primarycareasthmarounds.icu Open in urlscan Pro
2606:4700:30::681f:4147 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://x.co/optiondriv
Effective URL:
https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXN...
Submission: On May 21 via manual (May 21st 2019, 2:37:55 pm UTC) from US

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 27 HTTP transactions. The main IP is 2606:4700:30::681f:4147, located in United States and belongs to ,. The main domain is primarycareasthmarounds.icu.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on May 20th 2019. Valid for: a year.

This is the only time primarycareasthmarounds.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
2 2	45.40.140.1 45.40.140.1	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
2 2	2606:4700:30:... 2606:4700:30::681f:4047	13335 () ()
1 24	2606:4700:30:... 2606:4700:30::681f:4147	13335 () ()
1	2a02:26f0:64:... 2a02:26f0:64:590::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28b::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:299::2b57	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:64:... 2a02:26f0:64:5a4::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
27	6

2 45.40.140.1 (Scottsdale, United States) 2 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-45-40-140-1.ip.secureserver.net

x.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681f:4047 (United States) 2 redirects

ASN13335 (,)

primarycareasthmarounds.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:30::681f:4147 (United States) 1 redirects

ASN13335 (,)

primarycareasthmarounds.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64:590::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

www.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28b::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:299::2b57 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

uhf.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64:5a4::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

www.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	primarycareasthmarounds.icu 3 redirects primarycareasthmarounds.icu	615 KB
3	microsoft.com www.microsoft.com uhf.microsoft.com	23 KB
2	x.co 2 redirects x.co	300 B
1	s-microsoft.com c.s-microsoft.com	34 KB
27	4

	Domain	Requested by
26	primarycareasthmarounds.icu	3 redirects primarycareasthmarounds.icu
2	www.microsoft.com	primarycareasthmarounds.icu
2	x.co	2 redirects
1	uhf.microsoft.com
1	c.s-microsoft.com	primarycareasthmarounds.icu
27	5

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-05-20` - `2020-05-20`	a year	crt.sh
www.microsoft.com Microsoft IT TLS CA 4	`2018-01-16` - `2020-01-16`	2 years	crt.sh
unistore.www.microsoft.com Microsoft IT TLS CA 5	`2019-04-30` - `2021-04-30`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Frame ID: 45B278715D24A3B59E4244283276C094
Requests: 28 HTTP requests in this frame

Frame: https://www.microsoft.com/store/buy/cartcount
Frame ID: D30A9322F7B6518E4A4035F96E5DE7F8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://x.co/optiondriv HTTP 301
https://x.co/optiondriv HTTP 302
http://primarycareasthmarounds.icu/img/ondr HTTP 301
https://primarycareasthmarounds.icu/img/ondr HTTP 301
http://primarycareasthmarounds.icu/img/ondr/ HTTP 301
https://primarycareasthmarounds.icu/img/ondr/ Page URL
https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cD... Page URL

Detected technologies

Knockout.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^ko$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

27
Requests

100 %
HTTPS

86 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

776 kB
Transfer

1750 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://x.co/optiondriv HTTP 301
https://x.co/optiondriv HTTP 302
http://primarycareasthmarounds.icu/img/ondr HTTP 301
https://primarycareasthmarounds.icu/img/ondr HTTP 301
http://primarycareasthmarounds.icu/img/ondr/ HTTP 301
https://primarycareasthmarounds.icu/img/ondr/ Page URL
https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://x.co/optiondriv HTTP 301
https://x.co/optiondriv HTTP 302
http://primarycareasthmarounds.icu/img/ondr HTTP 301
https://primarycareasthmarounds.icu/img/ondr HTTP 301
http://primarycareasthmarounds.icu/img/ondr/ HTTP 301
https://primarycareasthmarounds.icu/img/ondr/

27 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
primarycareasthmarounds.icu/img/ondr/
Redirect Chain

http://x.co/optiondriv
https://x.co/optiondriv
http://primarycareasthmarounds.icu/img/ondr
https://primarycareasthmarounds.icu/img/ondr
http://primarycareasthmarounds.icu/img/ondr/
https://primarycareasthmarounds.icu/img/ondr/

255 B
436 B

169ms
168ms

Document
text/html

2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to

Full URL: https://primarycareasthmarounds.icu/img/ondr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: primarycareasthmarounds.icu
:scheme: https
:path: /img/ondr/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Tue, 21 May 2019 14:37:39 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d27e41c690b9f1ff72bceccc3a21077d11558449458; expires=Wed, 20-May-20 14:37:38 GMT; path=/; domain=.primarycareasthmarounds.icu; HttpOnly; Secure PHPSESSID=n2pgc7rro5ukfj8cceh4a9iap4; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4da74a1e0a39beb5-FRA
content-encoding: br

