urlscan.io logo urlscan.io
SecurityTrails logo

login.nxfe.aeroflow.ninja Open in urlscan Pro
108.138.85.123  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/
Effective URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2F...
Submission: On December 02 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 1 countries across 10 domains to perform 104 HTTP transactions. The main IP is 108.138.85.123, located in United States and belongs to AMAZON-02, US. The main domain is login.nxfe.aeroflow.ninja.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 21st 2024. Valid for: a year.
This is the only time login.nxfe.aeroflow.ninja was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
40 3.171.100.28 16509 (AMAZON-02)
1 1 3.167.112.49 16509 (AMAZON-02)
24 108.138.85.123 16509 (AMAZON-02)
1 3.167.112.125 16509 (AMAZON-02)
7 142.251.179.97 15169 (GOOGLE)
3 142.251.167.104 15169 (GOOGLE)
5 142.251.167.138 15169 (GOOGLE)
3 157.240.229.1 32934 (FACEBOOK)
3 150.171.28.10 8075 (MICROSOFT...)
1 142.250.31.155 15169 (GOOGLE)
1 6 172.253.63.154 15169 (GOOGLE)
4 142.251.16.156 15169 (GOOGLE)
2 172.253.122.102 15169 (GOOGLE)
6 31.13.66.35 32934 (FACEBOOK)
104 13
40    3.171.100.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-100-28.iad12.r.cloudfront.net
bill-pay.pr139.nxfe.aeroflow.ninja
1    3.167.112.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-112-49.iad55.r.cloudfront.net
bill-pay.nxfe.aeroflow.ninja
24    108.138.85.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-123.iad12.r.cloudfront.net
login.nxfe.aeroflow.ninja
1    3.167.112.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-112-125.iad55.r.cloudfront.net
cdn.noibu.com
7    142.251.179.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f97.1e100.net
www.googletagmanager.com
3    142.251.167.104 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f104.1e100.net
www.google.com
5    142.251.167.138 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f138.1e100.net
www.google-analytics.com
3    157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net
connect.facebook.net
3    150.171.28.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net
www.googleadservices.com
6    172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net
td.doubleclick.net
googleads.g.doubleclick.net
4    142.251.16.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
stats.g.doubleclick.net
2    172.253.122.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f102.1e100.net
analytics.google.com
6    31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
65 aeroflow.ninja
bill-pay.pr139.nxfe.aeroflow.ninja
bill-pay.nxfe.aeroflow.ninja
login.nxfe.aeroflow.ninja
2 MB
10 doubleclick.net
td.doubleclick.net — Cisco Umbrella Rank: 182
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
5 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
729 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
6 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 142
417 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 359
15 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
86 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
3 KB
1 noibu.com
cdn.noibu.com — Cisco Umbrella Rank: 11757
409 B
104 10
Domain Requested by
40 bill-pay.pr139.nxfe.aeroflow.ninja bill-pay.pr139.nxfe.aeroflow.ninja
24 login.nxfe.aeroflow.ninja bill-pay.pr139.nxfe.aeroflow.ninja
login.nxfe.aeroflow.ninja
7 www.googletagmanager.com login.nxfe.aeroflow.ninja
www.googletagmanager.com
www.google-analytics.com
6 www.facebook.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
4 td.doubleclick.net www.googletagmanager.com
3 bat.bing.com bill-pay.pr139.nxfe.aeroflow.ninja
bat.bing.com
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 www.google.com www.googletagmanager.com
2 analytics.google.com www.googletagmanager.com
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 cdn.noibu.com login.nxfe.aeroflow.ninja
1 bill-pay.nxfe.aeroflow.ninja 1 redirects
104 15

This site contains links to these domains. Also see Links.

Domain
aeroflowhealth.com
Subject Issuer Validity Valid
bill-pay.pr139.nxfe.aeroflow.ninja
Amazon RSA 2048 M03		 2024-11-29 -
2025-12-29		 a year crt.sh
login.nxfe.aeroflow.ninja
Amazon RSA 2048 M03		 2024-10-21 -
2025-11-19		 a year crt.sh
cdn.noibu.com
Amazon RSA 2048 M02		 2024-03-08 -
2025-04-05		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
www.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-10 -
2024-12-09		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
*.googleadservices.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Frame ID: 6DD134E169F0685503C89169D63D71E7
Requests: 99 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Flogin.nxfe.aeroflow.ninja
Frame ID: 00CDE07B7AFA880B7EB2EBF3B73C73FB
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16494318374?random=1733146171559&cv=11&fst=1733146171559&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871838642za201zb71838642&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&ref=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&label=ZvymCPyauJwZEKamjbk9&hn=www.googleadservices.com&frm=0&tiba=Aeroflow%20Authentication%20Portal&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=643032623.1733146171&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Frame ID: 0F8CF1A73A874924B10217E52B30D115
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1027036248?random=1733146171640&cv=11&fst=1733146171640&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v899227141z871838642za201zb71838642&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&ref=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&hn=www.googleadservices.com&frm=0&tiba=Aeroflow%20Authentication%20Portal&npa=0&pscdl=noapi&auid=643032623.1733146171&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 6F90E8FD63CBBE7C0B376F6CBEF5B4C8
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-TNWFCRR7X6&gacid=76880478.1733146171&gtm=45je4bk0v9164377629za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=101509157~101925629~102067555~102067808~102077855~102081485&z=482885199
Frame ID: 45C19B9802E55A7EE77345B0F0348E6F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-3KTGX16CWX&gacid=76880478.1733146171&gtm=45je4bk0v899227879za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=146147065
Frame ID: 6E31F0B8CFEF5A7C7DE3169AE91EE23D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Aeroflow Authentication Portal

Page URL History Show full URLs

  1. https://bill-pay.pr139.nxfe.aeroflow.ninja/ Page URL
  2. https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in Page URL
  3. https://bill-pay.nxfe.aeroflow.ninja/api/auth/patient-auth?client_id=31sj6hifeqqt9mi797flijd0bi&scope=openid&resp... HTTP 307
    https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nx... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

104
Requests

99 %
HTTPS

0 %
IPv6

10
Domains

15
Subdomains

13
IPs

1
Countries

2519 kB
Transfer

5925 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bill-pay.pr139.nxfe.aeroflow.ninja/ Page URL
  2. https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in Page URL
  3. https://bill-pay.nxfe.aeroflow.ninja/api/auth/patient-auth?client_id=31sj6hifeqqt9mi797flijd0bi&scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth HTTP 307
    https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16494318374/?random=2045720852&cv=11&fst=1733146171559&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871838642za201zb71838642&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&ref=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&label=ZvymCPyauJwZEKamjbk9&hn=www.googleadservices.com&frm=0&tiba=Aeroflow%20Authentication%20Portal&value=0&npa=0&pscdl=noapi&auid=643032623.1733146171&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&eitems=ChAIgNK1ugYQjonxx4q7ustXEh0AsRp5qeOO166bKxSIKSHR_nmqD_rhcQ0QbqI8Jw&pscrd=IhMI8defz5iJigMV2xSICR2vxBx1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiJodHRwczovL2xvZ2luLm54ZmUuYWVyb2Zsb3cubmluamEvQldDaEVJZ05LMXVnWVFrLXkwaHRuczhZNldBUklzQU1kTVdTZVE4ak4zRG5qR29Reno2SVhhUnZvd3ZoSEpIYW1VZ25lMW5xYWR2OHlyWDdrQnRKTTdfRms HTTP 302
  • https://www.google.com/pagead/1p-conversion/16494318374/?random=2045720852&cv=11&fst=1733146171559&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871838642za201zb71838642&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&ref=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&label=ZvymCPyauJwZEKamjbk9&hn=www.googleadservices.com&frm=0&tiba=Aeroflow%20Authentication%20Portal&value=0&npa=0&pscdl=noapi&auid=643032623.1733146171&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI8defz5iJigMV2xSICR2vxBx1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiJodHRwczovL2xvZ2luLm54ZmUuYWVyb2Zsb3cubmluamEvQldDaEVJZ05LMXVnWVFrLXkwaHRuczhZNldBUklzQU1kTVdTZVE4ak4zRG5qR29Reno2SVhhUnZvd3ZoSEpIYW1VZ25lMW5xYWR2OHlyWDdrQnRKTTdfRms&is_vtc=1&cid=CAQSGwCa7L7dVddLoNj030qhnpVVJeP4pBLbsaKD8A&eitems=ChAIgNK1ugYQjonxx4q7ustXEh0AsRp5qWob-eJ6Pn8ZgdRy3D6geK3B6v2H5ydF_A&random=1569615466

