urlscan.io logo urlscan.io
SecurityTrails logo

lo.usherpa.com Open in urlscan Pro
13.66.38.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://emlink.usherpa.net/ls/click?upn=pZ4qlEXTabSjrvUJkQaaX2RXWGaO4ZDwf3c8fW1Tlf9pG6K-2FRHH9yJfYzZzfyTOGn0cJrMys9yVNt11QS...
Effective URL: https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
Submission: On October 16 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 16 HTTP transactions. The main IP is 13.66.38.99, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is lo.usherpa.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 2nd 2020. Valid for: 2 years.
This is the only time lo.usherpa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.56 11377 (SENDGRID)
9 13.66.38.99 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:233... 15133 (EDGECAST)
2 51.107.59.180 8075 (MICROSOFT...)
16 6
1    167.89.115.56 (United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x56.outbound-mail.sendgrid.net
emlink.usherpa.net
9    13.66.38.99 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lo.usherpa.com
1    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
2    51.107.59.180 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Domain Requested by
9 lo.usherpa.com lo.usherpa.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 fonts.gstatic.com fonts.googleapis.com
1 az416426.vo.msecnd.net lo.usherpa.com
1 fonts.googleapis.com lo.usherpa.com
1 emlink.usherpa.net 1 redirects
16 6

This site contains no links.

Subject Issuer Validity Valid
usherpa.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-02 -
2022-03-21		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
in.applicationinsights.azure.com
Microsoft IT TLS CA 4		 2020-04-30 -
2022-04-30		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
Frame ID: CD74D57E9CC80244FBA788D16A598BB0
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://emlink.usherpa.net/ls/click?upn=pZ4qlEXTabSjrvUJkQaaX2RXWGaO4ZDwf3c8fW1Tlf9pG6K-2FRHH9yJfYzZzfy... HTTP 302
    https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campa... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

16
Requests

94 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

1563 kB
Transfer

3886 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://emlink.usherpa.net/ls/click?upn=pZ4qlEXTabSjrvUJkQaaX2RXWGaO4ZDwf3c8fW1Tlf9pG6K-2FRHH9yJfYzZzfyTOGn0cJrMys9yVNt11QSAxhXMNsURFO1d8TuHCwIb1J08W5l47Xo2FEGqkzL5ZPHPxfLHU-2FhLx3pjYPuz88vcmO5tDW-2F4iz1s-2FujnQQJL2NaFI-3D15PO_uCEtTG74yGwK7RnO1-2B1gs5u60Q-2BBDChrliD-2Ffb7WNo6vX2-2FC-2BFX9RuDT1C4i8yQ7F-2FwEEcQCGbM7k2HDy28p8N5-2BoZ-2BHAujlMlog7LUVWuVOUzPtc69fu3sFdacakmrc7dwhEwR0lV6KFF-2Baud-2FnpOWU2Sue0h-2B0lXx8yg3-2Fg2xWp5Qx-2FxgxOUWog3u2WpDHomhHbaT8kaIosnWAc3RdX4czNxyprhlE61Z2MglGz2AV5DByS2Dkoftt2f845cA72bPGn4t8O9D112YUlP4TtCN6fYNCnes60Hgpsq4zBNnChG-2Bj9DSrn5DFGR71AkOWd7B2NccjaVzI-2FunNtcuIOn-2FaSouXU5bbivFA-2BVrAtoZ-2FfM-2FlYTeFkNC-2F1h5tQD3Eo2-2BSAyc7zW1eZTOA0zi8-2Bw-3D-3D HTTP 302
    https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b
lo.usherpa.com/optout/
Redirect Chain
  • http://emlink.usherpa.net/ls/click?upn=pZ4qlEXTabSjrvUJkQaaX2RXWGaO4ZDwf3c8fW1Tlf9pG6K-2FRHH9yJfYzZzfyTOGn0cJrMys9yVNt11QSAxhXMNsURFO1d8TuHCwIb1J08W5l47Xo2FEGqkzL5ZPHPxfLHU-2FhLx3pjYPuz88vcmO5tDW-2...
  • https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.66.38.99 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bd5690cd55cf9ff4e5e8b92adc7f3a1933b3631c620737de9f72e440d572164f