Redirect headers

Date: Tue, 21 May 2019 14:37:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 21 May 2019 15:37:38 GMT
Location: https://primarycareasthmarounds.icu/img/ondr/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4da74a1dfaf8d6bd-FRA

GET
H2 200 Primary Request Main.php Show response
primarycareasthmarounds.icu/img/ondr/ 364 KB
151 KB 227ms
227ms Document
text/html 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to

Full URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: 23c429bf9ba5c26c4df9d08acb4e7e02264fc97f658540a755a7acdc33e237a7

Request headers

:method: GET
:authority: primarycareasthmarounds.icu
:scheme: https
:path: /img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://primarycareasthmarounds.icu/img/ondr/
accept-encoding: gzip, deflate, br
cookie: __cfduid=d27e41c690b9f1ff72bceccc3a21077d11558449458; PHPSESSID=n2pgc7rro5ukfj8cceh4a9iap4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://primarycareasthmarounds.icu/img/ondr/

Response headers

status: 200
date: Tue, 21 May 2019 14:37:39 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4da74a1f2bd6beb5-FRA
content-encoding: br

GET
H2 200 62-186d68.css
primarycareasthmarounds.icu/img/ondr/assets/files/ 146 KB
18 KB 23ms
21ms Stylesheet
text/css 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/62-186d68.css
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: a56cb1797e8ea02995c2d8a1b2c55651522f95ef145b317d088654fbbb7876b7

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4da74a20ade0beb5-FRA
expires: Tue, 21 May 2019 18:37:39 GMT

GET
H2 200 override.css
primarycareasthmarounds.icu/img/ondr/assets/files/ 1 KB
462 B 15ms
14ms Stylesheet
text/css 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/override.css
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: 3abc2499752db5dff68042be5a321e517c0609497e168eeb824079aca0d86282

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4da74a20ade1beb5-FRA
expires: Tue, 21 May 2019 18:37:39 GMT

GET
H2 200 mscc-0.css
primarycareasthmarounds.icu/img/ondr/assets/files/ 1 KB
663 B 11ms
10ms Stylesheet
text/css 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/mscc-0.css
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: 35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4da74a20ade2beb5-FRA
expires: Tue, 21 May 2019 18:37:39 GMT

GET
H2 200 knockout-699241a9.js Show response
primarycareasthmarounds.icu/img/ondr/assets/files/ 64 KB
23 KB 16ms
16ms Script
application/javascript 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/knockout-699241a9.js
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: 34aae08bbe57e6c6d36268a23ede03836ef7740868a23ebb5f83d35922b003e3

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4da74a20ade3beb5-FRA
expires: Tue, 21 May 2019 18:37:39 GMT

GET
H2 200 home-768b7a22.js Show response
primarycareasthmarounds.icu/img/ondr/assets/files/ 462 KB
85 KB 18ms
17ms Script
application/javascript 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/home-768b7a22.js
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: 039a2f10d01102c3a12b3b4a54124741d482bfb5d6e2fa763a9783a0fe6f7780

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4da74a20ade4beb5-FRA
expires: Tue, 21 May 2019 18:37:39 GMT

GET
H2 200 home.js Show response
primarycareasthmarounds.icu/img/ondr/assets/files/ 42 KB
12 KB 18ms
18ms Script
application/javascript 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/home.js
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: 4684e6e9d0e4e3a588fa12f63a491ae58e1464af347231f1dabc710b62d4818d

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4da74a20ce17beb5-FRA
expires: Tue, 21 May 2019 18:37:39 GMT

GET
H2 200 homeappfonts-6650743a.js Show response
primarycareasthmarounds.icu/img/ondr/assets/files/ 188 KB
123 KB 28ms
28ms Script
application/javascript 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/homeappfonts-6650743a.js
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: c0552ef8a9e03f6ce7b98963d5c7116d4b517163f83bff8378a226e8c017d5cb

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4da74a20ee53beb5-FRA
expires: Tue, 21 May 2019 18:37:39 GMT

GET
H2 200 aria-4cf8a7e2.js Show response
primarycareasthmarounds.icu/img/ondr/assets/files/ 45 KB
12 KB 19ms
18ms Script
application/javascript 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/aria-4cf8a7e2.js
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: 65d60b1e2596aef3beac34b8683c39938c4bd87116505a19307e940ebb07f958

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4da74a20ee55beb5-FRA
expires: Tue, 21 May 2019 18:37:39 GMT