104 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bill-pay.pr139.nxfe.aeroflow.ninja/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/ Next.js
Resource Hash
63e52b72f6a2f4f21ad079350fe6fb85715434709f644f9bbd1ffc738d22bce6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'none';
content-type
text/html; charset=utf-8
date
Mon, 02 Dec 2024 13:29:28 GMT
link
</_next/static/media/a34f9d1faa5f3315-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
x-amz-cf-id
0NBFZLv5JTnN7GfzqL-XihreC9RDe3X1woZHiEI5nNB_Crhfula7hw==
x-amz-cf-pop
IAD12-P5
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-powered-by
Next.js
a34f9d1faa5f3315-s.p.woff2
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/media/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/media/a34f9d1faa5f3315-s.p.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bill-pay.pr139.nxfe.aeroflow.ninja
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
etag
W/"bdac-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
48556
x-amz-cf-id
rSe6qWZ_ErW1Om2YUsXKikRqazZilmK55JkHHtrKJvJxY3peLPQrvA==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
font/woff2
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
x-amz-cf-pop
IAD12-P5
50caf59061b4dcd1.css
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/css/50caf59061b4dcd1.css
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
0d0f61cec92a75beb8d03dd246b79653e35fd20c216a572d7f18081d53d295ff
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"503e-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
5v-jtthE0eIzdvO4v8SBkrhvARTjNmdw4BYaROHaEsR6JwVHz6VrrQ==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
text/css; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
webpack-8f2af3edebb56d37.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/webpack-8f2af3edebb56d37.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
7cf2dd0506084f87f53a62f2362fdd66cd1d75d770eca336f0c72a8651241574
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"e92-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
XMSoN0L2FONvli82EdTvvyPwP_bLV2LI4Bsn9rNLEUNYi3J_6y8iFQ==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
a05c9e68-0035a59dc6bd2b03.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/ 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/a05c9e68-0035a59dc6bd2b03.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
be97ff7f8b070ae33721ff5e992b43493f7b05be4fcc77b0be339c4a0498f5df
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"2a31e-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
q2xc2czAtSbJNJF3x9FLsKhEIQTGxqO78KyIpMUuIfNdhOwHtzgMLQ==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
582-aa55efb016068b8c.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/ 		120 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/582-aa55efb016068b8c.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
4f4eafbb30fae97d4d24755e1c59671e82a68cc0aa0dde21842553bc0ec628cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"1e133-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
60vHReHFPyV9_ok--7OyxTAm0PC-GsAVpVQ87Pg5CpErB4TLA8Iicw==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
main-app-d9c81262d9150118.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/ 		460 B
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/main-app-d9c81262d9150118.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
ff1e11c411f67a3ab50b0995a1eaa9e1912ae0bd0e3abe6c69c9fb777fe4ac89
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
etag
W/"1cc-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
460
x-amz-cf-id
ao4TVE_wO_SnU5lHFnj19ykE62jqIq-NzxaxNspinS7JTadc9ZjSIQ==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
645-40dd160f84937a32.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/645-40dd160f84937a32.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
05561e72847055ceb096b2b3bcf0cb083c274726f1952f3d5bc09ba44f43b653
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"8ca4-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
QYCj3sZTMLLTngZTit1pQr7CHSIAgmeQvsotO0HkeXq5QyCJb41nKw==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
layout-0478c8f489179588.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/app/ 		649 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/app/layout-0478c8f489179588.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
3ac1cd1db4a6d589c07d83a776dc8883d28359ed148237bc3a5d135cabdb4db4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
etag
W/"289-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
649
x-amz-cf-id
Sz6UuDtfiLoJF-2sTAID8UgYt7jxWkA6kFjDn0BenbUJ9H0StW-niw==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
505-1a886cd8818dbe05.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/505-1a886cd8818dbe05.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
1cf00971efc660b694bf2eee4a84fb14b7e98dbb98dc665a84f0979ca04f985a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"4f70-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
-Jj_x9ABjEfR7SVPp_GO1Rj_YI3mSqhv0izo49DKoSnoJhvNrKpCdA==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
not-found-de51302697ef67c4.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/app/ 		430 B
910 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/app/not-found-de51302697ef67c4.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
44defd7af421b068743ed93d78b34e7cbc15638d558b7a8885c47a4d33f6e367
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
etag
W/"1ae-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
430
x-amz-cf-id
f-tS-mCcJ1jlzq8moFjrVj1Paco3hYS0a_dA_tGk5Nygt41-9AwBCg==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
a34f9d1faa5f3315-s.p.woff2
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/media/ 		47 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/media/a34f9d1faa5f3315-s.p.woff2
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/a05c9e68-0035a59dc6bd2b03.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bill-pay.pr139.nxfe.aeroflow.ninja
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
etag
W/"bdac-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
48556
x-amz-cf-id
rSe6qWZ_ErW1Om2YUsXKikRqazZilmK55JkHHtrKJvJxY3peLPQrvA==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
font/woff2
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
x-amz-cf-pop
IAD12-P5
session
bill-pay.pr139.nxfe.aeroflow.ninja/api/auth/ 		2 B
584 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/api/auth/session
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/645-40dd160f84937a32.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
K7-mjsuff6DJEMXZf_svYqFoym1z3mZ16kms_5dvG1WXXCZs2ag3Kg==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/json
x-amz-cf-pop
IAD12-P5
favicon.ico
bill-pay.pr139.nxfe.aeroflow.ninja/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
b2792c92c84ee737e9786dfc2f60363f79c03c98154257f81c53618ba82ac77e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=0, must-revalidate
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-nextjs-cache
HIT
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
image/x-icon
x-amz-cf-pop
IAD12-P5
x-amz-cf-id
1IMTUbvc-xrBMQSrXODcjp5Q7JhB2Q-JWazNG9krb9vFaCQw2PT4Ig==
sign-in
bill-pay.pr139.nxfe.aeroflow.ninja/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in?_rsc=1iwkq
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/582-aa55efb016068b8c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
e56149926c5b678074e72833962595ee0edee17019a86e6d194644b26da4b81f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

RSC
1
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/
Next-Url
/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2C%22%2F%22%2C%22refresh%22%5D%7D%2Cnull%2Cnull%2Ctrue%5D

