covid.bestplace4kids.com Open in urlscan Pro
54.174.156.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://covid.bestplace4kids.com/
Effective URL:
https://covid.bestplace4kids.com/families
Submission: On April 02 via api (April 2nd 2020, 3:24:14 pm UTC) from US

Summary HTTP 30 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 17 domains to perform 30 HTTP transactions. The main IP is 54.174.156.76, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is covid.bestplace4kids.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 2nd 2020. Valid for: 3 months.

This is the only time covid.bestplace4kids.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	54.174.156.76 54.174.156.76	14618 (AMAZON-AES) (AMAZON-AES)
6	2600:9000:20e... 2600:9000:20e8:7a00:10:5e95:900:21	16509 (AMAZON-02) (AMAZON-02)
5	95.100.67.47 95.100.67.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	147.75.32.105 147.75.32.105	54825 (PACKET) (PACKET)
1 2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.78.89 13.225.78.89	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
1	52.218.253.105 52.218.253.105	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	147.75.84.91 147.75.84.91	54825 (PACKET) (PACKET)
2	2606:4700::68... 2606:4700::6810:f905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.85.106.126 54.85.106.126	14618 (AMAZON-AES) (AMAZON-AES)
1	147.75.32.99 147.75.32.99	54825 (PACKET) (PACKET)
1	2606:4700::68... 2606:4700::6810:fb05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	19

4 54.174.156.76 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-156-76.compute-1.amazonaws.com

covid.bestplace4kids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20e8:7a00:10:5e95:900:21 (United States)

ASN16509 (AMAZON-02, US)

d1no1r86ymoco4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.100.67.47 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-67-47.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.105 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress5

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.89 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-89.fra2.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.253.105 (Boardman, United States)

ASN16509 (AMAZON-02, US)

bridgecarefinance-media.s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.91 (Parsippany, United States)

ASN54825 (PACKET, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:f905 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.106.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-106-126.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.99 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress12

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fb05 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	cloudfront.net d1no1r86ymoco4.cloudfront.net	797 KB
5	typekit.net use.typekit.net p.typekit.net	81 KB
4	bestplace4kids.com 2 redirects covid.bestplace4kids.com	8 KB
3	hubspot.com api.hubspot.com track.hubspot.com	1 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	71 KB
2	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	32 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	hs-analytics.net js.hs-analytics.net	22 KB
1	usemessages.com js.usemessages.com	15 KB
1	gstatic.com fonts.gstatic.com	60 KB
1	amazonaws.com bridgecarefinance-media.s3-us-west-2.amazonaws.com	42 KB
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	189 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	160 B
1	hs-scripts.com js.hs-scripts.com	630 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	googleapis.com fonts.googleapis.com	468 B
30	17

	Domain	Requested by
6	d1no1r86ymoco4.cloudfront.net	covid.bestplace4kids.com
4	use.typekit.net	covid.bestplace4kids.com
4	covid.bestplace4kids.com	2 redirects d1no1r86ymoco4.cloudfront.net
2	api.hubspot.com	js.usemessages.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	track.hubspot.com
1	vars.hotjar.com	static.hotjar.com
1	heapanalytics.com
1	script.hotjar.com	static.hotjar.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	fonts.gstatic.com
1	bridgecarefinance-media.s3-us-west-2.amazonaws.com
1	www.google.de
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	cdn.heapanalytics.com	covid.bestplace4kids.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	d1no1r86ymoco4.cloudfront.net
1	p.typekit.net	covid.bestplace4kids.com
1	fonts.googleapis.com	covid.bestplace4kids.com
30	22

This site contains links to these domains. Also see Links.

Domain
www.bridgecarefinance.com
fortworthtexas.gov

Subject Issuer	Validity	Valid
covid.bestplace4kids.com Let's Encrypt Authority X3	`2020-04-02` - `2020-07-01`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
ssl817718.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-21` - `2020-07-29`	6 months	crt.sh
cdn.heapanalytics.com Amazon	`2019-10-22` - `2020-11-22`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-10`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
ssl817703.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-21` - `2020-07-29`	6 months	crt.sh
ssl803670.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-06` - `2020-05-14`	6 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
hubspot.com CloudFlare Inc ECC CA-2	`2019-12-04` - `2020-10-09`	10 months	crt.sh
heapanalytics.com Amazon	`2020-01-21` - `2021-02-21`	a year	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://covid.bestplace4kids.com/families
Frame ID: 39CDB0ABF1A1237BB332C623A053254F
Requests: 29 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: BFF33C5670F7778EA62BE91CB5B9C75A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://covid.bestplace4kids.com/ HTTP 301
https://covid.bestplace4kids.com/ HTTP 302
https://covid.bestplace4kids.com/families Page URL