GET
H2 200 jquery-2.js Show response
primarycareasthmarounds.icu/img/ondr/assets/files/ 84 KB
29 KB 16ms
15ms Script
application/javascript 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/jquery-2.js
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4da74a2288a4beb5-FRA
expires: Tue, 21 May 2019 18:37:39 GMT

GET
H2 200 18-d72213 Show response
primarycareasthmarounds.icu/img/ondr/assets/files/ 125 KB
125 KB 71ms
70ms Script
text/plain 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/18-d72213
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: 99683519a4dcf1bcdcf5558a5ff5726f67590d817055109e4a63e98ade64c554

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
last-modified: Sat, 09 Mar 2019 12:15:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
accept-ranges: bytes
cf-ray: 4da74a2288a6beb5-FRA
content-length: 127762

GET
H2 200 meversion Show response
primarycareasthmarounds.icu/img/ondr/assets/files/ 11 KB
11 KB 99ms
98ms Script
text/plain 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/meversion
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: c8fc143d2edd34c4e596e314502bfe107fc5cfedaf017a65f3413423e5a58e98

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
last-modified: Sat, 09 Mar 2019 12:15:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
accept-ranges: bytes
cf-ray: 4da74a2288a7beb5-FRA
content-length: 11630

GET
H2 200 mscc-0.js Show response
primarycareasthmarounds.icu/img/ondr/assets/files/ 3 KB
1 KB 24ms
24ms Script
application/javascript 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/mscc-0.js
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4da74a2288a8beb5-FRA
expires: Tue, 21 May 2019 18:37:39 GMT

GET
H2 200 RE1Mu3b.png
primarycareasthmarounds.icu/img/ondr/assets/files/ 4 KB
4 KB 13ms
12ms Image
image/png 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/RE1Mu3b.png
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: 112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4da74a22a8c7beb5-FRA
content-length: 4054
expires: Tue, 21 May 2019 18:37:39 GMT

GET
H2 200 hero_devices.svg
primarycareasthmarounds.icu/img/ondr/assets/files/ 19 KB
7 KB 14ms
13ms Image
image/svg+xml 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/hero_devices.svg
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: 687738f7d943a2e5d33eab6a13ae98357a9fe9400f5991a69b08caa4b5e56bf6

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=14400
cf-ray: 4da74a22a8c9beb5-FRA
expires: Tue, 21 May 2019 18:37:39 GMT

GET
H2 200 feature_any_device.svg
primarycareasthmarounds.icu/img/ondr/assets/files/ 2 KB
1 KB 10ms
9ms Image
image/svg+xml 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/feature_any_device.svg
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eb11b8b06cfff42c15fd64bb74239354cfa81461564aa003345101d67bfdebd

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=14400
cf-ray: 4da74a22b8e1beb5-FRA
expires: Tue, 21 May 2019 18:37:39 GMT

GET
H2 200 feature_offline_access.svg
primarycareasthmarounds.icu/img/ondr/assets/files/ 2 KB
1 KB 11ms
10ms Image
image/svg+xml 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/feature_offline_access.svg
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: 76185d054aca425130d7880b95c18d19248e4574a1b3af612ebf2af2a207241a

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=14400
cf-ray: 4da74a22b8e3beb5-FRA
expires: Tue, 21 May 2019 18:37:39 GMT

GET
H2 200 feature_safety.svg
primarycareasthmarounds.icu/img/ondr/assets/files/ 2 KB
1 KB 11ms
10ms Image
image/svg+xml 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/feature_safety.svg
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: 837b394c26a196d6c3b6b4e7a9a9dd1520a82e6d29ec514572ad01b5bb148955

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=14400
cf-ray: 4da74a22b8e4beb5-FRA
expires: Tue, 21 May 2019 18:37:39 GMT

GET
H2 200 sidekick_share.svg
primarycareasthmarounds.icu/img/ondr/assets/files/ 16 KB
5 KB 13ms
13ms Image
image/svg+xml 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/sidekick_share.svg
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: 18358aa54fce839170c866cd5b28b3e7671e5f81490d4eee29c40cd45e3448ef

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=14400
cf-ray: 4da74a22b8e5beb5-FRA
expires: Tue, 21 May 2019 18:37:39 GMT

GET
H2 200 email-decode.min.js Show response
primarycareasthmarounds.icu/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
817 B 10ms
10ms Script
application/javascript 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to

Full URL

https://primarycareasthmarounds.icu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:4147 , United States, ASN13335 (,),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: gzip
last-modified: Tue, 14 May 2019 18:46:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cdb0d1a-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 4da74a22a8cebeb5-FRA
expires: Thu, 23 May 2019 14:37:39 GMT