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-id
A0zbPV4XAKtC_ROdk6XK7PAgI7kuVylROocY5u3SivCh8KtvHiT3jw==
content-security-policy
frame-ancestors 'none';
cache-control
s-maxage=31536000, stale-while-revalidate
content-encoding
gzip
etag
"ovl7u2k1wh2hm"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-nextjs-cache
HIT
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
text/x-component
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
533-8a1f89c12ec9aaab.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/533-8a1f89c12ec9aaab.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/webpack-8f2af3edebb56d37.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
430a7dad4ba3fa9841bd7db2db51d84ba6e527de931cb4c87b17d98c18cd240b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"3401-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
3FJ0up279jkLv98Iuyy6KV8F9PUOdrmaxuqrtEdj8yTfcwmgu3Rxxg==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
256-3042b9089a6d7bf0.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/256-3042b9089a6d7bf0.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/webpack-8f2af3edebb56d37.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
602ef17d69834d2ad115a638b5f22d69f5987686be27d7c8f8cf944b84dbeb99
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"7129-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
Hnpz-KOJkwwxdbMolB4Sp4p2zYY_Uddk41HDlm0y9mEWvcDIzF3vwQ==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
page-986315ba75cc0c3d.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/app/(auth)/sign-in/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/app/(auth)/sign-in/page-986315ba75cc0c3d.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/webpack-8f2af3edebb56d37.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
57106504c3466df6713ccfc2b2db384fb33011f2f2d9df8a7046b52d16fe4a38
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"1b38-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
Q2cczkYfeqqO2s_ibctF_XUAiyRi04QdsEZ_J349PTpvrBKjFHqgSw==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
layout-651467e1b6ec9c62.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/app/(auth)/ 		215 B
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/app/(auth)/layout-651467e1b6ec9c62.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/webpack-8f2af3edebb56d37.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
80c70d96d537b6f93e74a146ba37235f21e74148743b1b9bbd50f4a49ae4c9c1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
etag
W/"d7-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
215
x-amz-cf-id
k8RTm543CiJOaaFbpXOm0xof0zq7zGGn2ZuaKyoVw-YGCp1CSMC51g==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
sign-in
bill-pay.pr139.nxfe.aeroflow.ninja/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/582-aa55efb016068b8c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/ Next.js
Resource Hash
e8eb4d51a3244e3720af5c30aea7f9ebb29804d9e58e1847bb2c58f3977cadcf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
s-maxage=31536000, stale-while-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'none';
content-type
text/html; charset=utf-8
date
Mon, 02 Dec 2024 13:29:29 GMT
etag
"e81dqd01k24tz"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
x-amz-cf-id
GFqL5R4mYr5swYtCU3oXiXuYx0W8_PMPs8lKt0vqJjJIa79GTvlSqg==
x-amz-cf-pop
IAD12-P5
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-nextjs-cache
HIT
x-powered-by
Next.js
a34f9d1faa5f3315-s.p.woff2
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/media/ 		47 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/media/a34f9d1faa5f3315-s.p.woff2
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bill-pay.pr139.nxfe.aeroflow.ninja
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
etag
W/"bdac-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
48556
x-amz-cf-id
rSe6qWZ_ErW1Om2YUsXKikRqazZilmK55JkHHtrKJvJxY3peLPQrvA==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
font/woff2
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
x-amz-cf-pop
IAD12-P5
50caf59061b4dcd1.css
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/css/ 		20 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/css/50caf59061b4dcd1.css
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
0d0f61cec92a75beb8d03dd246b79653e35fd20c216a572d7f18081d53d295ff
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"503e-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
5v-jtthE0eIzdvO4v8SBkrhvARTjNmdw4BYaROHaEsR6JwVHz6VrrQ==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
text/css; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
webpack-8f2af3edebb56d37.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/ 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/webpack-8f2af3edebb56d37.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
7cf2dd0506084f87f53a62f2362fdd66cd1d75d770eca336f0c72a8651241574
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"e92-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
XMSoN0L2FONvli82EdTvvyPwP_bLV2LI4Bsn9rNLEUNYi3J_6y8iFQ==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
a05c9e68-0035a59dc6bd2b03.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/ 		169 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/a05c9e68-0035a59dc6bd2b03.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
be97ff7f8b070ae33721ff5e992b43493f7b05be4fcc77b0be339c4a0498f5df
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"2a31e-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
q2xc2czAtSbJNJF3x9FLsKhEIQTGxqO78KyIpMUuIfNdhOwHtzgMLQ==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
582-aa55efb016068b8c.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/ 		120 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/582-aa55efb016068b8c.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
4f4eafbb30fae97d4d24755e1c59671e82a68cc0aa0dde21842553bc0ec628cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"1e133-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
60vHReHFPyV9_ok--7OyxTAm0PC-GsAVpVQ87Pg5CpErB4TLA8Iicw==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
main-app-d9c81262d9150118.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/ 		460 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/main-app-d9c81262d9150118.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
ff1e11c411f67a3ab50b0995a1eaa9e1912ae0bd0e3abe6c69c9fb777fe4ac89
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
etag
W/"1cc-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
460
x-amz-cf-id
ao4TVE_wO_SnU5lHFnj19ykE62jqIq-NzxaxNspinS7JTadc9ZjSIQ==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
533-8a1f89c12ec9aaab.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/ 		13 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/533-8a1f89c12ec9aaab.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
430a7dad4ba3fa9841bd7db2db51d84ba6e527de931cb4c87b17d98c18cd240b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"3401-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
3FJ0up279jkLv98Iuyy6KV8F9PUOdrmaxuqrtEdj8yTfcwmgu3Rxxg==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
645-40dd160f84937a32.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/ 		35 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/645-40dd160f84937a32.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
05561e72847055ceb096b2b3bcf0cb083c274726f1952f3d5bc09ba44f43b653
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"8ca4-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
QYCj3sZTMLLTngZTit1pQr7CHSIAgmeQvsotO0HkeXq5QyCJb41nKw==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
256-3042b9089a6d7bf0.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/ 		28 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/256-3042b9089a6d7bf0.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
602ef17d69834d2ad115a638b5f22d69f5987686be27d7c8f8cf944b84dbeb99
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"7129-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
Hnpz-KOJkwwxdbMolB4Sp4p2zYY_Uddk41HDlm0y9mEWvcDIzF3vwQ==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
page-986315ba75cc0c3d.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/app/(auth)/sign-in/ 		7 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/app/(auth)/sign-in/page-986315ba75cc0c3d.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
57106504c3466df6713ccfc2b2db384fb33011f2f2d9df8a7046b52d16fe4a38
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"1b38-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
Q2cczkYfeqqO2s_ibctF_XUAiyRi04QdsEZ_J349PTpvrBKjFHqgSw==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
layout-651467e1b6ec9c62.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/app/(auth)/ 		215 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/app/(auth)/layout-651467e1b6ec9c62.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
80c70d96d537b6f93e74a146ba37235f21e74148743b1b9bbd50f4a49ae4c9c1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
etag
W/"d7-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
215
x-amz-cf-id
k8RTm543CiJOaaFbpXOm0xof0zq7zGGn2ZuaKyoVw-YGCp1CSMC51g==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
layout-0478c8f489179588.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/app/ 		649 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/app/layout-0478c8f489179588.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
3ac1cd1db4a6d589c07d83a776dc8883d28359ed148237bc3a5d135cabdb4db4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
etag
W/"289-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
649
x-amz-cf-id
Sz6UuDtfiLoJF-2sTAID8UgYt7jxWkA6kFjDn0BenbUJ9H0StW-niw==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
505-1a886cd8818dbe05.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/ 		20 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/505-1a886cd8818dbe05.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
1cf00971efc660b694bf2eee4a84fb14b7e98dbb98dc665a84f0979ca04f985a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"4f70-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
-Jj_x9ABjEfR7SVPp_GO1Rj_YI3mSqhv0izo49DKoSnoJhvNrKpCdA==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
not-found-de51302697ef67c4.js
bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/app/ 		430 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/app/not-found-de51302697ef67c4.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
44defd7af421b068743ed93d78b34e7cbc15638d558b7a8885c47a4d33f6e367
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
etag
W/"1ae-193765911a8"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
430
x-amz-cf-id
f-tS-mCcJ1jlzq8moFjrVj1Paco3hYS0a_dA_tGk5Nygt41-9AwBCg==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 29 Nov 2024 05:16:09 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
session
bill-pay.pr139.nxfe.aeroflow.ninja/api/auth/ 		2 B
337 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/api/auth/session
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/645-40dd160f84937a32.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
3urSJyqyCwCNNULrgWaz2gkNG9xv9jzREHPyUAilqMgF9itQADu_vw==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/json
x-amz-cf-pop
IAD12-P5
aeroflow_health_logo.svg
bill-pay.pr139.nxfe.aeroflow.ninja/images/ 		524 KB
389 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/images/aeroflow_health_logo.svg
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
5202f3ee40866f8af3a2b60c977d43173bc8889bbb654ff5fe94157929b563e9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=0
content-encoding
gzip
etag
W/"82e09-1937659aa00"
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
vy6ocICI5LyoCQysPeM5YbBnX4W2B7KYrlsN-ub-dKh8gjzgucoBUQ==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
image/svg+xml
last-modified
Fri, 29 Nov 2024 05:16:48 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P5
favicon.ico
bill-pay.pr139.nxfe.aeroflow.ninja/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
b2792c92c84ee737e9786dfc2f60363f79c03c98154257f81c53618ba82ac77e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=0, must-revalidate
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-nextjs-cache
HIT
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
image/x-icon
x-amz-cf-pop
IAD12-P5
x-amz-cf-id
7CtGt-oCyqKsDtk1E8OCjZ7qQtTQj0SMpQ21SrPo4Ww41agelcFPTg==
providers
bill-pay.pr139.nxfe.aeroflow.ninja/api/auth/ 		509 B
843 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/api/auth/providers
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/645-40dd160f84937a32.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
9da695a90debb83ab4b53a7eab5bad5be90f8629af0f8e07f2c2f8425e4007f4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
9DBOdG3gaj4lLuGR1B_UNQ7NNaAU-EtawA39AGzP-QV1wSTCbxCiqw==
date
Mon, 02 Dec 2024 13:29:29 GMT
content-type
application/json
x-amz-cf-pop
IAD12-P5
csrf
bill-pay.pr139.nxfe.aeroflow.ninja/api/auth/ 		80 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/api/auth/csrf
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/645-40dd160f84937a32.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
002dfc2f1efd2cee1ccd2a85e516e911abf15821934308d2b9c64d59c3859a19
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
OefpzYp-PmD3_L99HHPegVHJXUGDyWk-bSA122UTJ3yWRtzLCWgIgw==
date
Mon, 02 Dec 2024 13:29:30 GMT
content-type
application/json
x-amz-cf-pop
IAD12-P5
patient-auth
bill-pay.pr139.nxfe.aeroflow.ninja/api/auth/signin/ 		232 B
609 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bill-pay.pr139.nxfe.aeroflow.ninja/api/auth/signin/patient-auth
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/645-40dd160f84937a32.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.100.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-100-28.iad12.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/sign-in

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
via
1.1 41455bc9d31b600534a938eb92ece0a4.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
Jl8idmSt9rt1KcOXWtodX9aN3MkkXcFhFY52bFo63fe--rCkH3gQBw==
date
Mon, 02 Dec 2024 13:29:30 GMT
content-type
application/json
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-amz-cf-pop
IAD12-P5
Primary Request /
login.nxfe.aeroflow.ninja/
Redirect Chain
  • https://bill-pay.nxfe.aeroflow.ninja/api/auth/patient-auth?client_id=31sj6hifeqqt9mi797flijd0bi&scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%...
  • https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/_next/static/chunks/645-40dd160f84937a32.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/ Next.js
Resource Hash
33bc695ff7b2cb8faa929b0fe9be02aa269e92909f8277fbcaf2f002a5bb852e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bill-pay.pr139.nxfe.aeroflow.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
s-maxage=420, stale-while-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'none';
content-type
text/html; charset=utf-8
date
Mon, 02 Dec 2024 13:29:30 GMT
etag
"i7l3zg9tqh7lo"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
x-amz-cf-id
XtLrR1fmYipgWYitQD_ICSfpos7Q9C35x1WfuBTy4cAe_7-rl1Urgg==
x-amz-cf-pop
IAD12-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-nextjs-cache
STALE
x-powered-by
Next.js