Detected technologies

Erlang (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Cowboy (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /heap-\d+\.js/i

Page Statistics

30
Requests

100 %
HTTPS

62 %
IPv6

17
Domains

22
Subdomains

19
IPs

5
Countries

1181 kB
Transfer

3478 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bridgecarefinance.com/cookies.html
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: http://fortworthtexas.gov/COVID-19/
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://covid.bestplace4kids.com/ HTTP 301
https://covid.bestplace4kids.com/ HTTP 302
https://covid.bestplace4kids.com/families Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=976786536&t=pageview&_s=1&dl=https%3A%2F%2Fcovid.bestplace4kids.com%2Ffamilies&ul=en-us&de=UTF-8&dt=BestPlace4Kids&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1581028774&gjid=484089586&cid=924887907.1585841037&tid=UA-104476143-1&_gid=957644979.1585841037&_r=1&gtm=2wg3p1KB22RFV&z=2062221120 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-104476143-1&cid=924887907.1585841037&jid=1581028774&_gid=957644979.1585841037&gjid=484089586&_v=j81&z=2062221120 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104476143-1&cid=924887907.1585841037&jid=1581028774&_v=j81&z=2062221120 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104476143-1&cid=924887907.1585841037&jid=1581028774&_v=j81&z=2062221120&slf_rd=1&random=669019816

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set families Show response
covid.bestplace4kids.com/
Redirect Chain

http://covid.bestplace4kids.com/
https://covid.bestplace4kids.com/
https://covid.bestplace4kids.com/families

2 KB
3 KB

137ms
137ms

Document
text/html

54.174.156.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.bestplace4kids.com/families

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.174.156.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-174-156-76.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

e08382e73f57e38ca2c333a9757576c95a818c5fde8068488bae13848a6052d7

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://static.hotjar.com http://js.hs-scripts.com http://js.hs-analytics.net https://maps.googleapis.com http://cdn.heapanalytics.com https: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: covid.bestplace4kids.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: Cowboy
Date: Thu, 02 Apr 2020 15:23:56 GMT
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Content-Type: text/html; charset=utf-8
Etag: W/"e08382e73f57e38ca2c333a9757576c9"
Cache-Control: max-age=0, private, must-revalidate
Content-Security-Policy: script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://static.hotjar.com http://js.hs-scripts.com http://js.hs-analytics.net https://maps.googleapis.com http://cdn.heapanalytics.com https: 'unsafe-eval' 'unsafe-inline'
Set-Cookie: _bridgecare_core_session=oW2b0yICn46OPElvDS9iEiE1dSBzfHEDUtrL6UvjOL56tgAl0tJ90OFIwtyE6MOKjh17i0my2PgWKLrKXJ3Y3NVBzTyueBWdlMLUM%2B7UHXBrqPhJBb4Tu18PybvrAKyCWstMKJD0I96GKGfcAF3shTvnXMoFqF%2BB9GRRPootKEtrJXUJjgBF8Dltn6GFZVBXtLrr2e9kYS7WoLmUlyFHyoMBOjyPjACAnU6MffHw3Ro3lkrzbQ%2BdbdyUv1QgnGiEbRmBj0ho3t9pXc%2Fl4yrhkAvL3C4h7wSpkhEb2RCA5bU%3D--cqgzsgL8h4S9NGX%2F--Sxxer8neJMZooIwh8Mr1oA%3D%3D; path=/; secure; HttpOnly
X-Request-Id: 1859fde4-5bf2-40b1-bfc6-c41681220d88
X-Protected-By: Sqreen
X-Runtime: 0.019127
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
Transfer-Encoding: chunked
Via: 1.1 vegur

Redirect headers

Server: Cowboy
Date: Thu, 02 Apr 2020 15:23:56 GMT
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Location: https://covid.bestplace4kids.com/families
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
Content-Security-Policy: script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://static.hotjar.com http://js.hs-scripts.com http://js.hs-analytics.net https://maps.googleapis.com http://cdn.heapanalytics.com https: 'unsafe-eval' 'unsafe-inline'
X-Request-Id: 9f93ddfe-d327-4f1d-9655-c1fb9adf075a
X-Protected-By: Sqreen
X-Runtime: 0.079178
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
Transfer-Encoding: chunked
Via: 1.1 vegur