Request headers

Host
lo.usherpa.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
private
Content-Length
2051
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
P3P
policyref="https://lo.usherpa.com/content/w3c/p3p.xml",CP="CAO PSA CONi OUR DEM ONL"
Set-Cookie
UsherpaLOAnonymousId="63e8fd78-9973-4814-afaa-815911d85161"; domain=.lo.usherpa.com; path=/ UsherpaLOUserRequest={"IP":"185.212.171.67","Browser":"Chrome (83.0)","Platform":"Mac OS X 10.14","Device":"desktop","FormFactor":"Desktop","IsCrawler":false,"IsCookies":true,"IsJavaScript":true,"BrowserDimensions":null,"DeviceDimensions":null}; domain=.lo.usherpa.com; path=/ UsherpaLOUserRequest={"IP":"185.212.171.67","Browser":"Chrome (83.0)","Platform":"Mac OS X 10.14","Device":"desktop","FormFactor":"Desktop","IsCrawler":false,"IsCookies":true,"IsJavaScript":true,"BrowserDimensions":null,"DeviceDimensions":null}; domain=.lo.usherpa.com; path=/ UsherpaLOUserRequest={"IP":"185.212.171.67","Browser":"Chrome (83.0)","Platform":"Mac OS X 10.14","Device":"desktop","FormFactor":"Desktop","IsCrawler":false,"IsCookies":true,"IsJavaScript":true,"BrowserDimensions":null,"DeviceDimensions":null}; domain=.lo.usherpa.com; path=/ UsherpaLOUserRequest={"IP":"185.212.171.67","Browser":"Chrome (83.0)","Platform":"Mac OS X 10.14","Device":"desktop","FormFactor":"Desktop","IsCrawler":false,"IsCookies":true,"IsJavaScript":true,"BrowserDimensions":null,"DeviceDimensions":null}; domain=.lo.usherpa.com; path=/ UsherpaLOUserRequest={"IP":"185.212.171.67","Browser":"Chrome (83.0)","Platform":"Mac OS X 10.14","Device":"desktop","FormFactor":"Desktop","IsCrawler":false,"IsCookies":true,"IsJavaScript":true,"BrowserDimensions":null,"DeviceDimensions":null}; domain=.lo.usherpa.com; path=/
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Headers
Content-Type
Date
Fri, 16 Oct 2020 16:37:49 GMT

Redirect headers

Server
nginx
Date
Fri, 16 Oct 2020 16:37:49 GMT
Content-Type
text/html; charset=utf-8
Content-Length
151
Connection
keep-alive
Location
https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
X-Robots-Tag
noindex, nofollow
css
fonts.googleapis.com/ 		12 KB
987 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
Requested by
Host: lo.usherpa.com
URL: https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8be5c6301da1b9998a2eda72be2f3fa24ae903241e176be45031da127cb7f4ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Oct 2020 16:37:50 GMT
server
ESF
date
Fri, 16 Oct 2020 16:37:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Oct 2020 16:37:50 GMT
site-css
lo.usherpa.com/content/ 		186 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lo.usherpa.com/content/site-css?v=bwgA8_SAq3kZA69AFTCPJNJZqZkOQoq8GDilzEQObhs1
Requested by
Host: lo.usherpa.com
URL: https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.66.38.99 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fbbd8508e0660915082b383636cd122066deb6906896aa22a218b3dc487517fe

Request headers

Referer
https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 16 Oct 2020 16:37:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Oct 2020 16:37:50 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
Vary
User-Agent,Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
policyref="https://lo.usherpa.com/content/w3c/p3p.xml",CP="CAO PSA CONi OUR DEM ONL"
Access-Control-Allow-Origin
*
Cache-Control
public,public
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Headers
Content-Type
Content-Length
40490
Expires
Sat, 16 Oct 2021 16:37:50 GMT
site-scss
lo.usherpa.com/content/ 		1 MB
212 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lo.usherpa.com/content/site-scss?v=7hOnaDUVtQoo15AkCnV1JQWFj5a0QizlmSoUosZra9Y1
Requested by
Host: lo.usherpa.com
URL: https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.66.38.99 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fc3e40f1f53b630fce4f7370b43a5f0ec019b7f734569e77134655ca243da0c0

Request headers

Referer
https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 16 Oct 2020 16:37:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Oct 2020 16:37:50 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
Vary
User-Agent,Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
policyref="https://lo.usherpa.com/content/w3c/p3p.xml",CP="CAO PSA CONi OUR DEM ONL"
Access-Control-Allow-Origin
*
Cache-Control
public,public
Transfer-Encoding
chunked
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Headers
Content-Type
Expires
Sat, 16 Oct 2021 16:37:50 GMT
jquery-js
lo.usherpa.com/bundles/ 		102 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.usherpa.com/bundles/jquery-js?v=1MMtobEaBI0JH7SrsjX3Q1wS7CzPH7zBp-pWIqU1Pwk1
Requested by
Host: lo.usherpa.com
URL: https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.66.38.99 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
64111cee208d92f55c9e4ce32f310be952d43fcfd41fbaa78120c976b14deb1a