Redirect headers

content-security-policy
frame-ancestors 'none';
date
Mon, 02 Dec 2024 13:29:30 GMT
location
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 fe187ea749e98273cf22180445286f22.cloudfront.net (CloudFront)
x-amz-cf-id
5eAugXzXzXVA4emdnghGKtOBYlUKqgEu7FZs5aquRIyTV0GWVjlM9A==
x-amz-cf-pop
IAD55-P8
x-cache
Miss from cloudfront
x-content-type-options
nosniff
0c14d9891c46bf52-s.p.woff2
login.nxfe.aeroflow.ninja/_next/static/media/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/media/0c14d9891c46bf52-s.p.woff2
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
0d7d9e78792070b7bd2018f9a742437ef8ad87a4d1b4acf2aba0e42e04811cea
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://login.nxfe.aeroflow.ninja
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
etag
W/"5248-1922ec7ad78"
age
5096561
x-content-type-options
nosniff
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
21064
x-amz-cf-id
qGYYkpqH1FViDWQjhlDuXqtfTrX5EcZ2mHQfS--tcmFg3bdHWeA46w==
date
Fri, 04 Oct 2024 13:46:49 GMT
content-type
font/woff2
last-modified
Thu, 26 Sep 2024 14:41:31 GMT
x-amz-cf-pop
IAD12-P2
21ed5661b47f7f6d-s.p.woff2
login.nxfe.aeroflow.ninja/_next/static/media/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/media/21ed5661b47f7f6d-s.p.woff2
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
dd1d87a3e43058c21090e00341b2ccce34653e9ca3e67c33e4ad7ac9ab6bc883
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://login.nxfe.aeroflow.ninja
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
etag
W/"9914-1922ec7ad78"
age
5096561
x-content-type-options
nosniff
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
39188
x-amz-cf-id
e4W1db-aujwYFbtP2EH8IHON0-raO9s4SzH3OovFHKZKIbAF4c49dw==
date
Fri, 04 Oct 2024 13:46:49 GMT
content-type
font/woff2
last-modified
Thu, 26 Sep 2024 14:41:31 GMT
x-amz-cf-pop
IAD12-P2
75d48862b1c48d49-s.p.woff2
login.nxfe.aeroflow.ninja/_next/static/media/ 		48 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/media/75d48862b1c48d49-s.p.woff2
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
c642a43ff8e9e4ed068b6ef2722c313592191b914069968696608765b5e6719e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://login.nxfe.aeroflow.ninja
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
etag
W/"c0c0-1922ec7ad78"
age
5096561
x-content-type-options
nosniff
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
49344
x-amz-cf-id
gSosroxBnKJIqelacrLn0Wk_aSXjesLhx_CzqUymDatmYJ8V0rvuKg==
date
Fri, 04 Oct 2024 13:46:49 GMT
content-type
font/woff2
last-modified
Thu, 26 Sep 2024 14:41:31 GMT
x-amz-cf-pop
IAD12-P2
a34f9d1faa5f3315-s.p.woff2
login.nxfe.aeroflow.ninja/_next/static/media/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/media/a34f9d1faa5f3315-s.p.woff2
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://login.nxfe.aeroflow.ninja
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
etag
W/"bdac-1922ec7ad78"
age
5096561
x-content-type-options
nosniff
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
48556
x-amz-cf-id
5sRuiSAv-Hhw-B9GtfE7eNCAirDu6gF0z5QzCJXLSlmGBcUODEg5bw==
date
Fri, 04 Oct 2024 13:46:49 GMT
content-type
font/woff2
last-modified
Thu, 26 Sep 2024 14:41:31 GMT
x-amz-cf-pop
IAD12-P2
b401dd1bd978357e-s.p.woff2
login.nxfe.aeroflow.ninja/_next/static/media/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/media/b401dd1bd978357e-s.p.woff2
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
4f5343ea2af5e0d0b19691f7317c1e981c53583be7f571ce0af4049c6059adf5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://login.nxfe.aeroflow.ninja
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
etag
W/"2ebc-1922ec7ad78"
age
5096561
x-content-type-options
nosniff
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
11964
x-amz-cf-id
URHSxPOATZi_NAgBoGT4b4ffEp-1n6O5kYbTMBil2Xc-KG7ae4V4cQ==
date
Fri, 04 Oct 2024 13:46:49 GMT
content-type
font/woff2
last-modified
Thu, 26 Sep 2024 14:41:31 GMT
x-amz-cf-pop
IAD12-P2
503781ffa51e299d.css
login.nxfe.aeroflow.ninja/_next/static/css/ 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/css/503781ffa51e299d.css
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
3fd5d6b2090c1f06883bb0e050ab44e9122bf43303ca6e71b9b251b67dfa96e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

content-encoding
gzip
etag
W/"732e-19363bfea30"
age
596776
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
GgM7J52sLYr3p5Q5Y802IjBn-UNmou5FfMNh8F4qLtDjMJNLwBMj-g==
date
Mon, 25 Nov 2024 15:43:14 GMT
content-type
text/css; charset=UTF-8
last-modified
Mon, 25 Nov 2024 14:35:42 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-pop
IAD12-P2
webpack-a6cc19cfc41a2ec9.js
login.nxfe.aeroflow.ninja/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/chunks/webpack-a6cc19cfc41a2ec9.js
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
08eb4f88b347af75fecfe02740d45d18d08678b1b615f24ef035475cb57f5405
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

content-encoding
gzip
etag
W/"fe5-19363bfea30"
age
596776
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
f_mWhrIAmZtLEsV2jjDiZ97gJVjz66XOuRGFIDIKW2QO7j4T_AEUTg==
date
Mon, 25 Nov 2024 15:43:14 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 25 Nov 2024 14:35:42 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-pop
IAD12-P2
60d0dc6e-27034be67428ddb9.js
login.nxfe.aeroflow.ninja/_next/static/chunks/ 		118 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/chunks/60d0dc6e-27034be67428ddb9.js
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
83a4369b7e9c4738e221cc7931a7b4dbd6f6c52f0f6309927245ab7512da83ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

content-encoding
gzip
etag
W/"1d695-193273f2530"
age
1583298
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
7Vm8eJ181vuQ7Nt0WRwNPpog-VGo801m8ZFWaq7e3JjOo9NP0ztAvg==
date
Thu, 14 Nov 2024 05:41:12 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 13 Nov 2024 20:37:50 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-pop
IAD12-P2
969bca6b-d06f24099e9b1d78.js
login.nxfe.aeroflow.ninja/_next/static/chunks/ 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/chunks/969bca6b-d06f24099e9b1d78.js
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
927703cfca94086c97fc8ef23601da3cd5d3dab17340ebe0782c86fd216d190c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

content-encoding
gzip
etag
W/"2a475-193273f2530"
age
1583298
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
JJZ_lkr8sQeU488GM5TaRt-8uz4FnslPGa9sMOZQviRKHLiDpbK2Vw==
date
Thu, 14 Nov 2024 05:41:12 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 13 Nov 2024 20:37:50 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-pop
IAD12-P2
289-1904d5101116d73e.js
login.nxfe.aeroflow.ninja/_next/static/chunks/ 		317 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/chunks/289-1904d5101116d73e.js
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
cca8b076508197cd2a1250cd6a54f106015afa9e59c2fad10093502dcc65505b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

content-encoding
gzip
etag
W/"4f4d5-19363bfea30"
age
596776
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
4wby2u6nf9xwzszSTQkLXdQFLg3CetGk5B8bBdqVxQcarhegr8YDTw==
date
Mon, 25 Nov 2024 15:43:14 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 25 Nov 2024 14:35:42 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-pop
IAD12-P2
main-app-0c94898b2f9819bb.js
login.nxfe.aeroflow.ninja/_next/static/chunks/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/chunks/main-app-0c94898b2f9819bb.js
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
d0e939ab72e6b8fa40d9a84911352582894b3c64912699e8a3ac01a062b6651b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

content-encoding
gzip
etag
W/"4d6-1936a257520"
age
492529
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
OC80HQgr_ninLwBxFA6utRM4eR_vDKN2sGnY48Sm7VQniFUSaYBjaA==
date
Tue, 26 Nov 2024 20:40:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 26 Nov 2024 20:24:20 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-pop
IAD12-P2
layout-13478dc3edd3b191.js
login.nxfe.aeroflow.ninja/_next/static/chunks/app/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/chunks/app/layout-13478dc3edd3b191.js
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
e47d762443f6a665319387639dcc9127616041310d52c3252a468da66e402a0d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

content-encoding
gzip
etag
W/"26bf-19363bfea30"
age
596776
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
ZAiRTxt8cNZKkL2Nz_Zte85M90KHAqrRwG5wwlg4OI9hzcT4OvTbcw==
date
Mon, 25 Nov 2024 15:43:14 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 25 Nov 2024 14:35:42 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-pop
IAD12-P2
564-66fc4281007a9651.js
login.nxfe.aeroflow.ninja/_next/static/chunks/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/chunks/564-66fc4281007a9651.js
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
8a8816de17875bad1a32517bbffbe870955fdf16643a6f23c189a44d2a881727
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

content-encoding
gzip
etag
W/"3804-193273f2530"
age
1583298
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
IzkkSmDC00WUdZZUDPSJ4yHuGwEky2ssjsr6N5opuqFKX1bXxmXG9w==
date
Thu, 14 Nov 2024 05:41:12 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 13 Nov 2024 20:37:50 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-pop
IAD12-P2
812-e4bf0dabce2ee8e9.js
login.nxfe.aeroflow.ninja/_next/static/chunks/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/chunks/812-e4bf0dabce2ee8e9.js
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
27fcd5c3bd83691968c79581f8068b530b936dfb6f64ce6a1c3cd02dcc3ff49e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

content-encoding
gzip
etag
W/"31b0-1936a257520"
age
492529
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
8AzWtV5yZZEsLf1H6cp0hrBTbZ4zKX00BU7ypC1_KzCfPIRvhfKNhA==
date
Tue, 26 Nov 2024 20:40:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 26 Nov 2024 20:24:20 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-pop
IAD12-P2
page-2533c2bffcf2d69e.js
login.nxfe.aeroflow.ninja/_next/static/chunks/app/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/chunks/app/page-2533c2bffcf2d69e.js
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
c08b2fbab10a9e510ec662973f83033c71e1260d1c3b754689d9a59bbd76b064
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