GET
H2 200 landing-e10bafad.css
d1no1r86ymoco4.cloudfront.net/packs/css/ 725 KB
94 KB 263ms
214ms Stylesheet
text/css 2600:9000:20e8:7a00:10:5e95:900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1no1r86ymoco4.cloudfront.net/packs/css/landing-e10bafad.css

Requested by

Host: covid.bestplace4kids.com
URL: https://covid.bestplace4kids.com/families

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20e8:7a00:10:5e95:900:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a1d316c3264ffbcb7ad87253ff490fdb5c21941fb4076994e93e6e21ec5dbce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 02 Apr 2020 15:23:56 GMT
via: 1.1 vegur, 1.1 9e9671d1669bd7a6c194fae423e5778d.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6800
cf-polished: origSize=742890
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 02 Apr 2020 06:36:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
x-amz-cf-pop: TXL52-C1
cf-ray: 57db8dcf6bc23bc1-CDG
x-amz-cf-id: 0JmRY91RUYKPn3MEr_wTGgu2do2PbxgBwcBxzijXpos6QIDCxnDE8w==
cf-bgj: minify

GET
H2 200 application-eeb033209c9cca77b820f736eb332f2bd998aa3144839cb85f6480ba8d37cdfc.css
d1no1r86ymoco4.cloudfront.net/assets/ 31 KB
8 KB 92ms
43ms Stylesheet
text/css 2600:9000:20e8:7a00:10:5e95:900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1no1r86ymoco4.cloudfront.net/assets/application-eeb033209c9cca77b820f736eb332f2bd998aa3144839cb85f6480ba8d37cdfc.css

Requested by

Host: covid.bestplace4kids.com
URL: https://covid.bestplace4kids.com/families

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20e8:7a00:10:5e95:900:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47413c8cbc5f1588a71bef597f1d51d4a0d02c47e05884d01f539127f944006d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 02 Apr 2020 13:30:36 GMT
via: 1.1 vegur, 1.1 9e9671d1669bd7a6c194fae423e5778d.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
age: 6800
cf-polished: origSize=31919
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Sun, 29 Mar 2020 22:11:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
x-amz-cf-pop: TXL52-C1
cf-ray: 57dae7c44df4cddf-CDG
x-amz-cf-id: 5Jbwh7RN3Fit0UJnNJwDT-5c2UK0ZV8vWK53iCaawT0z-Lj6XW-dgw==
cf-bgj: minify

GET
H2 200 application-4e46214d1ffb11fcaabea095f777e69aa9104e2273360f5e473afb31b80b893a.js Show response
d1no1r86ymoco4.cloudfront.net/assets/ 13 KB
5 KB 107ms
58ms Script
application/javascript 2600:9000:20e8:7a00:10:5e95:900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1no1r86ymoco4.cloudfront.net/assets/application-4e46214d1ffb11fcaabea095f777e69aa9104e2273360f5e473afb31b80b893a.js

Requested by

Host: covid.bestplace4kids.com
URL: https://covid.bestplace4kids.com/families

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20e8:7a00:10:5e95:900:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ffe18482d7aa21512bdc2e21b2f6539974a7e9e6d6c7fb5c366c6d86d6d547b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 9e9671d1669bd7a6c194fae423e5778d.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
age: 6800
x-cache: Hit from cloudfront
status: 200
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Tue, 03 Dec 2019 15:59:49 GMT
server: cloudflare
date: Thu, 02 Apr 2020 13:30:36 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
x-amz-cf-pop: TXL52-C1
cf-ray: 57d34d7edd93edd3-CDG
x-amz-cf-id: pCNrgHB75M_j4098a1mMoBzQJLncDj8j--e-TDLZR4YbEW5uCCfraQ==
cf-bgj: minify

GET
H2 200 landing-6483f18410d78f02d6a0.js Show response
d1no1r86ymoco4.cloudfront.net/packs/js/ 1 MB
412 KB 115ms
66ms Script
application/javascript 2600:9000:20e8:7a00:10:5e95:900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1no1r86ymoco4.cloudfront.net/packs/js/landing-6483f18410d78f02d6a0.js

Requested by

Host: covid.bestplace4kids.com
URL: https://covid.bestplace4kids.com/families

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20e8:7a00:10:5e95:900:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33c5d56c99cce0ad218446ec471c5ad527d3fd116b215e4e88acb55f809b40af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 13:30:36 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
age: 6800
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 420584
last-modified: Thu, 02 Apr 2020 06:36:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 vegur, 1.1 9e9671d1669bd7a6c194fae423e5778d.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
cf-ray: 57dae7c37e20ee89-CDG
x-amz-cf-id: KWRfC9C9Z-rbdf9ZoADfkfhddcNLrNOMR4RXb194C6w5ZRMldgievQ==

