urlscan.io logo urlscan.io
SecurityTrails logo

security.johnoconnorpresents.com Open in urlscan Pro
35.202.21.90  Public Scan

Go To Rescan Add Verdict Report
URL: https://security.johnoconnorpresents.com/
Submission: On July 30 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 20 domains to perform 53 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is security.johnoconnorpresents.com.
TLS certificate: Issued by R10 on July 30th 2024. Valid for: 3 months.
This is the only time security.johnoconnorpresents.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 35.202.21.90 396982 (GOOGLE-CL...)
4 34.107.203.240 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 13.224.58.192 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 162.159.138.60 13335 (CLOUDFLAR...)
3 3.165.113.47 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.68 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 172.67.75.100 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
6 35.192.151.63 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.164.163.108 16509 (AMAZON-02)
1 216.58.206.65 15169 (GOOGLE)
1 3 2600:9000:266... 16509 (AMAZON-02)
1 2a05:d018:cc3... 16509 (AMAZON-02)
53 23
4    35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com
security.johnoconnorpresents.com
ondemandseminar.lpages.co
advisorsdigitaledge.lpages.co
4    34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com
static.leadpages.net
embed.lpcontent.net
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
11    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)
js.center.io
1    13.224.58.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-58-192.cdg50.r.cloudfront.net
d10lpsik1i8c69.cloudfront.net
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
3    3.165.113.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-113-47.cdg50.r.cloudfront.net
widget.surveymonkey.com
prod.smassets.net
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.google.com
1    142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net
www.google.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    172.67.75.100 (United States)

ASN13335 (CLOUDFLARENET, US)
settings.luckyorange.net
1    2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)
js.center.io
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com
api.leadpages.io
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    3.164.163.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-163-108.cdg55.r.cloudfront.net
www.surveymonkey.com
1    216.58.206.65 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f1.1e100.net
lh3.googleusercontent.com
3    2600:9000:2664:2c00:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
1    2a05:d018:cc3:fe04:c888:15ab:2d14:464 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
Apex Domain
Subdomains		 Transfer
12 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 129
303 KB
6 leadpages.io
api.leadpages.io — Cisco Umbrella Rank: 76565
3 KB
4 adroll.com
s.adroll.com — Cisco Umbrella Rank: 5194
d.adroll.com — Cisco Umbrella Rank: 2660
29 KB
4 gstatic.com
fonts.gstatic.com
116 KB
3 lpages.co
ondemandseminar.lpages.co
advisorsdigitaledge.lpages.co
3 surveymonkey.com
widget.surveymonkey.com — Cisco Umbrella Rank: 108446
www.surveymonkey.com — Cisco Umbrella Rank: 43337
15 KB
3 leadpages.net
static.leadpages.net — Cisco Umbrella Rank: 82238
188 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
2 google.com
maps.google.com — Cisco Umbrella Rank: 3713
www.google.com — Cisco Umbrella Rank: 10
317 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
72 KB
2 center.io
js.center.io — Cisco Umbrella Rank: 85223
5 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
ajax.googleapis.com — Cisco Umbrella Rank: 641
85 KB
1 smassets.net
prod.smassets.net — Cisco Umbrella Rank: 48786
4 KB
1 luckyorange.net
settings.luckyorange.net — Cisco Umbrella Rank: 23254
775 B
1 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 3381
1 cloudfront.net
d10lpsik1i8c69.cloudfront.net
3 KB
1 lpcontent.net
embed.lpcontent.net — Cisco Umbrella Rank: 115983
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
71 KB
1 johnoconnorpresents.com
security.johnoconnorpresents.com
25 KB
53 20
Domain Requested by
12 lh3.googleusercontent.com security.johnoconnorpresents.com
6 api.leadpages.io js.center.io
static.leadpages.net
4 fonts.gstatic.com fonts.googleapis.com
3 s.adroll.com 1 redirects security.johnoconnorpresents.com
s.adroll.com
3 static.leadpages.net security.johnoconnorpresents.com
static.leadpages.net
2 www.facebook.com security.johnoconnorpresents.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ondemandseminar.lpages.co static.leadpages.net
2 widget.surveymonkey.com security.johnoconnorpresents.com
widget.surveymonkey.com
2 connect.facebook.net security.johnoconnorpresents.com
connect.facebook.net
2 js.center.io security.johnoconnorpresents.com
js.center.io
1 d.adroll.com s.adroll.com
1 prod.smassets.net security.johnoconnorpresents.com
1 www.surveymonkey.com ajax.googleapis.com
1 ajax.googleapis.com widget.surveymonkey.com
1 settings.luckyorange.net d10lpsik1i8c69.cloudfront.net
1 advisorsdigitaledge.lpages.co static.leadpages.net
1 www.google.com security.johnoconnorpresents.com
1 maps.google.com 1 redirects
1 player.vimeo.com security.johnoconnorpresents.com
1 d10lpsik1i8c69.cloudfront.net security.johnoconnorpresents.com
1 embed.lpcontent.net security.johnoconnorpresents.com
1 www.googletagmanager.com security.johnoconnorpresents.com
1 fonts.googleapis.com security.johnoconnorpresents.com
1 security.johnoconnorpresents.com
53 25

This site contains links to these domains. Also see Links.