content-encoding
gzip
etag
W/"330f-19363bfea30"
age
596776
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
kqUO1ZN8liWAxXy4S3wBhOgpoxoAwLrkl7-iLkPuB7k7JE-nnrSArg==
date
Mon, 25 Nov 2024 15:43:14 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 25 Nov 2024 14:35:42 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-pop
IAD12-P2
loading-0a4c852d25aaaad0.js
login.nxfe.aeroflow.ninja/_next/static/chunks/app/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/chunks/app/loading-0a4c852d25aaaad0.js
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
8a7844cdaf6e0321a11f8a9c42bdf1349041de2853b9a4735fc25c58a2415e2c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

content-encoding
gzip
etag
W/"527-19363bfea30"
age
596776
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
CyDXJxeZp7Nq29C2DBYU2HriGIdZPuXKIuPt-wLp7qT9OgU6_cD-rQ==
date
Mon, 25 Nov 2024 15:43:14 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 25 Nov 2024 14:35:42 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-pop
IAD12-P2
global-error-dff64cfe12dee5d1.js
login.nxfe.aeroflow.ninja/_next/static/chunks/app/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/chunks/app/global-error-dff64cfe12dee5d1.js
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
a266c449db026b67602a22ee896053eb537f4c2bb46f0b8ddac3e474a1262e74
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

content-encoding
gzip
etag
W/"1992-19363bfea30"
age
596776
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
q2NNpt4CbOmodFX8SfcbZQ9rTN8fz6r5z4BdyYuT-Trysc2eI8oU1Q==
date
Mon, 25 Nov 2024 15:43:14 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 25 Nov 2024 14:35:42 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-pop
IAD12-P2
69638cbb40164c43.css
login.nxfe.aeroflow.ninja/_next/static/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/_next/static/css/69638cbb40164c43.css
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
77addcdf899d918c9506a0affd0cc3677d165971fc0a883f92e14a0dc8f27178
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

content-encoding
gzip
etag
W/"945-1922ec7ad78"
age
5096561
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
rcpb0i2alaaKiQVG5LrymSjFs6TJL8kzJnB5YIUo4yGeYbWIiJQDcQ==
date
Fri, 04 Oct 2024 13:46:49 GMT
content-type
text/css; charset=UTF-8
last-modified
Thu, 26 Sep 2024 14:41:31 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=31536000, immutable
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-pop
IAD12-P2
collect-core.js
cdn.noibu.com/ 		94 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.noibu.com/collect-core.js
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.112.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-112-125.iad55.r.cloudfront.net
Software
CloudFront /
Resource Hash
cd13d9547c28490cb80f8d345b939267affe0e5d1e30f048bf5f84ecf5ea2a37

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

cache-control
max-age=1800
content-encoding
gzip
via
1.1 68a9f2dcbbd436308ba855514c015cf2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
100
x-amz-cf-id
YFERg0J-QQsjeDWh2uAOkBPw3b0_Ld-eS4K1iN5DTmfK7gqIlD67lA==
date
Mon, 02 Dec 2024 13:29:30 GMT
content-type
application/javascript
x-amz-cf-pop
IAD55-P8
server
CloudFront
gtm.js
www.googletagmanager.com/ 		373 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQRPCZ
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
303ba11be581a0333156a2d211fee17a6e82db92dae08ae7bc6e1b1748afba36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 02 Dec 2024 13:29:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 13:29:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
122984
x-xss-protection
0
server
Google Tag Manager
favicon.ico
login.nxfe.aeroflow.ninja/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
b2792c92c84ee737e9786dfc2f60363f79c03c98154257f81c53618ba82ac77e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=0, must-revalidate
x-content-type-options
nosniff
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-nextjs-cache
HIT
date
Mon, 02 Dec 2024 13:29:30 GMT
content-type
image/x-icon
x-amz-cf-pop
IAD12-P2
x-amz-cf-id
Gw8tz4gaNi_T-pW07tL7nDL7fgy6sv1I3F9HwQMRsQC5gXpU-dezsQ==
aeroflow_health.svg
login.nxfe.aeroflow.ninja/branding/ 		527 KB
391 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.nxfe.aeroflow.ninja/branding/aeroflow_health.svg
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/_next/static/chunks/969bca6b-d06f24099e9b1d78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
d0776374097a5a6a22f01eb59b5a153a18440394972e67a4c097785446d5cd91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=0
content-encoding
gzip
etag
W/"83ae3-1936a264428"
x-content-type-options
nosniff
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
XWclcnNrfLIrw_qN0pG8plxpxmt_cz9HlEU4gP3r4lS8BSnnznoIag==
date
Mon, 02 Dec 2024 13:29:30 GMT
content-type
image/svg+xml
last-modified
Tue, 26 Nov 2024 20:25:13 GMT
vary
Accept-Encoding
x-amz-cf-pop
IAD12-P2
/
login.nxfe.aeroflow.ninja/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/_next/static/chunks/289-1904d5101116d73e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/ Next.js
Resource Hash
230986dd65816389d11112dc3123bce472e3448be73c6c7608f5b85db5e8e271
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Next-Action
46b42a372dbaf79740a9dc027c6de6af34d16ad3
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
text/x-component
Content-Type
text/plain;charset=UTF-8
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22fbclid%5C%22%3A%5C%22IwZXh0bgNhZW0CMTEAAR0I1kCIPqBN3DhOhPz7cFj2IBH5AWAs9ggCliqkwXAvkqftXMg-b1Q_AtI_aem_HdQbAfWtdHka8QwSs1vVaA%5C%22%7D%22%2C%7B%7D%2C%22%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth%22%2C%22refresh%22%5D%7D%2Cnull%2Cnull%2Ctrue%5D

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-id
4RDVoIiXj22dwnJfMo1QGoz9VXmeBjpKmNY3SYzsgpU1U4Pj8p2_9A==
content-security-policy
frame-ancestors 'none';
cache-control
s-maxage=1, stale-while-revalidate
x-action-revalidated
[[],0,1]
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-nextjs-cache
HIT
date
Mon, 02 Dec 2024 13:29:31 GMT
content-type
text/x-component
x-powered-by
Next.js
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-amz-cf-pop
IAD12-P2
image
login.nxfe.aeroflow.ninja/_next/ 		239 KB
239 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.nxfe.aeroflow.ninja/_next/image?url=%2Fbranding%2Fhealth-loading-swirl.gif&w=96&q=75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/
Resource Hash
ee1b494b72710bfba54b5b3028b291aef61d877f6994e7b4b9815e52c5f9d99d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-id
zMt1fxBbCtBManOnifBsokkSzsVKekRpebQK4Hlj4meE7N9o9MNekw==
content-security-policy
frame-ancestors 'none';
cache-control
public, max-age=0, must-revalidate
etag
7htJS3JxC-ulS1swKLKRrvYdh39plOe0uYFeUsX52Z0=
x-content-type-options
nosniff
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
244257
x-nextjs-cache
STALE
date
Mon, 02 Dec 2024 13:29:30 GMT
content-type
image/gif
content-disposition
inline; filename="health-loading-swirl.gif"
x-amz-cf-pop
IAD12-P2
/
login.nxfe.aeroflow.ninja/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
Requested by
Host: login.nxfe.aeroflow.ninja
URL: https://login.nxfe.aeroflow.ninja/_next/static/chunks/289-1904d5101116d73e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-123.iad12.r.cloudfront.net
Software
/ Next.js
Resource Hash
230986dd65816389d11112dc3123bce472e3448be73c6c7608f5b85db5e8e271
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Next-Action
46b42a372dbaf79740a9dc027c6de6af34d16ad3
Referer
https://login.nxfe.aeroflow.ninja/?client_id=31sj6hifeqqt9mi797flijd0bi&redirect_uri=https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
text/x-component
Content-Type
text/plain;charset=UTF-8
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22client_id%5C%22%3A%5C%2231sj6hifeqqt9mi797flijd0bi%5C%22%2C%5C%22redirect_uri%5C%22%3A%5C%22https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja%2Fapi%2Fauth%2Fcallback%2Fpatient-auth%5C%22%7D%22%2C%7B%7D%2C%22%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth%22%2C%22refresh%22%5D%7D%2Cnull%2Cnull%2Ctrue%5D

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-id
Ql-WvrxaHf7mEruC4iy03JeT9R_R_BXrMXr5J8K5L_X5jO2fn7rvJw==
content-security-policy
frame-ancestors 'none';
cache-control
s-maxage=1, stale-while-revalidate
x-action-revalidated
[[],0,1]
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-nextjs-cache
HIT
date
Mon, 02 Dec 2024 13:29:31 GMT
content-type
text/x-component
x-powered-by
Next.js
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-amz-cf-pop
IAD12-P2
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dr=bill-pay.pr139.nxfe.aeroflow.ninja&dl=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1475095173.1733146171&auid=643032623.1733146171&npa=0&gtm=45He4bk0v71838642za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1733146171348&tfd=1204&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQRPCZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.104 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers
js
www.googletagmanager.com/gtag/ 		332 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2B5MZ6GH7Z&l=dataLayer&cx=c&gtm=45He4bk0v71838642za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQRPCZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
9ede3015649605c8be6c35751bd700a2444a59a88addd17c481414cd034df1a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 13:29:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 13:29:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
111923
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQRPCZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