GET
H2 200 google_tag_manager-575cd869c3514c9b4b08a77760f991ccbd169c1d70a2e25b05d23c1f6859e960.js Show response
d1no1r86ymoco4.cloudfront.net/assets/ 331 B
878 B 108ms
60ms Script
application/javascript 2600:9000:20e8:7a00:10:5e95:900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1no1r86ymoco4.cloudfront.net/assets/google_tag_manager-575cd869c3514c9b4b08a77760f991ccbd169c1d70a2e25b05d23c1f6859e960.js

Requested by

Host: covid.bestplace4kids.com
URL: https://covid.bestplace4kids.com/families

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20e8:7a00:10:5e95:900:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1839fa62f9e506ca905d789e36de33a468adebf7fa2f09013db660c835c5ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 13:30:36 GMT
via: 1.1 vegur, 1.1 9e9671d1669bd7a6c194fae423e5778d.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
age: 6800
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Mon, 14 Oct 2019 21:02:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
x-amz-cf-pop: TXL52-C1
cf-ray: 57dae7c40f7bedbf-CDG
x-amz-cf-id: z-mjULiLEj26a-genvqwI4-FYj3f-1Ue8lRZI74-a0hM5f6tdoczUA==
cf-bgj: minify

GET
H2 200 lno8pof.css
use.typekit.net/ 15 KB
2 KB 200ms
159ms Stylesheet
text/css 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/lno8pof.css

Requested by

Host: covid.bestplace4kids.com
URL: https://covid.bestplace4kids.com/families

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-67-47.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

47889d9f245eca9271d59772e03cfd0a0e1b34f44b7f8bc20c85840a9e77a879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
access-control-allow-origin: *
date: Thu, 02 Apr 2020 15:23:56 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
status: 200
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 1483

GET
H2 200 css
fonts.googleapis.com/ 574 B
468 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons

Requested by

Host: covid.bestplace4kids.com
URL: https://covid.bestplace4kids.com/families

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Apr 2020 15:23:56 GMT
server: ESF
date: Thu, 02 Apr 2020 15:23:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Apr 2020 15:23:56 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
168 B 22ms
21ms Stylesheet
text/css 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=lno8pof&ht=tk&f=24535.24561.24562.24563.24565.24567.24571.24572.24573.27034.27040.27042.28747.28748.28750.28752.28754.28755.28756.28758.28760.28762&a=2715753&app=typekit&e=css
Requested by: Host: covid.bestplace4kids.com
URL: https://covid.bestplace4kids.com/families
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 02 Apr 2020 15:23:56 GMT
last-modified: Thu, 07 Feb 2019 19:28:12 GMT
server: nginx
access-control-allow-origin: *
etag: "5c5c86cc-5"
content-type: text/css
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5
expires: Thu, 12 Sep 2019 08:25:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 100 KB
35 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KB22RFV

Requested by

Host: d1no1r86ymoco4.cloudfront.net
URL: https://d1no1r86ymoco4.cloudfront.net/assets/google_tag_manager-575cd869c3514c9b4b08a77760f991ccbd169c1d70a2e25b05d23c1f6859e960.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3f9c4715179dd587582b971a07e8a212b4885b85ae0a3338524682609baf9dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 15:23:57 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35533
x-xss-protection: 0
last-modified: Thu, 02 Apr 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Apr 2020 15:23:57 GMT

GET
H/1.1 200
OK brand Show response
covid.bestplace4kids.com/public/api/ 2 KB
3 KB 135ms
135ms XHR
application/json 54.174.156.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.bestplace4kids.com/public/api/brand

Requested by

Host: d1no1r86ymoco4.cloudfront.net
URL: https://d1no1r86ymoco4.cloudfront.net/packs/js/landing-6483f18410d78f02d6a0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.174.156.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-174-156-76.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

e0ea5ce895548313c5eec951b48f4ede3d68ead5a7a8dda501e7706502471203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://covid.bestplace4kids.com/families
Sec-Fetch-Dest: empty
X-CSRF-Token: smz5qeHg4/AN7twPhGzyaSRscM0sYRckua7q39B84C+Ykd+P9RDFOaR7qbDk3g72I6MppI5qTtl7R9WMzqnCdw==
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Apr 2020 15:23:57 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
X-Protected-By: Sqreen
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Request-Id: a184215e-6ae0-4f08-b332-173008433232
X-Runtime: 0.015718
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Etag: W/"e0ea5ce895548313c5eec951b48f4ede"
X-Download-Options: noopen
Vary: Origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate

GET
H2 200 hotjar-592822.js Show response
static.hotjar.com/c/ 3 KB
2 KB 165ms
103ms Script
application/javascript 147.75.32.105
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-592822.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB22RFV

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.32.105 Amsterdam, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress5

Software

Resource Hash

d2c24a0476e83551baf9f9c213c6c3e8c9850ee11690f1ce861f4550b0768125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 15:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-cache: Miss
content-length: 1618
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/7fde76f1eb79ea1962f1e13891c76245
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.072
accept-ranges: bytes
section-io-id: bbdc1f0574c87264ffb9707ba937b0ad
section-origin-responded: true

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB22RFV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 2722
date: Thu, 02 Apr 2020 14:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Thu, 02 Apr 2020 16:38:35 GMT

GET
H2 200 2699537.js Show response
js.hs-scripts.com/ 810 B
630 B 116ms
115ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2699537.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB22RFV
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a5edab748684c4ec2c9db48af0941ca15c3ee4441ed1646c56a5d287b79c83c

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 15:23:57 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
access-control-allow-origin: https://covid.bestplace4kids.com
x-trace: 2BAB770C6383F1F621FE981C46E092C4F751BF1A94000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 57db8dd1ef36178a-FRA
expires: Thu, 02 Apr 2020 15:24:57 GMT

GET
H2 200 heap-2270723331.js Show response
cdn.heapanalytics.com/js/ 76 KB
32 KB 168ms
123ms Script
application/javascript 13.225.78.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/heap-2270723331.js
Requested by: Host: covid.bestplace4kids.com
URL: https://covid.bestplace4kids.com/families
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-89.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: b869a4663d06e03c660f62cf88cb04c3c4304226b210945724b3bb689d7776df

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 15:23:57 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"1302d-dvp+B4FsNWbL2/KzfTYSmQ"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=120
x-amz-cf-id: rUrujoWlD9-SIk8Dzyzc7ZrxMNKE-t5AzlO3rDnp4ljd7y6msDmuhg==
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=976786536&t=pageview&_s=1&dl=https%3A%2F%2Fcovid.bestplace4kids.com%2Ffamilies&ul=en-us&de=UTF-8&dt=BestPlace4Kids&sd=24-bit&sr=1600x12...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-104476143-1&cid=924887907.1585841037&jid=1581028774&_gid=957644979.1585841037&gjid=484089586&_v=j81&z=2062221120
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104476143-1&cid=924887907.1585841037&jid=1581028774&_v=j81&z=2062221120
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104476143-1&cid=924887907.1585841037&jid=1581028774&_v=j81&z=2062221120&slf_rd=1&random=669019816

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104476143-1&cid=924887907.1585841037&jid=1581028774&_v=j81&z=2062221120&slf_rd=1&random=669019816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Apr 2020 15:23:57 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Apr 2020 15:23:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-104476143-1&cid=924887907.1585841037&jid=1581028774&_v=j81&z=2062221120&slf_rd=1&random=669019816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK BP4K+logo-generic-01.png
bridgecarefinance-media.s3-us-west-2.amazonaws.com/images/customers/ 41 KB
42 KB 811ms
210ms Image
image/png 52.218.253.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bridgecarefinance-media.s3-us-west-2.amazonaws.com/images/customers/BP4K+logo-generic-01.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.253.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be026f5ab869ad36bbc689eac0ec2769ae311c744ad3fafb1b954e1780df7250

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 02 Apr 2020 15:23:58 GMT
Last-Modified: Fri, 27 Mar 2020 04:09:14 GMT
Server: AmazonS3
x-amz-request-id: 5B0BCF5FD5F37D24
ETag: "26e84c7548d76997cfa00f98417dc0a9"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 42202
x-amz-id-2: XxW69QvsdN6r0zUmSemSmyAHz0TIMa12sbp1nyD7rEW9hq5DittbtEAIMnMbe8ETlqo3hPw4Vaw=

GET
H2 200 l
use.typekit.net/af/c37133/0000000000000000000157c1/27/ 26 KB
26 KB 85ms
39ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c37133/0000000000000000000157c1/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a3e2e4455a49ca1fecd63b19a34f84193dd3bc646da90a2d2e0bd2109be96b0c