GET
H2 200 cartcount.htm Show response
primarycareasthmarounds.icu/img/ondr/assets/files/ Frame D30A 1 KB
507 B 101ms
101ms Document
text/html 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/cartcount.htm
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cdf63ad1ba1228faf5b65ed27fb29cba056e996d18b99db6f7087bdd28f9197

Request headers

:method: GET
:authority: primarycareasthmarounds.icu
:scheme: https
:path: /img/ondr/assets/files/cartcount.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
accept-encoding: gzip, deflate, br
cookie: __cfduid=d27e41c690b9f1ff72bceccc3a21077d11558449458; PHPSESSID=n2pgc7rro5ukfj8cceh4a9iap4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ

Response headers

status: 200
date: Tue, 21 May 2019 14:37:39 GMT
content-type: text/html
last-modified: Sat, 09 Mar 2019 12:15:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4da74a243ad4beb5-FRA
content-encoding: br

GET
H2 200 hero_clouds.svg
primarycareasthmarounds.icu/img/ondr/assets/files/ 3 KB
1 KB 11ms
10ms Image
image/svg+xml 2606:4700:30::681f:4147

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/hero_clouds.svg
Requested by: Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4147 , United States, ASN13335 (,),
Reverse DNS
Software: cloudflare /
Resource Hash: e7d8490eda4c512afb94e2609816b9b14490531a8a0a6a470819f1d2d6f52b0a

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 12:15:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=14400
cf-ray: 4da74a244addbeb5-FRA
expires: Tue, 21 May 2019 18:37:39 GMT

GET
DATA 200
OK truncated
/ 34 KB
34 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://primarycareasthmarounds.icu

Response headers

Content-Type: font/woff;charset=utf-8

GET
H2 200 mwfmdl2-v3.07.woff
www.microsoft.com/mwf/_h/v3.07/mwf.app/fonts/ 22 KB
22 KB 78ms
16ms Font
application/font-woff 2a02:26f0:64:590::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/mwf/_h/v3.07/mwf.app/fonts/mwfmdl2-v3.07.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:64:590::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

7f31cbb16dd8190854789bd1b43f15ae60940fb79afbb7cfbef664e12f8a247c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://primarycareasthmarounds.icu/img/ondr/assets/files/62-186d68.css
Origin: https://primarycareasthmarounds.icu

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: 8e9c150c-e873-4e85-b320-3ae42805b5ed
tls_version: tls1.2
ms-cv: /9SnGqd2L0CnVKDg.0
content-length: 22376
x-xss-protection: 1
last-modified: Tue, 11 Dec 2018 05:55:06 GMT
x-az: {did:ebbeaea41e034f1a8d3657f77961d2e1, rid: 5, sn: mwf-eus-prod, dt: 2018-12-07T13:58:13.9231850Z, bt: 2018-12-01T00:33:22.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=17594248
access-control-allow-headers: *
x-appversion: 1.0.6909.1001
expires: Wed, 11 Dec 2019 05:55:07 GMT

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://primarycareasthmarounds.icu

Response headers

Content-Type: font/woff;charset=utf-8

GET
DATA 200
OK truncated
/ 41 KB
41 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d5dc6065e67ab6eae9d9a9b1fbc3938b1c54dc5cb2545fde23192feed6bbee2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://primarycareasthmarounds.icu

Response headers

Content-Type: font/woff;charset=utf-8

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 33 KB
34 KB 56ms
7ms Font
application/font-woff2 2a02:26f0:6c00:28b::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28b::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://primarycareasthmarounds.icu/img/ondr/assets/files/62-186d68.css
Origin: https://primarycareasthmarounds.icu

Response headers

date: Tue, 21 May 2019 14:37:39 GMT
last-modified: Tue, 01 Mar 2016 17:40:35 GMT
access-control-allow-origin: *
etag: "1D173E175B3AB80"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
status: 200
cache-control: public, max-age=473041
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/font-woff2
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 34052
expires: Mon, 27 May 2019 02:01:40 GMT

GET
H2 204 _log
uhf.microsoft.com/ 0
128 B 45ms
8ms Image
text/html 2a02:26f0:6c00:299::2b57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uhf.microsoft.com/_log?c=&h=primarycareasthmarounds.icu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:299::2b57 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 May 2019 14:37:40 GMT
access-control-allow-origin: *
content-type: text/html
status: 204
cache-control: max-age=0, no-cache, no-store
content-length: 0
expires: Tue, 21 May 2019 14:37:40 GMT