Domain
www.surveymonkey.com
retirewithoconnor.com
www.embedgooglemap.net
Subject Issuer Validity Valid
security.johnoconnorpresents.com
R10		 2024-07-30 -
2024-10-28		 3 months crt.sh
static.leadpages.net
GTS CA 1D4		 2024-06-05 -
2024-09-03		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
embed.lpcontent.net
WR3		 2024-07-21 -
2024-10-19		 3 months crt.sh
js.center.io
WR3		 2024-06-23 -
2024-09-21		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-08 -
2024-08-06		 3 months crt.sh
player.vimeo.com
WE1		 2024-07-25 -
2024-10-23		 3 months crt.sh
surveymonkey.com
Amazon RSA 2048 M03		 2023-11-16 -
2024-12-14		 a year crt.sh
*.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.lpages.co
R3		 2024-05-14 -
2024-08-12		 3 months crt.sh
luckyorange.net
WE1		 2024-07-26 -
2024-10-24		 3 months crt.sh
*.leadpages.io
R3		 2024-05-14 -
2024-08-12		 3 months crt.sh
s.adroll.com
Amazon RSA 2048 M02		 2024-05-03 -
2025-06-01		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh

This page contains 9 frames:

Primary Page: https://security.johnoconnorpresents.com/
Frame ID: C739A511B06738FDF25EC7FF9E10E89A
Requests: 44 HTTP requests in this frame

Frame: https://player.vimeo.com/video/267286595
Frame ID: E41D4C8A67BC9774EC72464C8E2BBA03
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sO%27Connor+and+Associates+1230+E.+Diehl+Rd.,+Suite+106+Naperville,+IL+60563!6i13
Frame ID: 4D800FB07C41C88265824960EEE6D9D9
Requests: 1 HTTP requests in this frame

Frame: https://ondemandseminar.lpages.co/serve-leadbox/swStfq7nRPUAbe9oeSESk3/
Frame ID: E7B31F94C58420199BC56353145599CB
Requests: 1 HTTP requests in this frame

Frame: https://ondemandseminar.lpages.co/serve-leadbox/GFscdiF2XfdqMcgBAZJffS/
Frame ID: 63A5491A14D239EDC840EC17FA5ABF90
Requests: 1 HTTP requests in this frame

Frame: https://advisorsdigitaledge.lpages.co/serve-leadbox/fKz89qGamPU458djypMuZF/
Frame ID: 3D4D9191E04D9AC4FA9E065818B46074
Requests: 1 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: AA6C902C6380F790E1762C4007D3ABC3
Requests: 1 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js
Frame ID: 488319EDA12B75E3A78BDED8F54125F1
Requests: 2 HTTP requests in this frame

Frame: https://www.surveymonkey.com/r/6BYYD9B?embedded=1
Frame ID: 906D459CA9987470FCCB38FF20CAE4A0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Social Security OnDemand Seminar

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

96 %
HTTPS

57 %
IPv6

20
Domains

25
Subdomains

23
IPs

4
Countries

958 kB
Transfer

1867 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://maps.google.com/maps?q=O%27Connor%20and%20Associates%201230%20E.%20Diehl%20Rd.%2C%20Suite%20106%20Naperville%2C%20IL%2060563&t=&z=13&ie=UTF8&iwloc=&output=embed HTTP 301
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sO%27Connor+and+Associates+1230+E.+Diehl+Rd.,+Suite+106+Naperville,+IL+60563!6i13
Request Chain 48
  • https://s.adroll.com/j/pre/I7EKOA5TM5B6XKPNWFBKWV/A2B3T56JCVHNLOLYRQGPV3/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
security.johnoconnorpresents.com/ 		126 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
22c47501c80a13c472d9c856507b6c4986853afac45a5f9161f62389da99410a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
br
content-type
text/html
date
Tue, 30 Jul 2024 01:43:03 GMT
etag
W/"21f705c7f482011db297402316789912"
last-modified
Mon, 11 Dec 2023 15:57:15 GMT
server
Leadpages
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-cache
MISS, HIT
all.min.css
static.leadpages.net/fonts/font-awesome/6.4.2/css/ 		100 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:49:05 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
284038
etag
"-6uIpg"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-cloud-trace-context
ddbcb2ac51a4534d09f746a3afdb91fb
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26836
expires
Sat, 26 Jul 2025 18:49:05 GMT
css
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:300,400,500,700|Roboto:300,400,500,700|Raleway:300,400,500,700
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f507f50e87fdbe363aab5e5dc76525f88eb9e874c6830f32ce0a930c98704345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jul 2024 01:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jul 2024 01:43:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jul 2024 01:43:03 GMT
js
www.googletagmanager.com/gtag/ 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-134632641-23
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
acf62c27a394c41eaf305e367c21ef2ec895d6ed3c4d7bfd386d427d228d5b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:43:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72409
x-xss-protection
0
last-modified
Tue, 30 Jul 2024 00:16:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Jul 2024 01:43:04 GMT
-vI9CkxMI1ffhfrsKDqM6G_Tm8-n5uAy5yYnOVyte79-ZzODgJ0RJlrexIH1VB9Rjy-U-9pDt2Scx-MuLEAVw0AfQXwANoyDl4Q=s0
lh3.googleusercontent.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-vI9CkxMI1ffhfrsKDqM6G_Tm8-n5uAy5yYnOVyte79-ZzODgJ0RJlrexIH1VB9Rjy-U-9pDt2Scx-MuLEAVw0AfQXwANoyDl4Q=s0
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
aa9f706f1ab31418b37775073d8a52a19085c159dc1610e07ddccf8523829276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:43:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9468
x-xss-protection
0
expires
Wed, 31 Jul 2024 01:43:04 GMT
embed.js
static.leadpages.net/leadboxes/current/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/leadboxes/current/embed.js
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:42:55 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
8
etag
"-6uIpg"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cloud-trace-context
0136649b3e951905e6514263d3f6a0e4
cache-control
public, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14811
expires
Tue, 30 Jul 2024 01:47:55 GMT
DnuvGKsrACTkHfzQ6KalS0ZiBIBOGvFWVSF_UmsG1EPkuSoyvwCj_hgk84PMoY3SSexkY1GzIeKvm2ozgldBKZ9ILCi7ZuKBobsY=w16
lh3.googleusercontent.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/DnuvGKsrACTkHfzQ6KalS0ZiBIBOGvFWVSF_UmsG1EPkuSoyvwCj_hgk84PMoY3SSexkY1GzIeKvm2ozgldBKZ9ILCi7ZuKBobsY=w16
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
19a07bb803d398d9bc0319c658bbe8be0208137c5b0ec69437ff956545fc61f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:43:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3678
x-xss-protection
0
expires
Wed, 31 Jul 2024 01:43:04 GMT
SL1-r6vCXmRvMnOzznc2lIvMvD0WPB0XaCi2T_STJ0lfgPvJqrL8_paNPcDqLozMQpyi9-gZyemcXtO_lxnhCA=w16
lh3.googleusercontent.com/ 		700 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/SL1-r6vCXmRvMnOzznc2lIvMvD0WPB0XaCi2T_STJ0lfgPvJqrL8_paNPcDqLozMQpyi9-gZyemcXtO_lxnhCA=w16
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
98c99fa0ace920a4383a561a2dc97e3388e2a95f74a62f439ea8e25603a41786
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:43:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
700
x-xss-protection
0
expires
Wed, 31 Jul 2024 01:43:04 GMT
BEUCHGEzQ5IdczfjPdpfVcUOdj2f0iI1Wy3ZkXnf5gblhQBYlJBTqRgfF0zb_zM5UKyuwEyvVKnT0L0VK9XfBz_XSjvHu_rwcTDC=w16
lh3.googleusercontent.com/ 		814 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/BEUCHGEzQ5IdczfjPdpfVcUOdj2f0iI1Wy3ZkXnf5gblhQBYlJBTqRgfF0zb_zM5UKyuwEyvVKnT0L0VK9XfBz_XSjvHu_rwcTDC=w16
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
65dae4a522c3cf452e188e3559baaa22a8cdf44c9715abbfd385b824fc171a7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:43:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
814
x-xss-protection
0
expires
Wed, 31 Jul 2024 01:43:04 GMT
embed.js
embed.lpcontent.net/leadboxes/current/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:40:58 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
126
etag
"-6uIpg"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cloud-trace-context
6745cb623eee14b8004b948233f89e8f
cache-control
public, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14811
expires
Tue, 30 Jul 2024 01:45:58 GMT
center.js
js.center.io/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.center.io/center.js
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:39:43 GMT
content-encoding
gzip
server
Google Frontend
age
201
etag
"OMWYXg"
content-type
application/javascript
x-cloud-trace-context
8f3b91437c2e4e0a150dcdafd8addb98
cache-control
public, max-age=300
content-length
5417
expires
Tue, 30 Jul 2024 01:44:43 GMT
w.js
d10lpsik1i8c69.cloudfront.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.58.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-58-192.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:35:23 GMT
content-encoding
gzip
via
1.1 f746a613a6247a8dda339ff5d3973662.cloudfront.net (CloudFront)
last-modified
Thu, 25 Jan 2024 18:19:40 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
age
702
x-amz-server-side-encryption
AES256
etag
W/"e31293f40e8a324de552ff593ee76a9b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
LSPjHtt8O0TVMCks7ABF65QNhgoMn3LQhEZofEq3uS4xijCNPD56pg==
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 30 Jul 2024 01:43:04 GMT
document-policy
force-load-at-top
x-fb-server-load
31
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
0DW/vMzrFHoM4yk4XR91rlyoKipYVvsvghsFHK9FOxFZzZ/sDcCtumw77yXB0nFcQpKyLZ9sPNiU6qhcWnDbgw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
267286595
player.vimeo.com/video/ Frame E41D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/267286595
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.johnoconnorpresents.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