Request headers

Referer: https://use.typekit.net/lno8pof.css
Origin: https://covid.bestplace4kids.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 15:23:57 GMT
server: nginx
access-control-allow-origin: *
etag: "2ed5b0369bc9a2699d1d0fc90506c3bceac1c964"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 26312

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v50/ 59 KB
60 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v50/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Material+Icons
Origin: https://covid.bestplace4kids.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 20:01:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 01:57:25 GMT
server: sffe
age: 1970519
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 60840
x-xss-protection: 0
expires: Wed, 10 Mar 2021 20:01:58 GMT

GET
H2 200 l
use.typekit.net/af/19c742/0000000000000000000157c9/27/ 25 KB
26 KB 67ms
23ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/19c742/0000000000000000000157c9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b0b748c383845e7834267fd5e31586ba5992183c2295961b75d15378dd296df8

Request headers

Referer: https://use.typekit.net/lno8pof.css
Origin: https://covid.bestplace4kids.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 15:23:57 GMT
server: nginx
access-control-allow-origin: *
etag: "67d39e3590a8758df9f98386e6d42f94c49a1710"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 26060

GET
H2 200 l
use.typekit.net/af/c12453/0000000000000000000157bf/27/ 27 KB
27 KB 96ms
52ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c12453/0000000000000000000157bf/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e0bbe868d9f188ade9677fc644cd442c623ec550443182fc8d1dc4db57d63e24

Request headers

Referer: https://use.typekit.net/lno8pof.css
Origin: https://covid.bestplace4kids.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 15:23:57 GMT
server: nginx
access-control-allow-origin: *
etag: "828c2624ab9e788f1badba0de96a44a845cd105a"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 27624

GET
H2 200 materialdesignicons-webfont-d0066537.woff2
d1no1r86ymoco4.cloudfront.net/packs/media/fonts/ 276 KB
278 KB 949ms
923ms Font
application/font-woff2 2600:9000:20e8:7a00:10:5e95:900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1no1r86ymoco4.cloudfront.net/packs/media/fonts/materialdesignicons-webfont-d0066537.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20e8:7a00:10:5e95:900:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3248c66efa5ff60a1088aa4ab9d39b395fcc2e77e03ae454621885aa1017f3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://d1no1r86ymoco4.cloudfront.net/packs/css/landing-e10bafad.css
Origin: https://covid.bestplace4kids.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 15:23:58 GMT
via: 1.1 vegur, 1.1 c6649c9545bbfa66bc79c9ba552d7a4a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-amz-cf-pop: TXL52-C1
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 283040
last-modified: Thu, 02 Apr 2020 06:36:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 57db8dd32f7acd93-CDG
x-amz-cf-id: cHXq3tjw6y3LXHl633bw58MaKEmNtb9pAOGOpGtPXsCGs4-kVrtbQQ==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 61 KB
15 KB 41ms
23ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2699537.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7df4daa202e710c603abd62e01612063604dbb82a10a07348c3b3f39b43ce72

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 15:23:57 GMT
via: 1.1 22e9d361a9c4153886c1c8aa0eb4ffa8.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 407
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
x-amz-version-id: ET8ocnN._nkk._Tf8cmpm.L8EuaIP3iX
last-modified: Wed, 01 Apr 2020 05:34:52 GMT
server: cloudflare
etag: W/"24ecf163b2383e372b571a99d6bdb683"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
x-amz-cf-pop: IAD89-C3
cf-ray: 57db8dd2ea031f19-FRA
x-amz-cf-id: SEBK62JbQsAA-IuHWvthU5lq450zkFDMv5YZDC41eSLQtBhgTIx-LA==

GET
H2 200 2699537.js Show response
js.hs-analytics.net/analytics/1585840800000/ 81 KB
22 KB 587ms
586ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1585840800000/2699537.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2699537.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f63e083bdaec3a9a0951d7bc9c1808cbfc4c40a4a1675ffbd794aaec9d1f6e0

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 15:23:57 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 4CBDADB7D3649CA3
x-amz-server-side-encryption: AES256
status: 200
content-type: text/javascript
x-amz-id-2: LoRPhxd5M1C+5Y7C64J+k6gHXhO/zhi99JZx6pXVhDRckZKgRpE92ahVn+6Rr2MBI7pv44bJDUc=
last-modified: Thu, 02 Apr 2020 14:41:47 GMT
server: cloudflare
etag: W/"1cd25e591d12b2ae2537bc33e8921384"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 57db8dd2ceb6c2d1-FRA
expires: Thu, 02 Apr 2020 15:28:57 GMT