content-encoding
gzip
age
6562
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 13:40:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 11:40:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
destination
www.googletagmanager.com/gtag/ 		439 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-1027036248&l=dataLayer&cx=c&gtm=45He4bk0v71838642za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQRPCZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
826f87912f7167502ebcc521ab5321e00d2994fa59688b604fde07098c3972e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Mon, 02 Dec 2024 13:29:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 13:29:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
140413
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		239 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQRPCZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-AbNRuz2a' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 13:29:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-AbNRuz2a' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=13, mss=1392, tbw=2901, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
3Juf63qqWbS3NZllsW3z0nJEzaiDITWPHTW0BoT0NwzM2kGcfYbRiCKh4jOYtTjHbbbZ16KTOXym15jmnoj7yw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
destination
www.googletagmanager.com/gtag/ 		285 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-16494318374&l=dataLayer&cx=c&gtm=45He4bk0v71838642za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQRPCZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
845e7a1d2f15515fd3eea69bcecc3eb213c00d70766b8dceb0d55bb6d33c4073
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Mon, 02 Dec 2024 13:29:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 13:29:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100401
x-xss-protection
0
server
Google Tag Manager
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: bill-pay.pr139.nxfe.aeroflow.ninja
URL: https://bill-pay.pr139.nxfe.aeroflow.ninja/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 313A166436914DE4B6F3287A7B793F15 Ref B: PHL30EDGE0108 Ref C: 2024-12-02T13:29:31Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Mon, 02 Dec 2024 13:29:31 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 00CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Flogin.nxfe.aeroflow.ninja
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQRPCZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f97.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 13:29:31 GMT
expires
Tue, 02 Dec 2025 13:29:31 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2B5MZ6GH7Z&gtm=45je4bk0v9123014018z871838642za200zb71838642&_p=1733146170733&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=76880478.1733146171&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733146171&sct=1&seg=0&dl=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&dr=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&dt=Aeroflow%20Authentication%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1366
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2B5MZ6GH7Z&l=dataLayer&cx=c&gtm=45He4bk0v71838642za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f138.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://login.nxfe.aeroflow.ninja
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 13:29:31 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2B5MZ6GH7Z&gtm=45je4bk0v9123014018za200zb71838642&_p=1733146170733&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=76880478.1733146171&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1733146171&sct=1&seg=0&dl=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&dr=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&dt=Aeroflow%20Authentication%20Portal&en=scroll&epn.percent_scrolled=90&_et=14&tfd=1392
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2B5MZ6GH7Z&l=dataLayer&cx=c&gtm=45He4bk0v71838642za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f138.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://login.nxfe.aeroflow.ninja
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 13:29:31 GMT
content-type
text/plain
server
Golfe2
/
www.googleadservices.com/pagead/conversion/16494318374/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/16494318374/?random=1733146171559&cv=11&fst=1733146171559&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871838642za201zb71838642&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&ref=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&label=ZvymCPyauJwZEKamjbk9&hn=www.googleadservices.com&frm=0&tiba=Aeroflow%20Authentication%20Portal&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=643032623.1733146171&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-16494318374&l=dataLayer&cx=c&gtm=45He4bk0v71838642za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
7c95dd9d7787c85539fc1c3c22b53737d3e55af8140f4900346f9d68cf5c367a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2790
date
Mon, 02 Dec 2024 13:29:31 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16494318374
td.doubleclick.net/td/rul/ Frame 0F8C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/16494318374?random=1733146171559&cv=11&fst=1733146171559&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871838642za201zb71838642&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&ref=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&label=ZvymCPyauJwZEKamjbk9&hn=www.googleadservices.com&frm=0&tiba=Aeroflow%20Authentication%20Portal&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=643032623.1733146171&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-16494318374&l=dataLayer&cx=c&gtm=45He4bk0v71838642za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.nxfe.aeroflow.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 13:29:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1027036248/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1027036248/?random=1733146171640&cv=11&fst=1733146171640&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v899227141z871838642za201zb71838642&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&ref=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&hn=www.googleadservices.com&frm=0&tiba=Aeroflow%20Authentication%20Portal&npa=0&pscdl=noapi&auid=643032623.1733146171&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1027036248&l=dataLayer&cx=c&gtm=45He4bk0v71838642za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
88267dff963c3640d74aaa2d8926cf2a4478b1f02dd9849753d585404b17b63a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2422
date
Mon, 02 Dec 2024 13:29:32 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
1027036248
td.doubleclick.net/td/rul/ Frame 6F90 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/1027036248?random=1733146171640&cv=11&fst=1733146171640&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v899227141z871838642za201zb71838642&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&ref=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&hn=www.googleadservices.com&frm=0&tiba=Aeroflow%20Authentication%20Portal&npa=0&pscdl=noapi&auid=643032623.1733146171&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1027036248&l=dataLayer&cx=c&gtm=45He4bk0v71838642za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.nxfe.aeroflow.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
1431
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 13:29:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-conversion/16494318374/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16494318374/?random=2045720852&cv=11&fst=1733146171559&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871838642za201zb71838642&gcd=13l3l3l3l...
  • https://www.google.com/pagead/1p-conversion/16494318374/?random=2045720852&cv=11&fst=1733146171559&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871838642za201zb71838642&gcd=13l3l3l3l1l1&dma=0&tag_exp=101...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/16494318374/?random=2045720852&cv=11&fst=1733146171559&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871838642za201zb71838642&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&ref=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&label=ZvymCPyauJwZEKamjbk9&hn=www.googleadservices.com&frm=0&tiba=Aeroflow%20Authentication%20Portal&value=0&npa=0&pscdl=noapi&auid=643032623.1733146171&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI8defz5iJigMV2xSICR2vxBx1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiJodHRwczovL2xvZ2luLm54ZmUuYWVyb2Zsb3cubmluamEvQldDaEVJZ05LMXVnWVFrLXkwaHRuczhZNldBUklzQU1kTVdTZVE4ak4zRG5qR29Reno2SVhhUnZvd3ZoSEpIYW1VZ25lMW5xYWR2OHlyWDdrQnRKTTdfRms&is_vtc=1&cid=CAQSGwCa7L7dVddLoNj030qhnpVVJeP4pBLbsaKD8A&eitems=ChAIgNK1ugYQjonxx4q7ustXEh0AsRp5qWob-eJ6Pn8ZgdRy3D6geK3B6v2H5ydF_A&random=1569615466
Protocol
H2
Server
142.251.167.104 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 02 Dec 2024 13:29:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/pagead/1p-conversion/16494318374/?random=2045720852&cv=11&fst=1733146171559&bg=ffffff&guid=ON&async=1&gtm=45be4bk0z871838642za201zb71838642&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&ref=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&label=ZvymCPyauJwZEKamjbk9&hn=www.googleadservices.com&frm=0&tiba=Aeroflow%20Authentication%20Portal&value=0&npa=0&pscdl=noapi&auid=643032623.1733146171&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI8defz5iJigMV2xSICR2vxBx1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiJodHRwczovL2xvZ2luLm54ZmUuYWVyb2Zsb3cubmluamEvQldDaEVJZ05LMXVnWVFrLXkwaHRuczhZNldBUklzQU1kTVdTZVE4ak4zRG5qR29Reno2SVhhUnZvd3ZoSEpIYW1VZ25lMW5xYWR2OHlyWDdrQnRKTTdfRms&is_vtc=1&cid=CAQSGwCa7L7dVddLoNj030qhnpVVJeP4pBLbsaKD8A&eitems=ChAIgNK1ugYQjonxx4q7ustXEh0AsRp5qWob-eJ6Pn8ZgdRy3D6geK3B6v2H5ydF_A&random=1569615466
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Mon, 02 Dec 2024 13:29:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
www.google-analytics.com/j/ 		15 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1884199294&t=pageview&_s=1&dl=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&dr=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&ul=en-us&de=UTF-8&dt=Aeroflow%20Authentication%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAAAAC~&jid=623945308&gjid=1081695070&cid=76880478.1733146171&tid=UA-64546168-1&_gid=196564465.1733146172&_slc=1&gtm=45He4bk0n71NQRPCZv71838642za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=578482284
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
967c393cac023404781c68039057c158a5b135b8e86a3c91bd71e9ad68a5972c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 13:29:31 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://login.nxfe.aeroflow.ninja
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-64546168-1&cid=76880478.1733146171&jid=623945308&gjid=1081695070&_gid=196564465.1733146172&_u=YCDAgAABAAAAAG~&z=1588296311
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 13:29:32 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://login.nxfe.aeroflow.ninja
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
collect
www.google-analytics.com/j/ 		15 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1884199294&t=pageview&_s=1&dl=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&dr=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&ul=en-us&de=UTF-8&dt=Aeroflow%20Authentication%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCHAgEABAAAAAGAAI~&jid=56969407&gjid=1313442352&cid=76880478.1733146171&tid=UA-64546168-2&_gid=196564465.1733146172&_slc=1&gtm=45He4bk0n71NQRPCZv71838642za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=712554407
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
db17bb2e0961e697df29a60d563444686d83ab2f4c8093ed3a657d9c71ed55fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 13:29:31 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://login.nxfe.aeroflow.ninja
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-64546168-2&cid=76880478.1733146171&jid=56969407&gjid=1313442352&_gid=196564465.1733146172&_u=YCHAgEABAAAAAGAAI~&z=1687026258
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 13:29:32 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://login.nxfe.aeroflow.ninja
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
945948280400004
connect.facebook.net/signals/config/ 		70 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/945948280400004?v=2.9.176&r=stable&domain=login.nxfe.aeroflow.ninja&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