Request headers

Referer
https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 16 Oct 2020 16:37:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Oct 2020 16:37:50 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
Vary
User-Agent,Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
policyref="https://lo.usherpa.com/content/w3c/p3p.xml",CP="CAO PSA CONi OUR DEM ONL"
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Headers
Content-Type
Content-Length
46969
Expires
Sat, 16 Oct 2021 16:37:50 GMT
jquery-validate-js
lo.usherpa.com/bundles/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.usherpa.com/bundles/jquery-validate-js?v=ezowOls8bKQ2RN_TMKxAE8IyH0NY6U0pxES706_kMrY1
Requested by
Host: lo.usherpa.com
URL: https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.66.38.99 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
847918925f7a13db0d980c7f2d09c2328add7f7f492924f6afdbd45dc2d2f8cc

Request headers

Referer
https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 16 Oct 2020 16:37:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Oct 2020 16:37:51 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
Vary
User-Agent,Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
policyref="https://lo.usherpa.com/content/w3c/p3p.xml",CP="CAO PSA CONi OUR DEM ONL"
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Headers
Content-Type
Content-Length
21241
Expires
Sat, 16 Oct 2021 16:37:51 GMT
general-js
lo.usherpa.com/bundles/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.usherpa.com/bundles/general-js?v=7Y8IrFILt-K7Hf7PHZGVq1AT0QLhCQRvysgLzandJWo1
Requested by
Host: lo.usherpa.com
URL: https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.66.38.99 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a36d41ae5e26dec7d0811c15d7910ca43f1219ad780d1b7016fd8798c8853bc5

Request headers

Referer
https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 16 Oct 2020 16:37:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Oct 2020 16:37:51 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
Vary
User-Agent,Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
policyref="https://lo.usherpa.com/content/w3c/p3p.xml",CP="CAO PSA CONi OUR DEM ONL"
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Headers
Content-Type
Content-Length
6376
Expires
Sat, 16 Oct 2021 16:37:51 GMT
site-js
lo.usherpa.com/bundles/ 		1 MB
510 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.usherpa.com/bundles/site-js?v=w-ES9c071W5twQFeQLWqEfRjnzc3pUNDb1Wvd6khFUg1
Requested by
Host: lo.usherpa.com
URL: https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.66.38.99 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4c4538018f520a5cf8cf34f9a86973c4b0d105e577ff30bb6f0d3eac70aabebf

Request headers

Referer
https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 16 Oct 2020 16:37:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Oct 2020 16:37:51 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
Vary
User-Agent,Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
policyref="https://lo.usherpa.com/content/w3c/p3p.xml",CP="CAO PSA CONi OUR DEM ONL"
Access-Control-Allow-Origin
*
Cache-Control
public
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Headers
Content-Type
Expires
Sat, 16 Oct 2021 16:37:51 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://lo.usherpa.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 11:20:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
364638
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Tue, 12 Oct 2021 11:20:34 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://lo.usherpa.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 11:20:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
364639
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Tue, 12 Oct 2021 11:20:33 GMT
icomoon.ttf
lo.usherpa.com/content/fonts/ 		679 KB
679 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lo.usherpa.com/content/fonts/icomoon.ttf?crt57v
Requested by
Host: lo.usherpa.com
URL: https://lo.usherpa.com/content/site-css?v=bwgA8_SAq3kZA69AFTCPJNJZqZkOQoq8GDilzEQObhs1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.66.38.99 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f816bc9cb5691011ff71d42a2713de817c0ce5d060f883352300fe0842fa2f49

