvfKidh3q7Y-bjjknw48LK&co=aHR0cHM6Ly9jdXN0b21zY3JpcHRzLnVzOjQ0Mw..&hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&size=invisible&cb=gjqkipevklaw
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yUKpUec0UnudDd0NHGuAuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfHKtEUAAAAAAJ95WuvfKidh3q7Y-bjjknw48LK&co=aHR0cHM6Ly9jdXN0b21zY3JpcHRzLnVzOjQ0Mw..&hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&size=invisible&cb=gjqkipevklaw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://customscripts.us/PrintDocument.exe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://customscripts.us/PrintDocument.exe

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 29 Jun 2020 00:19:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-yUKpUec0UnudDd0NHGuAuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9526
server
GSE
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cv
adservices.brandcdn.com/pixel/ Frame 632E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adservices.brandcdn.com/pixel/cv?aid=208043&cv_ck=80b28199-de19-4a54-9e33-da5f8bd56068&m=customscripts.us&r=
Requested by
Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.117.168 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-117-168.us-west-1.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash

Request headers

Host
adservices.brandcdn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://customscripts.us/PrintDocument.exe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://customscripts.us/PrintDocument.exe

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Location
cv.html
Content-Type
text/html
Date
Mon, 29 Jun 2020 00:19:35 GMT
ETag
"1002-59c5d8dab00e8;59c5d91ee8c84-gzip"
Last-Modified
Fri, 17 Jan 2020 22:35:06 GMT
Server
Apache/2.4.7 (Ubuntu)
TCN
choice
Vary
negotiate,Accept-Encoding
Content-Length
1137
Connection
keep-alive
customprescriptions-notag.jpg
whp23374sbp.wpengine.com/wp-content/uploads/2018/02/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whp23374sbp.wpengine.com/wp-content/uploads/2018/02/customprescriptions-notag.jpg
Requested by
Host: customscripts.us
URL: https://customscripts.us/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.225.175.237 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.175.225.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
071428847fc2e59836d279aefd20b7ec670ee879d54398662062e26e6bf5cb99

Request headers

Referer
https://customscripts.us/PrintDocument.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 00:19:35 GMT
last-modified
Thu, 12 Dec 2019 18:10:27 GMT
server
nginx
status
200
etag
"5df28293-a03b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
41019

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 204=Jho_2OGFTpqhF0x41by5sM_3c5tj1brUEmjpf4w2PCz1EqHyCnHnh8B3YNIEam5oqmIGyYEjYonxzQlMChZnNipDiCDQV9zrS3qOvnPJn5ilGw0m9CHB1eFJGQ7hZTYe05ByoJGpElTzRJghBVyU6h0w2hh8QYyziGdVDXaX8Rc
.customscripts.us/ Name: _gat
Value: 1
.customscripts.us/ Name: _gid
Value: GA1.2.1993848195.1593389974
customscripts.us/ Name: brandcdn_uid
Value: 80b28199-de19-4a54-9e33-da5f8bd56068
.customscripts.us/ Name: _ga
Value: GA1.2.1227384786.1593389974

1 Console Messages

Source Level URL
Text
console-api log URL: https://customscripts.us/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservices.brandcdn.com
customscripts.us
d1eoo1tco6rr5e.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
insight.adsrvr.org
stats.g.doubleclick.net
tag.brandcdn.com
whp23374sbp.wpengine.com
www.google-analytics.com
www.google.com
www.gstatic.com
13.224.115.202
2600:9000:20eb:7a00:7:e536:8b00:93a1
2a00:1450:4001:802::200a
2a00:1450:4001:808::200e
2a00:1450:4001:816::2003
2a00:1450:4001:819::2003
2a00:1450:4001:821::2004
2a00:1450:400c:c07::9c
35.225.175.237
50.87.170.67
52.215.9.203
52.52.117.168
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
071428847fc2e59836d279aefd20b7ec670ee879d54398662062e26e6bf5cb99
0a5eec381f454383f4fe66caa67a3c07ddb228e70a61b5df6bc1ed3910cc567d
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1c80680cdfb21a6930a4c832d1910bdc77a9ccf3b39ed593af49e62b143b813f
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
25976c5ae6aced7b099cc2d364bdb16992631ac3ff2eb2b198b4d8dc0b8cca67
29ce5340ae99d59ec2f272008ed22ea502ae20aa523c0b2ed4b3e77cc67103a9
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
531130244ef0e6a106982f34883db12b1b8ec9c5c3b6396d5bcfbe270f3576b7
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8430499ee47aec5eb844c3650941f0b31da0dfd32b3a03e1154de402f919188e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
999d39481dd09e11527c4f4cbfd770dd86bac955c5c5dc09fedba165dd1534f7
bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603
bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b
c1533bc39e2dd8ede3893909d6f42760e0598d075951447afe88158e57b0961a
c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed
d10e15e06b38c6155dbd0dc4d741b19309c92b50baba7f68e703f8dbebc65564
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955