CF-Cache-Status
DYNAMIC
CF-Ray
8ab1a7da39604541-TXL
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Jul 2024 01:43:04 GMT
Expires
Fri, 15 Dec 1985 19:30:00 GMT
Link
<https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 varnish
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
x-backend-server
player-backend-edge-entry
x-bapp-server
player-backend-656cf488df-wlb2h
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-host
player-backend-656cf488df-wlb2h
x-player-backend
g
x-served-by
cache-cph2320043-CPH
x-timer
S1722303784.055796,VS0,VE354
x-xss-protection
1; mode=block
tRaiETqnLgj758hTBazgd7_2Bnfk9H0eE_2F7b7WozAVYG1WR_2FyBLyYbqrKKRnhyYIE_2B.js
widget.surveymonkey.com/collect/website/js/ 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.surveymonkey.com/collect/website/js/tRaiETqnLgj758hTBazgd7_2Bnfk9H0eE_2F7b7WozAVYG1WR_2FyBLyYbqrKKRnhyYIE_2B.js
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.165.113.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-113-47.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
f3f070bdf8b80929e2758cf2dc41f2ef91e82f01ec8625f7a9696cf0971bdd51
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com https://*.crazyegg.com wss://*.hotjar.com wss://*.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://ajax.googleapis.com https://bat.bing.com https://*.crazyegg.com https://static.hotjar.com https://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' https://secure.surveymonkey.com 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:43:04 GMT
content-security-policy
default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com https://*.crazyegg.com wss://*.hotjar.com wss://*.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://ajax.googleapis.com https://bat.bing.com https://*.crazyegg.com https://static.hotjar.com https://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' https://secure.surveymonkey.com 'self';
x-content-type-options
nosniff
content-encoding
br
via
1.1 2d2a52e6a3e5c25c93ad74a35ed41b4c.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P3
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
sm-request-id
93JFkC6NNEyvuKi6uoltFiHpihtZc-pEGeZ_4GD_8cLFvwkrziKPzQ==
server-timing
traceparent;desc="00-6ecb3c5fdda00c171e85388db0ea93ec-4621747d0f067114-01"
x-xss-protection
1;mode=block
server
nginx
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Server-Timing
x-amz-cf-id
93JFkC6NNEyvuKi6uoltFiHpihtZc-pEGeZ_4GD_8cLFvwkrziKPzQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
embed
www.google.com/maps/ Frame 4D80
Redirect Chain
  • https://maps.google.com/maps?q=O%27Connor%20and%20Associates%201230%20E.%20Diehl%20Rd.%2C%20Suite%20106%20Naperville%2C%20IL%2060563&t=&z=13&ie=UTF8&iwloc=&output=embed
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sO%27Connor+and+Associates+1230+E.+Diehl+Rd.,+Suite+106+Naperville,+IL+60563!6i13
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sO%27Connor+and+Associates+1230+E.+Diehl+Rd.,+Suite+106+Naperville,+IL+60563!6i13
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-jd1b-dte6ZdSXKYqb76sLw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1486
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-jd1b-dte6ZdSXKYqb76sLw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Tue, 30 Jul 2024 01:43:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-robots-tag
noindex,nofollow
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 30 Jul 2024 01:43:04 GMT
location
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sO%27Connor+and+Associates+1230+E.+Diehl+Rd.,+Suite+106+Naperville,+IL+60563!6i13
server
scaffolding on HTTPServer2
vary
Origin X-Origin Referer
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
rTAj1Dy1MIl9Ktju5ybRvAvQH7dnmTwx65ukwOn0sELs9TsS2nYhv3dvJxMkrF7oe_feX93zbmrDxiH7WnWkVA=w16
lh3.googleusercontent.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/rTAj1Dy1MIl9Ktju5ybRvAvQH7dnmTwx65ukwOn0sELs9TsS2nYhv3dvJxMkrF7oe_feX93zbmrDxiH7WnWkVA=w16
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cad509336f8eb04dfaf47fc91cc88c8d1a1646f2f4f9c2c0ca79ee1dd05d45e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:43:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1144
x-xss-protection
0
expires
Wed, 31 Jul 2024 01:43:04 GMT
2sHRaUCIRMMdnR4ODsGma1t81PW8gHDQB_ohEZNEuyLVmFDf2skXgtTlL9WzKYeKO1-fPgA5NvjedId7BXblwQ=w16
lh3.googleusercontent.com/ 		380 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/2sHRaUCIRMMdnR4ODsGma1t81PW8gHDQB_ohEZNEuyLVmFDf2skXgtTlL9WzKYeKO1-fPgA5NvjedId7BXblwQ=w16
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
decdf198c825c817443bd2299df3947f0e64a5faf578c11819208c204b73ac71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:43:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
380
x-xss-protection
0
expires
Wed, 31 Jul 2024 01:43:04 GMT
oY4pObgXizsVJFYW6otJPzxqi5lG3cnDFr53elk_LPzXpkw1Y2Actkd0wS0zdkbW7wwyyNZyHWuIx9NIIHYS=w16
lh3.googleusercontent.com/ 		335 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/oY4pObgXizsVJFYW6otJPzxqi5lG3cnDFr53elk_LPzXpkw1Y2Actkd0wS0zdkbW7wwyyNZyHWuIx9NIIHYS=w16
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8e532a65de40f24689fd0bb8ca1bd8ddd401bdfb0c6987bcbf1ef2fae1e9dcd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:43:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Wed, 31 Jul 2024 01:43:04 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:300,400,500,700|Roboto:300,400,500,700|Raleway:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://security.johnoconnorpresents.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 03:10:49 GMT
x-content-type-options
nosniff
age
253935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Jul 2025 03:10:49 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:300,400,500,700|Roboto:300,400,500,700|Raleway:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://security.johnoconnorpresents.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 14:43:18 GMT
x-content-type-options
nosniff
age
557986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 14:43:18 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:300,400,500,700|Roboto:300,400,500,700|Raleway:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://security.johnoconnorpresents.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 11:31:13 GMT
x-content-type-options
nosniff
age
310311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48336
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Jul 2025 11:31:13 GMT
fa-solid-900.woff2
static.leadpages.net/fonts/font-awesome/6.4.2/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/fonts/font-awesome/6.4.2/webfonts/fa-solid-900.woff2
Requested by
Host: static.leadpages.net
URL: https://static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Request headers