d728542bb6727678fc29f39534105513cc217ec99a07f52cda19c5107c87fcc6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-PGrj24Sx' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 13:29:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-PGrj24Sx' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=64, mss=1392, tbw=67681, tp=-1, tpl=-1, uplat=101, ullat=0
pragma
public
x-fb-debug
FaAUp6jEGrj7cdXBPEidL8C873YRs7N3R5tfj0a4Cn0DZ6oKhrXgu+U9HvNIE0Oe+N8M3EFkglSgF4DOScrdsA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
4046918.js
bat.bing.com/p/action/ 		364 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/4046918.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6835EF5E046442418397E23FF7E1BE23 Ref B: PHL30EDGE0108 Ref C: 2024-12-02T13:29:31Z
x-cache
CONFIG_NOCACHE
date
Mon, 02 Dec 2024 13:29:31 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		383 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TNWFCRR7X6&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d53a301bff42afd09f9dc8a47d40f89c40a7f25088edc4ef8d3dd4358ed7be2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 13:29:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 13:29:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
128112
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		438 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3KTGX16CWX&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
54f53603aa38220cc4a598838246c8273c80d1ae45ff5e9405f0a2191deb5865
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 13:29:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 13:29:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
140778
x-xss-protection
0
server
Google Tag Manager
0
bat.bing.com/action/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4046918&Ver=2&mid=0330f129-5dcc-4f6c-bb37-4ee8d9313b93&bo=1&sid=76c258d0b0b111efb00a4f2f98a91345&vid=76c27cd0b0b111efa950059befbad6b1&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Aeroflow%20Authentication%20Portal&p=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&r=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&lt=583&evt=pageLoad&sv=1&cdb=AQAQ&rn=834563
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4ACEDCABF715473F96E23FD782146D9D Ref B: PHL30EDGE0108 Ref C: 2024-12-02T13:29:32Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Mon, 02 Dec 2024 13:29:31 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TNWFCRR7X6&gtm=45je4bk0v9164377629za200&_p=1733146170733&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101509157~101925629~102067555~102067808~102077855~102081485&ul=en-us&sr=1600x1200&cid=76880478.1733146171&_ng=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&dr=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&dt=Aeroflow%20Authentication%20Portal&sid=1733146172&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1907
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TNWFCRR7X6&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f102.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://login.nxfe.aeroflow.ninja
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 13:29:32 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
48 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-TNWFCRR7X6&cid=76880478.1733146171&gtm=45je4bk0v9164377629za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101509157~101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TNWFCRR7X6&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://login.nxfe.aeroflow.ninja
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 13:29:32 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 45C1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-TNWFCRR7X6&gacid=76880478.1733146171&gtm=45je4bk0v9164377629za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=101509157~101925629~102067555~102067808~102077855~102081485&z=482885199
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TNWFCRR7X6&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.nxfe.aeroflow.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 13:29:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-3KTGX16CWX&gtm=45je4bk0v899227879za200&_p=1733146170733&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=en-us&sr=1600x1200&cid=76880478.1733146171&_ng=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&dr=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&dt=Aeroflow%20Authentication%20Portal&sid=1733146172&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2007
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KTGX16CWX&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f102.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://login.nxfe.aeroflow.ninja
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 13:29:32 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-3KTGX16CWX&cid=76880478.1733146171&gtm=45je4bk0v899227879za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KTGX16CWX&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://login.nxfe.aeroflow.ninja
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 13:29:32 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 6E31 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-3KTGX16CWX&gacid=76880478.1733146171&gtm=45je4bk0v899227879za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=146147065
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KTGX16CWX&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.nxfe.aeroflow.ninja/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 13:29:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1408608419408207
connect.facebook.net/signals/config/ 		45 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1408608419408207?v=2.9.176&r=stable&domain=login.nxfe.aeroflow.ninja&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C146%2C173%2C159%2C118%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
9392cc7b467607ea346bf85dfdf25a6a747eb89526e25a8e77f9a1ca149ea89f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-0dOFqBlO' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 13:29:32 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-0dOFqBlO' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=77, mss=1392, tbw=83070, tp=-1, tpl=-1, uplat=274, ullat=0
pragma
public
x-fb-debug
kD8RNBHKkBKvO+y5BUX2t7V7R5U+ZRE3CKkithVKhnWlQXsbbaGlm2DuXicokkrTPCLMPuhdUMzMYfOmemrW7g==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=945948280400004&ev=PageView&dl=https%3A%2F%2Flogin.nxfe.aeroflow.ninja&rl=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja&if=false&ts=1733146172204&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1733146172202.900242103689267429&pm=1&hrl=af82e8&ler=other&cdl=API_unavailable&it=1733146171866&coo=false&tm=1&cs_cc=1&cas=7555992824489338%2C7329067697202036&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1392, tbw=2918, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 02 Dec 2024 13:29:32 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=945948280400004&ev=PageView&dl=https%3A%2F%2Flogin.nxfe.aeroflow.ninja&rl=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja&if=false&ts=1733146172204&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1733146172202.900242103689267429&pm=1&hrl=af82e8&ler=other&cdl=API_unavailable&it=1733146171866&coo=false&tm=1&cs_cc=1&cas=7555992824489338%2C7329067697202036&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443806129944756935"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 13:29:33 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
TqqlxmZvbyW2Wc9kxSouJ1QauevfmwMvCZzh4l/oBEnBCV+Niscf/fdZUJqPl1tfqqRv+jHsmk3qMb8EpUUwjA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443806129944756935", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=14, mss=1392, tbw=3474, tp=-1, tpl=-1, uplat=138, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.google.com/pagead/1p-user-list/1027036248/ 		42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1027036248/?random=1733146171640&cv=11&fst=1733144400000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v899227141z871838642za201zb71838642&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin.nxfe.aeroflow.ninja%2F%3Fclient_id%3D31sj6hifeqqt9mi797flijd0bi%26redirect_uri%3Dhttps%253A%252F%252Fbill-pay.nxfe.aeroflow.ninja%252Fapi%252Fauth%252Fcallback%252Fpatient-auth&ref=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja%2F&hn=www.googleadservices.com&frm=0&tiba=Aeroflow%20Authentication%20Portal&npa=0&pscdl=noapi&auid=643032623.1733146171&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7ddYSOwpO_HXmDGGb_OgoKZNu0xR8wIQ&random=258825689&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.104 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 02 Dec 2024 13:29:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=945948280400004&ev=PageView&dl=https%3A%2F%2Flogin.nxfe.aeroflow.ninja&rl=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja&if=false&ts=1733146172530&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1733146172202.900242103689267429&pm=1&hrl=af82e8&ler=other&cdl=API_unavailable&it=1733146171866&coo=false&cs_cc=1&cas=7555992824489338%2C7329067697202036&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1392, tbw=3328, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 02 Dec 2024 13:29:32 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=945948280400004&ev=PageView&dl=https%3A%2F%2Flogin.nxfe.aeroflow.ninja&rl=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja&if=false&ts=1733146172530&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1733146172202.900242103689267429&pm=1&hrl=af82e8&ler=other&cdl=API_unavailable&it=1733146171866&coo=false&cs_cc=1&cas=7555992824489338%2C7329067697202036&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443806128894298037"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 13:29:33 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
4aHRpIczFLOM7SYJlIcxeg+0V3JRqhXtMIBqhN8uadJJTQFfN5rp7kpQh3UojbZgIZkGDsiO+Q34fubBBoX+lQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443806128894298037", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=14, mss=1392, tbw=7917, tp=-1, tpl=-1, uplat=152, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1408608419408207&ev=PageView&dl=https%3A%2F%2Flogin.nxfe.aeroflow.ninja&rl=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja&if=false&ts=1733146172533&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4124&fbp=fb.1.1733146172202.900242103689267429&pm=1&hrl=dab548&ler=other&cdl=API_unavailable&it=1733146171866&coo=false&cs_cc=1&cas=1159021900849016%2C6957821380988275%2C8180261645339463%2C7684033251660758%2C8081572681893410%2C7661930780535649%2C2281920375248901&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1392, tbw=2918, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 02 Dec 2024 13:29:32 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1408608419408207&ev=PageView&dl=https%3A%2F%2Flogin.nxfe.aeroflow.ninja&rl=https%3A%2F%2Fbill-pay.pr139.nxfe.aeroflow.ninja&if=false&ts=1733146172533&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4124&fbp=fb.1.1733146172202.900242103689267429&pm=1&hrl=dab548&ler=other&cdl=API_unavailable&it=1733146171866&coo=false&cs_cc=1&cas=1159021900849016%2C6957821380988275%2C8180261645339463%2C7684033251660758%2C8081572681893410%2C7661930780535649%2C2281920375248901&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.nxfe.aeroflow.ninja/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443806129045739167"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x03e004a4424914c7","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["4899326936773006","1549594595149930"]},"debug_reporting":true,"debug_key":"3059561875238353125"}
date
Mon, 02 Dec 2024 13:29:33 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
ngYJpw0FMxDQZjrTFA1cqfVwfbq9FgocMAQN0c0utvzhf9nqbyxBYcoLNH7kSnmQaSYWvyRuLroG/ARuP2+UsA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443806129045739167", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=14, mss=1392, tbw=6707, tp=-1, tpl=-1, uplat=136, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| __next_f object| _sentryDebugIds string| _sentryDebugIdIdentifier object| webpackChunk_N_E string| __sentryRewritesTunnelPath__ object| SENTRY_RELEASE object| __SENTRY__ object| next object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _fbq_gtm_ids object| uetq function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO object| gaplugins object| gaData function| UET function| UET_init function| UET_push object| ueto_5f7b9dea70