GET
H2 200 modules.a92727a4c833d493f39c.js Show response
script.hotjar.com/ 366 KB
69 KB 103ms
37ms Script
application/javascript 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.a92727a4c833d493f39c.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-592822.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: /
Resource Hash: cffc96ce9434913e1e06c48bcb97ca43987ac70b8205ee9599e8e0bf71fb03f3

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 15:23:57 GMT
content-encoding: br
content-type: application/javascript
age: 10590
status: 200
section-io-cache: Hit
content-length: 70608
last-modified: Thu, 02 Apr 2020 12:27:28 GMT
etag: "99db0184cccae59b4e0e8e4761408288"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.094
accept-ranges: bytes
section-io-id: cdf436e9cc1a9f59e4fdaac4b8cad429
section-origin-responded: true

OPTIONS
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 18 B
422 B 147ms
144ms XHR
text/plain 2606:4700::6810:f905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=2699537&conversations-embed=static-1.6219&mobile=false&messagesUtk=5f3bb7eab4e443b9b0d76bc868e21f47&traceId=5f3bb7eab4e443b9b0d76bc868e21f47

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method: GET
Origin: https://covid.bestplace4kids.com
Referer: https://covid.bestplace4kids.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: x-hubspot-messages-uri

Response headers

date: Thu, 02 Apr 2020 15:23:57 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
content-length: 18
allow: HEAD,GET,OPTIONS
server: cloudflare
x-trace: 2B7B646300E481B400A68A627FA30E89C06534B5F0000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://covid.bestplace4kids.com
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 57db8dd31d8a2fa5-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 h
heapanalytics.com/ 37 B
212 B 350ms
113ms Image
image/gif 54.85.106.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heapanalytics.com/h?a=2270723331&u=8566693960617267&v=5315024760581835&s=5627267051262185&b=web&tv=4.0&z=0&h=%2Ffamilies&d=covid.bestplace4kids.com&t=BestPlace4Kids&ts=1585841037316&st=1585841037320&ei=81&et=variation
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.106.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-106-126.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 02 Apr 2020 15:23:57 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame BFF3 0
0 104ms
30ms Document
text/html 147.75.32.99
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-592822.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.32.99 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress12
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://covid.bestplace4kids.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://covid.bestplace4kids.com/

Response headers

status: 200
date: Thu, 02 Apr 2020 15:23:57 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 25 Mar 2020 15:18:29 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.025
section-origin-responded: true
age: 641731
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: ff58f8ca5c97162b04a412db48d6a135

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 275 B
375 B 173ms
173ms XHR
application/json 2606:4700::6810:f905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3542da8b881c5322e604de2c69d573b5261f073f2a88e7cd3b581e6c550297d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://covid.bestplace4kids.com/
Origin: https://covid.bestplace4kids.com
Sec-Fetch-Dest: empty
X-HubSpot-Messages-Uri: https://covid.bestplace4kids.com/families
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 15:23:57 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
content-length: 216
server: cloudflare
x-trace: 2B0108C20523F4A595F2A3626BBB06B10EC08CC2DF000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://covid.bestplace4kids.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 57db8dd478ff2fa5-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
233 B 37ms
36ms Image
image/gif 2606:4700::6810:fb05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=818329955&v=1.1&a=2699537&pu=https%3A%2F%2Fcovid.bestplace4kids.com%2Ffamilies&t=BestPlace4Kids&cts=1585841037846&vi=8aa320f248fb86bde6ca4af393d13b43&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fb05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://covid.bestplace4kids.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 15:23:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 57db8dd68a65d6f1-FRA
content-type: image/gif
content-length: 45
x-robots-tag: none