Referer
https://static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css
Origin
https://security.johnoconnorpresents.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 18:20:06 GMT
via
1.1 google
server
Google Frontend
age
1495378
etag
"-6uIpg"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-cloud-trace-context
9e0dbba66367352d85d66d65376ec964
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
150020
expires
Sat, 12 Jul 2025 18:20:06 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:300,400,500,700|Roboto:300,400,500,700|Raleway:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://security.johnoconnorpresents.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 11:45:27 GMT
x-content-type-options
nosniff
age
568657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38372
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:15:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 11:45:27 GMT
/
ondemandseminar.lpages.co/serve-leadbox/swStfq7nRPUAbe9oeSESk3/ Frame E7B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ondemandseminar.lpages.co/serve-leadbox/swStfq7nRPUAbe9oeSESk3/
Requested by
Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://security.johnoconnorpresents.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
br
content-type
text/html
date
Tue, 30 Jul 2024 01:43:04 GMT
etag
W/"0621542378410a1bd7949f1d1a939f14"
last-modified
Mon, 11 Dec 2023 15:57:48 GMT
server
Leadpages
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-cache
MISS, HIT
/
ondemandseminar.lpages.co/serve-leadbox/GFscdiF2XfdqMcgBAZJffS/ Frame 63A5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ondemandseminar.lpages.co/serve-leadbox/GFscdiF2XfdqMcgBAZJffS/
Requested by
Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://security.johnoconnorpresents.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
br
content-type
text/html
date
Tue, 30 Jul 2024 01:43:04 GMT
etag
W/"75cb68bf1a5a4368da98d80a966a70c0"
last-modified
Mon, 11 Dec 2023 15:57:16 GMT
server
Leadpages
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-cache
MISS, HIT
rTAj1Dy1MIl9Ktju5ybRvAvQH7dnmTwx65ukwOn0sELs9TsS2nYhv3dvJxMkrF7oe_feX93zbmrDxiH7WnWkVA=w1600
lh3.googleusercontent.com/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/rTAj1Dy1MIl9Ktju5ybRvAvQH7dnmTwx65ukwOn0sELs9TsS2nYhv3dvJxMkrF7oe_feX93zbmrDxiH7WnWkVA=w1600
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0a57ed751b6fed5edb4970e00fd96d001170bca7761f4b3e6cb9db4b5088c4d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:43:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56395
x-xss-protection
0
expires
Wed, 31 Jul 2024 01:43:04 GMT
2sHRaUCIRMMdnR4ODsGma1t81PW8gHDQB_ohEZNEuyLVmFDf2skXgtTlL9WzKYeKO1-fPgA5NvjedId7BXblwQ=w1600
lh3.googleusercontent.com/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/2sHRaUCIRMMdnR4ODsGma1t81PW8gHDQB_ohEZNEuyLVmFDf2skXgtTlL9WzKYeKO1-fPgA5NvjedId7BXblwQ=w1600
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
69725467e06f9514310e27cfd18f2c04e857c1acde2cf67ab91971d5bb765622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:43:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16138
x-xss-protection
0
expires
Wed, 31 Jul 2024 01:43:04 GMT
/
advisorsdigitaledge.lpages.co/serve-leadbox/fKz89qGamPU458djypMuZF/ Frame 3D4D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://advisorsdigitaledge.lpages.co/serve-leadbox/fKz89qGamPU458djypMuZF/
Requested by
Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash

Request headers

Referer
https://security.johnoconnorpresents.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
br
content-type
text/html
date
Tue, 30 Jul 2024 01:43:04 GMT
server
Leadpages
vary
Accept-Encoding
/
settings.luckyorange.net/ 		128 B
775 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.net/?u=https%3A%2F%2Fsecurity.johnoconnorpresents.com%2F&s=142977
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c610485b34da42edfe3dd95de3cd150158393e71403e357d8d6454b3e30b435
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:43:04 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://security.johnoconnorpresents.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WiTKMnIJJucP3MSZMKUd3UtqAg3TFy2SGoRHeawo6xk1IaltMTGia4MIMVXcB52WOg2AfcAwp8LXSahB8euSkgtYEy4MiMlBYc8ERLzU%2B0O0Yy%2F0Cr22fhjYzqcz0hjSHg7dkyHMnV%2FY9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cf-ray
8ab1a7dbce7b3660-FRA
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
content-length
121
identify.html
js.center.io/ Frame AA6C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.center.io/identify.html
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Referer
https://security.johnoconnorpresents.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
0
cache-control
public, max-age=300
content-encoding
gzip
content-length
2016
content-type
text/html
date
Tue, 30 Jul 2024 01:43:04 GMT
etag
"OMWYXg"
expires
Tue, 30 Jul 2024 01:48:04 GMT
server
Google Frontend
x-cloud-trace-context
3ebba550fababae78734574cc3cb71e7
1100035103528503
connect.facebook.net/signals/config/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1100035103528503?v=2.9.162&r=stable&domain=security.johnoconnorpresents.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8adf4b61bccf57c45d87f0296414afb3172731b667e72525b1615a90a3eb634
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 30 Jul 2024 01:43:04 GMT
document-policy
force-load-at-top
x-fb-server-load
25
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=65, mss=1297, tbw=64217, tp=-1, tpl=-1, uplat=213, ullat=0
pragma
public
x-fb-debug
alyUU9YKp5ACbsWj3ClA2M1E+m9062YrjelyvC+kHxAxqzocM3AGsDYqOrT0UP7BVjBl1nbvAhmCwiUHlYGOyA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134632641-23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 30 Jul 2024 00:53:22 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2982
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 30 Jul 2024 02:53:22 GMT
SL1-r6vCXmRvMnOzznc2lIvMvD0WPB0XaCi2T_STJ0lfgPvJqrL8_paNPcDqLozMQpyi9-gZyemcXtO_lxnhCA=w515
lh3.googleusercontent.com/ 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/SL1-r6vCXmRvMnOzznc2lIvMvD0WPB0XaCi2T_STJ0lfgPvJqrL8_paNPcDqLozMQpyi9-gZyemcXtO_lxnhCA=w515
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a641c28e516c87baaca33b1287da914b9758369685bee1caad17be6a87f61517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:43:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163848
x-xss-protection
0
expires
Wed, 31 Jul 2024 01:43:04 GMT
DnuvGKsrACTkHfzQ6KalS0ZiBIBOGvFWVSF_UmsG1EPkuSoyvwCj_hgk84PMoY3SSexkY1GzIeKvm2ozgldBKZ9ILCi7ZuKBobsY=w432
lh3.googleusercontent.com/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/DnuvGKsrACTkHfzQ6KalS0ZiBIBOGvFWVSF_UmsG1EPkuSoyvwCj_hgk84PMoY3SSexkY1GzIeKvm2ozgldBKZ9ILCi7ZuKBobsY=w432
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6d0987595360555ddda66348ab748b56adb82acd8cf7d8cdf05c7b390bfd0fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:43:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53277
x-xss-protection
0
expires
Wed, 31 Jul 2024 01:43:04 GMT
collect
www.google-analytics.com/j/ 		1 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=699805064&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity.johnoconnorpresents.com%2F&ul=de-de&de=UTF-8&dt=Social%20Security%20OnDemand%20Seminar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1435049455&gjid=805020583&cid=1724816061.1722303784&tid=UA-134632641-23&_gid=190273907.1722303784&_r=1&gtm=457e47t0za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250753&jsscut=1&npa=1&z=746834434
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 01:43:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://security.johnoconnorpresents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1100035103528503&ev=PageView&dl=https%3A%2F%2Fsecurity.johnoconnorpresents.com%2F&rl=&if=false&ts=1722303784509&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722303784500.62346797077410262&ler=empty&cdl=API_unavailable&it=1722303784215&coo=false&rqm=GET
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2816, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 30 Jul 2024 01:43:04 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1100035103528503&ev=PageView&dl=https%3A%2F%2Fsecurity.johnoconnorpresents.com%2F&rl=&if=false&ts=1722303784509&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722303784500.62346797077410262&ler=empty&cdl=API_unavailable&it=1722303784215&coo=false&rqm=FGET
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 30 Jul 2024 01:43:04 GMT
document-policy
force-load-at-top
x-fb-server-load
29
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397238426467254130", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=14, mss=1297, tbw=3134, tp=-1, tpl=-1, uplat=167, ullat=0
pragma
no-cache
x-fb-debug
/Rip810fKoyUHbNDIZajRAJzKbcyD4gt6FUrk+nGHwWsrlCQ/DV0FM8sz+ZjG4aXjEvOB06U2BvGNLxFVf3ixQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397238426467254130"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
capture
api.leadpages.io/analytics/v1/events/ 		35 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=CQJs9YyxX8Ddd5eybdm8qY&v=&e=&st=&lc=de-DE&pid=t32U5xsTZfgo2s67DetHfd-default-prop&uid=7dj9TYHHWpWBnRPZn4ZHeX&sid=2gspSvx2zdESttg5H5BzCG&cid=lp-CQJs9YyxX8Ddd5eybdm8qY&uri=https%3A%2F%2Fsecurity.johnoconnorpresents.com%2F&rf=&rx=1600&ry=1200&tz=%2B02%3A00
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 01:43:04 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://security.johnoconnorpresents.com
X-Forwarded-For
80.255.7.105
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00lg59gn1u043kk6c6c0
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=YCr97HpoP7wMzSvHpH4i5c&kind=text,text,text,text,timer,counter,text&label=lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=swStfq7nRPUAbe9oeSESk3,swStfq7nRPUAbe9oeSESk3,GFscdiF2XfdqMcgBAZJffS,swStfq7nRPUAbe9oeSESk3,251.19999980926514,1,fKz89qGamPU458djypMuZF
Requested by
Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 01:43:04 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://security.johnoconnorpresents.com
X-Forwarded-For
80.255.7.105
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00lg590jt93jfp2ki82g
jquery.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame 4883 		276 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js
Requested by
Host: widget.surveymonkey.com
URL: https://widget.surveymonkey.com/collect/website/js/tRaiETqnLgj758hTBazgd7_2Bnfk9H0eE_2F7b7WozAVYG1WR_2FyBLyYbqrKKRnhyYIE_2B.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 15:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84371
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 15:22:26 GMT
cookie.js
widget.surveymonkey.com/collect/website/js/ Frame 4883 		23 B