GET
H2 200 cartcount
www.microsoft.com/store/buy/ Frame D30A 0
0 80ms
27ms Document
text/html 2a02:26f0:64:5a4::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/store/buy/cartcount

Requested by

Host: primarycareasthmarounds.icu
URL: https://primarycareasthmarounds.icu/img/ondr/assets/files/18-d72213

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:64:5a4::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1

Request headers

:method: GET
:authority: www.microsoft.com
:scheme: https
:path: /store/buy/cartcount
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://primarycareasthmarounds.icu/img/ondr/Main.php?sslchannel=true&sessionid=Qvx4TDqWpWwk2r4bVjyGiljbBdmVN2cDxKHrn8oM4U66lbihvRXNchZNumJioWVWGDn3LLQQGWX28fjD7hrjyq73MRmbNh7tVuxHgoxXlu0tKk6RBybaZjeLaAWXS4rNyZ

Response headers

status: 200
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
x-activity-id: b9953e30-7004-46b4-a774-114a50e7cbfd
ms-cv: 86xcFwgI3UK+1WOq.0
x-appversion: 1.0.7073.9407
x-az: {did:0f33282e4311401e958b35fb1cb65e20, rid: 14, sn: onestore-neu-prod, dt: 2019-04-30T20:21:36.1611624Z, bt: 2019-05-14T05:13:34.0000000Z}
ms-operation-id: 087d7e3e92c74848ac58ea3c1dcff5f6
p3p: CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1
content-length: 358
cache-control: max-age=86400
expires: Wed, 22 May 2019 14:37:40 GMT
date: Tue, 21 May 2019 14:37:40 GMT
vary: Accept-Encoding
tls_version: tls1.2
strict-transport-security: max-age=31536000
x-rtag: Str

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.s-microsoft.com
primarycareasthmarounds.icu
uhf.microsoft.com
www.microsoft.com
x.co
2606:4700:30::681f:4047
2606:4700:30::681f:4147
2a02:26f0:64:590::356e
2a02:26f0:64:5a4::356e
2a02:26f0:6c00:28b::356e
2a02:26f0:6c00:299::2b57
45.40.140.1
039a2f10d01102c3a12b3b4a54124741d482bfb5d6e2fa763a9783a0fe6f7780
07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b
0eb11b8b06cfff42c15fd64bb74239354cfa81461564aa003345101d67bfdebd
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
18358aa54fce839170c866cd5b28b3e7671e5f81490d4eee29c40cd45e3448ef
1d5dc6065e67ab6eae9d9a9b1fbc3938b1c54dc5cb2545fde23192feed6bbee2
23c429bf9ba5c26c4df9d08acb4e7e02264fc97f658540a755a7acdc33e237a7
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
34aae08bbe57e6c6d36268a23ede03836ef7740868a23ebb5f83d35922b003e3
35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33
3abc2499752db5dff68042be5a321e517c0609497e168eeb824079aca0d86282
4684e6e9d0e4e3a588fa12f63a491ae58e1464af347231f1dabc710b62d4818d
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
65d60b1e2596aef3beac34b8683c39938c4bd87116505a19307e940ebb07f958
687738f7d943a2e5d33eab6a13ae98357a9fe9400f5991a69b08caa4b5e56bf6
76185d054aca425130d7880b95c18d19248e4574a1b3af612ebf2af2a207241a
7cdf63ad1ba1228faf5b65ed27fb29cba056e996d18b99db6f7087bdd28f9197
7f31cbb16dd8190854789bd1b43f15ae60940fb79afbb7cfbef664e12f8a247c
837b394c26a196d6c3b6b4e7a9a9dd1520a82e6d29ec514572ad01b5bb148955
99683519a4dcf1bcdcf5558a5ff5726f67590d817055109e4a63e98ade64c554
a56cb1797e8ea02995c2d8a1b2c55651522f95ef145b317d088654fbbb7876b7
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
c0552ef8a9e03f6ce7b98963d5c7116d4b517163f83bff8378a226e8c017d5cb
c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8
c8fc143d2edd34c4e596e314502bfe107fc5cfedaf017a65f3413423e5a58e98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d8490eda4c512afb94e2609816b9b14490531a8a0a6a470819f1d2d6f52b0a

primarycareasthmarounds.icu Open in urlscan Pro 2606:4700:30::681f:4147 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

86 %IPv6

4 Domains

5 Subdomains

6 IPs

2 Countries

776 kBTransfer

1750 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

primarycareasthmarounds.icu Open in urlscan Pro
2606:4700:30::681f:4147 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

86 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

776 kB
Transfer

1750 kB
Size

0
Cookies

27 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!