23 Cookies

Domain/Path Name / Value
bill-pay.pr139.nxfe.aeroflow.ninja/ Name: __Host-next-auth.csrf-token
Value: ae94300d2cc49460954b30216d9a403e47205f529c304377d65cd9847fca57f3%7C40cd692019d6ecf43f901d9b551d0cfa7f0872ecf89e79be4f61dfe43fea1688
bill-pay.pr139.nxfe.aeroflow.ninja/ Name: __Secure-next-auth.callback-url
Value: https%3A%2F%2Fbill-pay.nxfe.aeroflow.ninja
login.nxfe.aeroflow.ninja/ Name: state
Value:
login.nxfe.aeroflow.ninja/ Name: userPoolName
Value: cbaQgPxRD
.aeroflow.ninja/ Name: _gcl_au
Value: 1.1.643032623.1733146171
login.nxfe.aeroflow.ninja/ Name: client_id
Value: a1ab5f9348e9af456ed5b5c9%3A299339520fc6b69ebc368f6baeb87da3%3A1cabdad6f82e9be99fd34161d1d0b8c93f8c54ca48616ec82eef
login.nxfe.aeroflow.ninja/ Name: redirect_uri
Value: 26a9ca824f6dc92ba3384331%3Abc5aeb61d953bdedf4c9881fc6982ea7%3Ac6ad68c7ba8d0eac5f581e42a77f14e55ceed1edb2ba3292d7b36b704509ea6a498e2cb10496bbb22054bf5a620f7fc9f37c9b410e81ba206d63aeada28849967831e8
.aeroflow.ninja/ Name: _ga_2B5MZ6GH7Z
Value: GS1.1.1733146171.1.1.1733146171.0.0.0
.login.nxfe.aeroflow.ninja/ Name: _ga
Value: GA1.4.76880478.1733146171
.login.nxfe.aeroflow.ninja/ Name: _gid
Value: GA1.4.196564465.1733146172
.login.nxfe.aeroflow.ninja/ Name: _dc_gtm_UA-64546168-1
Value: 1
.aeroflow.ninja/ Name: _ga
Value: GA1.2.76880478.1733146171
.aeroflow.ninja/ Name: _gid
Value: GA1.2.196564465.1733146172
.aeroflow.ninja/ Name: _dc_gtm_UA-64546168-2
Value: 1
.aeroflow.ninja/ Name: _uetsid
Value: 76c258d0b0b111efb00a4f2f98a91345
.aeroflow.ninja/ Name: _uetvid
Value: 76c27cd0b0b111efa950059befbad6b1
.login.nxfe.aeroflow.ninja/ Name: _ga_TNWFCRR7X6
Value: GS1.4.1733146172.1.0.1733146172.60.0.0
.bing.com/ Name: MUID
Value: 00FB6FC75F886E761EEC7A8E5E4A6F25
.bat.bing.com/ Name: MR
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUl5aUUtXDnbzQSudl6E6BAB9ZddAwmyeWr0Wx-mZb516LtGsS6qNScWy3Ll
.aeroflow.ninja/ Name: _ga_3KTGX16CWX
Value: GS1.2.1733146172.1.0.1733146172.60.0.0
.aeroflow.ninja/ Name: _fbp
Value: fb.1.1733146172202.900242103689267429
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bat.bing.com
bill-pay.nxfe.aeroflow.ninja
bill-pay.pr139.nxfe.aeroflow.ninja
cdn.noibu.com
connect.facebook.net
googleads.g.doubleclick.net
login.nxfe.aeroflow.ninja
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
108.138.85.123
142.250.31.155
142.251.16.156
142.251.167.104
142.251.167.138
142.251.179.97
150.171.28.10
157.240.229.1
172.253.122.102
172.253.63.154
3.167.112.125
3.167.112.49
3.171.100.28
31.13.66.35
002dfc2f1efd2cee1ccd2a85e516e911abf15821934308d2b9c64d59c3859a19
05561e72847055ceb096b2b3bcf0cb083c274726f1952f3d5bc09ba44f43b653
08eb4f88b347af75fecfe02740d45d18d08678b1b615f24ef035475cb57f5405
0d0f61cec92a75beb8d03dd246b79653e35fd20c216a572d7f18081d53d295ff
0d7d9e78792070b7bd2018f9a742437ef8ad87a4d1b4acf2aba0e42e04811cea
1cf00971efc660b694bf2eee4a84fb14b7e98dbb98dc665a84f0979ca04f985a
230986dd65816389d11112dc3123bce472e3448be73c6c7608f5b85db5e8e271
27fcd5c3bd83691968c79581f8068b530b936dfb6f64ce6a1c3cd02dcc3ff49e
303ba11be581a0333156a2d211fee17a6e82db92dae08ae7bc6e1b1748afba36
33bc695ff7b2cb8faa929b0fe9be02aa269e92909f8277fbcaf2f002a5bb852e
3ac1cd1db4a6d589c07d83a776dc8883d28359ed148237bc3a5d135cabdb4db4
3fd5d6b2090c1f06883bb0e050ab44e9122bf43303ca6e71b9b251b67dfa96e5
430a7dad4ba3fa9841bd7db2db51d84ba6e527de931cb4c87b17d98c18cd240b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44defd7af421b068743ed93d78b34e7cbc15638d558b7a8885c47a4d33f6e367
4f4eafbb30fae97d4d24755e1c59671e82a68cc0aa0dde21842553bc0ec628cf
4f5343ea2af5e0d0b19691f7317c1e981c53583be7f571ce0af4049c6059adf5
5202f3ee40866f8af3a2b60c977d43173bc8889bbb654ff5fe94157929b563e9
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
54f53603aa38220cc4a598838246c8273c80d1ae45ff5e9405f0a2191deb5865
57106504c3466df6713ccfc2b2db384fb33011f2f2d9df8a7046b52d16fe4a38
602ef17d69834d2ad115a638b5f22d69f5987686be27d7c8f8cf944b84dbeb99
63e52b72f6a2f4f21ad079350fe6fb85715434709f644f9bbd1ffc738d22bce6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77addcdf899d918c9506a0affd0cc3677d165971fc0a883f92e14a0dc8f27178
7c95dd9d7787c85539fc1c3c22b53737d3e55af8140f4900346f9d68cf5c367a
7cf2dd0506084f87f53a62f2362fdd66cd1d75d770eca336f0c72a8651241574
80c70d96d537b6f93e74a146ba37235f21e74148743b1b9bbd50f4a49ae4c9c1
826f87912f7167502ebcc521ab5321e00d2994fa59688b604fde07098c3972e3
83a4369b7e9c4738e221cc7931a7b4dbd6f6c52f0f6309927245ab7512da83ad
845e7a1d2f15515fd3eea69bcecc3eb213c00d70766b8dceb0d55bb6d33c4073
88267dff963c3640d74aaa2d8926cf2a4478b1f02dd9849753d585404b17b63a
8a7844cdaf6e0321a11f8a9c42bdf1349041de2853b9a4735fc25c58a2415e2c
8a8816de17875bad1a32517bbffbe870955fdf16643a6f23c189a44d2a881727
927703cfca94086c97fc8ef23601da3cd5d3dab17340ebe0782c86fd216d190c
9392cc7b467607ea346bf85dfdf25a6a747eb89526e25a8e77f9a1ca149ea89f
967c393cac023404781c68039057c158a5b135b8e86a3c91bd71e9ad68a5972c
9da695a90debb83ab4b53a7eab5bad5be90f8629af0f8e07f2c2f8425e4007f4
9ede3015649605c8be6c35751bd700a2444a59a88addd17c481414cd034df1a6
a266c449db026b67602a22ee896053eb537f4c2bb46f0b8ddac3e474a1262e74
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
b2792c92c84ee737e9786dfc2f60363f79c03c98154257f81c53618ba82ac77e
be97ff7f8b070ae33721ff5e992b43493f7b05be4fcc77b0be339c4a0498f5df
c08b2fbab10a9e510ec662973f83033c71e1260d1c3b754689d9a59bbd76b064
c642a43ff8e9e4ed068b6ef2722c313592191b914069968696608765b5e6719e
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
cca8b076508197cd2a1250cd6a54f106015afa9e59c2fad10093502dcc65505b
cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba
cd13d9547c28490cb80f8d345b939267affe0e5d1e30f048bf5f84ecf5ea2a37
d0776374097a5a6a22f01eb59b5a153a18440394972e67a4c097785446d5cd91
d0e939ab72e6b8fa40d9a84911352582894b3c64912699e8a3ac01a062b6651b
d53a301bff42afd09f9dc8a47d40f89c40a7f25088edc4ef8d3dd4358ed7be2b
d728542bb6727678fc29f39534105513cc217ec99a07f52cda19c5107c87fcc6
db17bb2e0961e697df29a60d563444686d83ab2f4c8093ed3a657d9c71ed55fb
dd1d87a3e43058c21090e00341b2ccce34653e9ca3e67c33e4ad7ac9ab6bc883
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47d762443f6a665319387639dcc9127616041310d52c3252a468da66e402a0d
e56149926c5b678074e72833962595ee0edee17019a86e6d194644b26da4b81f
e8eb4d51a3244e3720af5c30aea7f9ebb29804d9e58e1847bb2c58f3977cadcf
ee1b494b72710bfba54b5b3028b291aef61d877f6994e7b4b9815e52c5f9d99d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff1e11c411f67a3ab50b0995a1eaa9e1912ae0bd0e3abe6c69c9fb777fe4ac89