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.surveymonkey.com/collect/website/js/cookie.js?_=1722303785229
Requested by
Host: widget.surveymonkey.com
URL: https://widget.surveymonkey.com/collect/website/js/tRaiETqnLgj758hTBazgd7_2Bnfk9H0eE_2F7b7WozAVYG1WR_2FyBLyYbqrKKRnhyYIE_2B.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.165.113.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-113-47.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
69f31566d58ee19706a2f8e1ba4f1df5152d2112b2e3da32bea647b846d4409d
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com https://*.crazyegg.com wss://*.hotjar.com wss://*.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://ajax.googleapis.com https://bat.bing.com https://*.crazyegg.com https://static.hotjar.com https://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' https://secure.surveymonkey.com 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 08:15:33 GMT
content-security-policy
default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com https://*.crazyegg.com wss://*.hotjar.com wss://*.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://ajax.googleapis.com https://bat.bing.com https://*.crazyegg.com https://static.hotjar.com https://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' https://secure.surveymonkey.com 'self';
x-content-type-options
nosniff
via
1.1 2d2a52e6a3e5c25c93ad74a35ed41b4c.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P3
age
408452
x-cache
Hit from cloudfront
sm-request-id
FGhf56S-q5TlX0FVzLxWN9C7sgaGwuar2ltYsQMv8hUx1WFRQjAz8Q==
content-length
23
x-xss-protection
1;mode=block
server
nginx
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Server-Timing
x-amz-cf-id
sUmxAVXnjqy0QlyNacaCt22S_NOQgQHse0szzW_FLGNjdVUbwcmw9A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
6BYYD9B
www.surveymonkey.com/r/ Frame 906D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.surveymonkey.com/r/6BYYD9B?embedded=1
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.164.163.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-163-108.cdg55.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com https://*.crazyegg.com wss://*.hotjar.com wss://*.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://ajax.googleapis.com https://bat.bing.com https://*.crazyegg.com https://static.hotjar.com https://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' https://resources.surveymonkey.com 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://security.johnoconnorpresents.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Expose-Headers
Server-Timing
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Jul 2024 01:43:06 GMT
Referrer-Policy
strict-origin-when-cross-origin
Server-Timing
traceparent;desc="00-02195bf9866f66f74536ab8243314100-f5323414e2126636-01"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Via
1.1 7742ef69b22088d989e8153bae612d8a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
b03aSAioFYgcaQykShJHFyHyA0ke9VlBpCPQbcEg2q1822tGsXPb0g==
X-Amz-Cf-Pop
CDG55-P3
X-Cache
Miss from cloudfront
content-security-policy
default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com https://*.crazyegg.com wss://*.hotjar.com wss://*.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://ajax.googleapis.com https://bat.bing.com https://*.crazyegg.com https://static.hotjar.com https://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' https://resources.surveymonkey.com 'self';
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
rexr-request
current:94d75c746f4ee7633e216afbe113c9a7:1722303786.355:231
server
nginx
sl_notranslate
1
sm-request-id
b03aSAioFYgcaQykShJHFyHyA0ke9VlBpCPQbcEg2q1822tGsXPb0g==
vary
Accept-Encoding, Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1;mode=block
sm-logo-grey-145x30.png
prod.smassets.net/assets/responseweb/responseweb/1.0.0/assets/images/website/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.smassets.net/assets/responseweb/responseweb/1.0.0/assets/images/website/sm-logo-grey-145x30.png
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.165.113.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-113-47.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bea4b6b838fce3abb195561547175c783c84308e3221c12aa48fa590e8234e26
Security Headers
Name Value
Content-Security-Policy default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:07:37 GMT
x-amz-version-id
3tW9n3od9j9gg4XGpF2KDu91vF.mMNdm
via
1.1 2d2a52e6a3e5c25c93ad74a35ed41b4c.cloudfront.net (CloudFront)
content-security-policy
default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
1ERA6A2QY0KN6E9V
x-amz-cf-pop
CDG50-P3
x-amz-server-side-encryption
AES256
age
2128
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
2816
x-amz-id-2
PXkSJRLn6+s3x8qPXqHYY8tW/gAQf63oo91Q+Tum0kemCkPsJkzSp2HLxBAStxZPHvRLtvyw1ro=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 25 Jul 2024 16:57:23 GMT
server
AmazonS3
etag
"82e8b3760acb8446722b87052b801417"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=7884000, public
accept-ranges
bytes
x-amz-cf-id
4TOPO2jPsI931j-ryDKiWM1EVtxHUMNEzWcV6wxFBG54tMDbw-iYpg==
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=YCr97HpoP7wMzSvHpH4i5c&kind=timer,timer&label=lb_embed_leadbox_load,lb_embed_leadbox_load&value=976.2000007629395,967.8999996185303
Requested by
Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 01:43:05 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://security.johnoconnorpresents.com
X-Forwarded-For
80.255.7.105
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00lg595qlqi83po46b6g
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=YCr97HpoP7wMzSvHpH4i5c&kind=timer&label=lb_embed_leadbox_load&value=1665.2999992370605
Requested by
Host: static.leadpages.net
URL: https://static.leadpages.net/leadboxes/current/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 01:43:06 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://security.johnoconnorpresents.com
X-Forwarded-For
80.255.7.105
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00lg59bcs1vsk8hidhjg
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,309,283,644,6,649,941,942,4668,4668
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 01:43:07 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
80.255.7.105
Content-Type
image/gif
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00lg5a7idfko1m18vdb0
lF6xL2u513TB6C0qwhbjWvpRtdWd21DzolQw_iS56Sl3XJWpflyg_UCq_R6IjmiLv9j_XYTLiN4lS0JRz5q4YfSptGn43_YkiB4P=s32
lh3.googleusercontent.com/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lh3.googleusercontent.com/lF6xL2u513TB6C0qwhbjWvpRtdWd21DzolQw_iS56Sl3XJWpflyg_UCq_R6IjmiLv9j_XYTLiN4lS0JRz5q4YfSptGn43_YkiB4P=s32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f1.1e100.net
Software
fife /
Resource Hash
3455a67ca2f44d8f14b2abdbe8322b8f7b63a63db91bedc89f42c0f323ea73e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:43:08 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3246
x-xss-protection
0
expires
Wed, 31 Jul 2024 01:43:08 GMT
roundtrip.js
s.adroll.com/j/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: security.johnoconnorpresents.com
URL: https://security.johnoconnorpresents.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2664:2c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02b5db103f24a7395fa2623b371ea764e2948337147de780911dc2fcdec49458