Request headers

Origin
https://lo.usherpa.com
Referer
https://lo.usherpa.com/content/site-css?v=bwgA8_SAq3kZA69AFTCPJNJZqZkOQoq8GDilzEQObhs1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 16 Oct 2020 16:37:51 GMT
Last-Modified
Sat, 10 Oct 2020 04:09:58 GMT
Server
Microsoft-IIS/10.0
ETag
"06f6d37bb9ed61:0"
Access-Control-Allow-Methods
GET
P3P
policyref="https://lo.usherpa.com/content/w3c/p3p.xml",CP="CAO PSA CONi OUR DEM ONL"
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000,public
Accept-Ranges
bytes
Content-Type
application/octet-stream
Access-Control-Allow-Headers
Content-Type
Content-Length
694936
b70ec5a5-387a-433d-bfc3-ef1dabd52b0a
https://lo.usherpa.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://lo.usherpa.com/b70ec5a5-387a-433d-bfc3-ef1dabd52b0a
Requested by
Host: lo.usherpa.com
URL: https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
getrequestinfo
lo.usherpa.com/ 		237 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lo.usherpa.com/getrequestinfo
Requested by
Host: lo.usherpa.com
URL: https://lo.usherpa.com/bundles/jquery-js?v=1MMtobEaBI0JH7SrsjX3Q1wS7CzPH7zBp-pWIqU1Pwk1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.66.38.99 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ffa0a94ca584a1acc6813abba03fdaf825861f331a106f0098761b01e5b91d1f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 16 Oct 2020 16:37:51 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Last-Modified
Fri, 16 Oct 2020 16:37:52 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
policyref="https://lo.usherpa.com/content/w3c/p3p.xml",CP="CAO PSA CONi OUR DEM ONL"
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Headers
Content-Type
Content-Length
282
Expires
Sat, 17 Oct 2020 16:37:52 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: lo.usherpa.com
URL: https://lo.usherpa.com/bundles/site-js?v=w-ES9c071W5twQFeQLWqEfRjnzc3pUNDb1Wvd6khFUg1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Oct 2020 16:37:52 GMT
content-encoding
gzip
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
172
x-cache
HIT
status
200
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 01 Oct 2020 19:31:04 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8664089864073
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b12cb820-d01e-00a9-16da-a35614000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Fri, 16 Oct 2020 17:07:52 GMT
track
dc.services.visualstudio.com/v2/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://lo.usherpa.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Fri, 16 Oct 2020 16:37:53 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		96 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9a7396690481fe92f7742bc9e8b857591b91865503467d9f623dfb2713943192
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://lo.usherpa.com/optout/7584b8f8-b0fd-49d8-a8a8-9ec53fc53f0b?email=jsotto%40firstam.com&campaignId=375657&type=All
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
55A36911-DDA0-4E2B-A341-012D401968ED
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
status
200
date
Fri, 16 Oct 2020 16:37:54 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
96

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery object| ea function| IsEmpty function| IsEmptyGuid function| IsValueTrue function| RemoveTrailingSpaces function| RemoveLeadingSpaces function| RemoveSpaces function| IsWhitespace function| Replace function| ReplaceAll function| Occurs function| IsDigit function| IsAlpha function| IsInteger function| IsFloat function| RoundNumber function| FormatNumber function| FormatCurrency function| CommifyNumber function| ConvertNumber function| ConvertToFloat function| CleanNumber function| PreLoadImage function| CancelEvent function| DisableEnterKey function| DisableBlurEnterKey function| DisableButton function| ShowHideElements function| SetOpacity function| WindowOpen function| DiffDatesDays function| Base64Decode function| CreateUrlName function| GenerateGuid function| GenerateRandomNumber function| CleanupNumber function| GetBrowser function| PrintPage function| SafeActiveElement function| ClearPlaceholders function| GetLogMessage function| TruncateAtWord function| MaskNumber function| PopulateObjectFromForm function| PopulateFormFromObject function| EncodeStringXor function| DecodeStringXor function| SplitStyle function| CombineStyle function| IsObjectEmpty function| IsZipcode function| IsDatePart function| IsValidDate function| IsValidDay function| IsValidRange function| IsValidMinValue function| IsValidLength function| IsValidEmail function| IsValidFormat function| IsValidCharacters function| IsValidField function| IsValidRequired function| ClearValidationError function| SetValidationError function| SetAppInsights function| RadiosChange function| DatePickerChange function| InitCustomFormElements function| InitSelectBox function| InitSelect2 function| ResetFormValidation function| JSCookies object| verge object| store object| jQuery1124032360724086589476 function| SelectBox function| DataGrid function| Tabs function| Cookies object| moxie object| mOxie object| o object| plupload function| FileUpload function| moment function| Color function| Chart function| GridsterCoords function| GridsterCollision function| delay function| debounce function| throttle function| GridsterDraggable function| Gridster object| vttjs function| WebVTT function| videojs function| videojsOverlay function| Sortable object| appInsights object| AI object| Microsoft function| __extends function| _endsWith

0 Cookies