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id
fsiDuzy5vys3wCM7hYlFnR.TBXHQSKgT
Content-Encoding
gzip
Via
1.1 7b75efd20bebcd4fee78c75f0b1a9fa8.cloudfront.net (CloudFront)
Date
Tue, 30 Jul 2024 01:14:46 GMT
Age
1702
X-Amz-Cf-Pop
CDG55-P2
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 04 Jul 2024 15:21:58 GMT
Server
AmazonS3
Etag
W/"c3ca7e6129306d41ac549ab4c252c99b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
5LzIjdQyuD6k04tCFPZc4EEBJojcwbeEpK_SJGwZaFD0fClCryqr7Q==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/I7EKOA5TM5B6XKPNWFBKWV/A2B3T56JCVHNLOLYRQGPV3/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
2600:9000:2664:2c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date
Mon, 29 Jul 2024 06:38:02 GMT
Via
1.1 b31b702392fc9dd54b5cf7fe532cf352.cloudfront.net (CloudFront)
Age
68707
X-Amz-Cf-Pop
CDG55-P2
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
X_BWRB1In9VmdgqfNsZqxg4oak7EADZ5Ksb7PAmCGHpcdJmtZ5A0yQ==

Redirect headers

Date
Mon, 29 Jul 2024 23:47:42 GMT
Via
1.1 7b75efd20bebcd4fee78c75f0b1a9fa8.cloudfront.net (CloudFront)
Age
6925
X-Amz-Cf-Pop
CDG55-P2
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
FldnsQzSSxLuSPM7N37iKL6XhYtt6qcg2lhQDH68S_KSvOxBOnmOMw==
index.js
s.adroll.com/j/pre/I7EKOA5TM5B6XKPNWFBKWV/A2B3T56JCVHNLOLYRQGPV3/ 		0
0
I7EKOA5TM5B6XKPNWFBKWV
d.adroll.com/consent/check/ 		536 B
629 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/I7EKOA5TM5B6XKPNWFBKWV?pv=51418913151.98588&arrfrr=https%3A%2F%2Fsecurity.johnoconnorpresents.com%2F&_s=1ee060ff16a2e6fa1717c9e9106960bc&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:c888:15ab:2d14:464 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
7886a66373a13e0352058e50484cdc3aec9efa1d73b3538ee5ac1b2d907e338d

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:43:08 GMT
server
nginx/1.22.1
content-length
536
content-type
application/javascript
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=4vLNMRCpmj8EGeBhgXCeHw&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=231.5,345.8999996185303,1,475.80000019073486
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://security.johnoconnorpresents.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 01:43:09 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://security.johnoconnorpresents.com
X-Forwarded-For
80.255.7.105
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00lg5ah6nqq9og0iqhr0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.adroll.com
URL
https://s.adroll.com/j/pre/I7EKOA5TM5B6XKPNWFBKWV/A2B3T56JCVHNLOLYRQGPV3/index.js

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 string| LeadPagesCenterObject function| center function| gtag object| dataLayer number| __lo_site_id function| fbq function| _fbq string| adroll_adv_id string| adroll_pix_id object| SMCX object| sup boolean| LPLeadboxesDispatched object| LPLeadboxes boolean| __lo_csr_added object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData boolean| __adroll_loaded string| adroll_sid object| __adroll_consent_data object| adroll object| __adroll object| adroll_loaded object| adroll_callbacks function| adroll_tpc_callback object| adroll_exp_list boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country

17 Cookies

Domain/Path Name / Value
.api.leadpages.io/analytics/v1/events/capture Name: view.t32U5xsTZfgo2s67DetHfd-default-prop.CQJs9YyxX8Ddd5eybdm8qY
Value: 1722303785000
.api.leadpages.io/analytics/v1/events/capture Name: view.wVxPjLuS24uynHELZfsPrV.YnZqAcs7vPqAxVABjoh5H9
Value: 1722303785000
.johnoconnorpresents.com/ Name: _ga
Value: GA1.2.1724816061.1722303784
.johnoconnorpresents.com/ Name: _gid
Value: GA1.2.190273907.1722303784
.johnoconnorpresents.com/ Name: _gat_gtag_UA_134632641_23
Value: 1
.johnoconnorpresents.com/ Name: _fbp
Value: fb.1.1722303784500.62346797077410262
.vimeo.com/ Name: vuid
Value: pl950563350.1261103203
.vimeo.com/ Name: __cf_bm
Value: dkSyRxmnXGDRmpCkRRvR4kCAHFsUuEOq19f8eRt8PxA-1722303785-1.0.1.1-J.Yo6F4fKs.En1IxXIOBnHAHjGiXMHC.lkYx_ADkEhBSas8FHmfVk5qtWFaUcnUu
.vimeo.com/ Name: _cfuvid
Value: YNU0mjxMEGjUCR.BaLH7JlUIIOGxxKI8.3Ldyg0flWc-1722303785229-0.0.1.1-604800000
security.johnoconnorpresents.com/ Name: smcx_248406602_last_shown_at
Value: 1722303785494
.surveymonkey.com/ Name: CX_248406602
Value: 1722303786214215:270004034:248406602:created
.surveymonkey.com/ Name: apex__sm
Value: 3H5KUSvJka0HHtLHv9weouMDlyyZkVyNCSW3dw_2BTCPlSJ9q3fhxlSQKr2GgNY8R_2FSdMiit77R7FwgEGFPt8i0eECxE_2Fgs14q9YxPLclTU0E_3D
.surveymonkey.com/ Name: auth
Value: VAIfdzeEniV12A68WitBPIa8blbpq1XCFYGU2coZC6BcIaO_2FTQJDxeupflsUYTdxnj3cqVAj_2FNkBua1VQdbWiNhkkweC_2BRNGcj4fOv1mgX4OXzTQIJWTFYN_2BjtZn0GomjvvobgJINZ7B59vOgzzDSw_3D_3D
.surveymonkey.com/ Name: ep201
Value: "DSfdby0Bj5Hq/QQLv4K9GM+Abjo="
.surveymonkey.com/ Name: ep203
Value: "cZQ3DWlV9AOgbI7AVIrF66fem4s="
.surveymonkey.com/ Name: sm_rec
Value: UserID=1&Username=&PackageID=1&LanguageID=1
www.surveymonkey.com/ Name: _splunk_rum_sid
Value: %7B%22id%22%3A%227d03ca139221e9f5b5a27f443d6ac23e%22%2C%22startTime%22%3A1722303787506%7D

1 Console Messages

Source Level URL
Text
other warning URL: https://security.johnoconnorpresents.com/(Line 95)
Message:
Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

advisorsdigitaledge.lpages.co
ajax.googleapis.com
api.leadpages.io
connect.facebook.net
d.adroll.com
d10lpsik1i8c69.cloudfront.net
embed.lpcontent.net
fonts.googleapis.com
fonts.gstatic.com
js.center.io
lh3.googleusercontent.com
maps.google.com
ondemandseminar.lpages.co
player.vimeo.com
prod.smassets.net
s.adroll.com
security.johnoconnorpresents.com
settings.luckyorange.net
static.leadpages.net
widget.surveymonkey.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.surveymonkey.com
s.adroll.com
13.224.58.192
142.250.185.68
162.159.138.60
172.67.75.100
2001:4860:4802:32::15
2001:4860:4802:36::15
216.58.206.65
2600:9000:2664:2c00:6:9280:1080:93a1
2a00:1450:4001:806::200a
2a00:1450:4001:806::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2008
2a00:1450:4001:81d::200a
2a00:1450:4001:827::2001
2a00:1450:4001:828::2003
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a05:d018:cc3:fe04:c888:15ab:2d14:464
3.164.163.108
3.165.113.47
34.107.203.240
35.192.151.63
35.202.21.90
02b5db103f24a7395fa2623b371ea764e2948337147de780911dc2fcdec49458
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0a57ed751b6fed5edb4970e00fd96d001170bca7761f4b3e6cb9db4b5088c4d9
19a07bb803d398d9bc0319c658bbe8be0208137c5b0ec69437ff956545fc61f1
1c610485b34da42edfe3dd95de3cd150158393e71403e357d8d6454b3e30b435
22c47501c80a13c472d9c856507b6c4986853afac45a5f9161f62389da99410a
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
3455a67ca2f44d8f14b2abdbe8322b8f7b63a63db91bedc89f42c0f323ea73e6
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
65dae4a522c3cf452e188e3559baaa22a8cdf44c9715abbfd385b824fc171a7a
69725467e06f9514310e27cfd18f2c04e857c1acde2cf67ab91971d5bb765622
69f31566d58ee19706a2f8e1ba4f1df5152d2112b2e3da32bea647b846d4409d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3
6d0987595360555ddda66348ab748b56adb82acd8cf7d8cdf05c7b390bfd0fab
7886a66373a13e0352058e50484cdc3aec9efa1d73b3538ee5ac1b2d907e338d
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
8e532a65de40f24689fd0bb8ca1bd8ddd401bdfb0c6987bcbf1ef2fae1e9dcd2
98c99fa0ace920a4383a561a2dc97e3388e2a95f74a62f439ea8e25603a41786
a641c28e516c87baaca33b1287da914b9758369685bee1caad17be6a87f61517
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa9f706f1ab31418b37775073d8a52a19085c159dc1610e07ddccf8523829276
acf62c27a394c41eaf305e367c21ef2ec895d6ed3c4d7bfd386d427d228d5b73
bea4b6b838fce3abb195561547175c783c84308e3221c12aa48fa590e8234e26
cad509336f8eb04dfaf47fc91cc88c8d1a1646f2f4f9c2c0ca79ee1dd05d45e7
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
decdf198c825c817443bd2299df3947f0e64a5faf578c11819208c204b73ac71
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
f3f070bdf8b80929e2758cf2dc41f2ef91e82f01ec8625f7a9696cf0971bdd51
f507f50e87fdbe363aab5e5dc76525f88eb9e874c6830f32ce0a930c98704345
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8adf4b61bccf57c45d87f0296414afb3172731b667e72525b1615a90a3eb634