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bestplace4kids.com/	1970-01-19 08:30:42	Name: _hp2_ses_props.2270723331 Value: %7B%22z%22%3A0%2C%22ts%22%3A1585841037316%2C%22d%22%3A%22covid.bestplace4kids.com%22%2C%22h%22%3A%22%2Ffamilies%22%2C%22t%22%3A%22BestPlace4Kids%22%7D
.bestplace4kids.com/	1970-01-20 02:01:53	Name: _ga Value: GA1.2.924887907.1585841037
.bestplace4kids.com/	1970-01-19 08:30:41	Name: _gat_UA-104476143-1 Value: 1
.bestplace4kids.com/	1970-01-20 02:01:53	Name: _hp2_id.2270723331 Value: %7B%22userId%22%3A%228566693960617267%22%2C%22pageviewId%22%3A%225315024760581835%22%2C%22sessionId%22%3A%225627267051262185%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
covid.bestplace4kids.com/	1969-12-31 23:59:59	Name: _bridgecare_core_session Value: YY9Sqw3rnYRss1xMnKMQUHPQFcmUHzmNoM9JRR7YvmUWdmnDRkPMNe8RimQ75UDwK6%2F6u9OtknyKSGdFCapmKDJM3oWxz5s%2B52SoFnlVJb9Aav0FGNTR5tDZiyYsHKv0sjemdAxCNfwcJj7XFzQ3aeUy%2Fb5cRB5eX%2B%2Br6812gVzy4rsmVbRVndHmWeT84SsYIDA2RJh10avg7Liy5fAxIiYqmS3DFU66xDwH1glQiqosh%2FuDpyzB9oeVDzRspiAxHq7BBWMDwPmk8xySC%2Ffo6kuUomAjNP6%2FjtvvNpseYEQ%3D--OKkiTwEKvZRP5eE%2B--YESDTOU%2B9%2FlUFIjUjLjiQQ%3D%3D
.bestplace4kids.com/	1970-01-19 08:32:07	Name: _gid Value: GA1.2.957644979.1585841037

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://static.hotjar.com http://js.hs-scripts.com http://js.hs-analytics.net https://maps.googleapis.com http://cdn.heapanalytics.com https: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
bridgecarefinance-media.s3-us-west-2.amazonaws.com
cdn.heapanalytics.com
covid.bestplace4kids.com
d1no1r86ymoco4.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
js.hs-analytics.net
js.hs-scripts.com
js.usemessages.com
p.typekit.net
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
track.hubspot.com
use.typekit.net
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.225.78.89
147.75.32.105
147.75.32.99
147.75.84.91
2600:9000:20e8:7a00:10:5e95:900:21
2606:4700::6810:f905
2606:4700::6810:fb05
2606:4700::6811:47b0
2606:4700::6811:d6cc
2606:4700::6811:efcc
2a00:1450:4001:800::2008
2a00:1450:4001:814::2003
2a00:1450:4001:817::200e
2a00:1450:4001:818::200a
2a00:1450:4001:81e::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c0b::9d
52.218.253.105
54.174.156.76
54.85.106.126
95.100.67.47
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2a5edab748684c4ec2c9db48af0941ca15c3ee4441ed1646c56a5d287b79c83c
3248c66efa5ff60a1088aa4ab9d39b395fcc2e77e03ae454621885aa1017f3a8
33c5d56c99cce0ad218446ec471c5ad527d3fd116b215e4e88acb55f809b40af
47413c8cbc5f1588a71bef597f1d51d4a0d02c47e05884d01f539127f944006d
47889d9f245eca9271d59772e03cfd0a0e1b34f44b7f8bc20c85840a9e77a879
7a1d316c3264ffbcb7ad87253ff490fdb5c21941fb4076994e93e6e21ec5dbce
8f63e083bdaec3a9a0951d7bc9c1808cbfc4c40a4a1675ffbd794aaec9d1f6e0
9ffe18482d7aa21512bdc2e21b2f6539974a7e9e6d6c7fb5c366c6d86d6d547b
a3e2e4455a49ca1fecd63b19a34f84193dd3bc646da90a2d2e0bd2109be96b0c
b0b748c383845e7834267fd5e31586ba5992183c2295961b75d15378dd296df8
b1839fa62f9e506ca905d789e36de33a468adebf7fa2f09013db660c835c5ccd
b869a4663d06e03c660f62cf88cb04c3c4304226b210945724b3bb689d7776df
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be026f5ab869ad36bbc689eac0ec2769ae311c744ad3fafb1b954e1780df7250
c3542da8b881c5322e604de2c69d573b5261f073f2a88e7cd3b581e6c550297d
c7df4daa202e710c603abd62e01612063604dbb82a10a07348c3b3f39b43ce72
cffc96ce9434913e1e06c48bcb97ca43987ac70b8205ee9599e8e0bf71fb03f3
d2c24a0476e83551baf9f9c213c6c3e8c9850ee11690f1ce861f4550b0768125
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e08382e73f57e38ca2c333a9757576c95a818c5fde8068488bae13848a6052d7
e0bbe868d9f188ade9677fc644cd442c623ec550443182fc8d1dc4db57d63e24
e0ea5ce895548313c5eec951b48f4ede3d68ead5a7a8dda501e7706502471203
e3f9c4715179dd587582b971a07e8a212b4885b85ae0a3338524682609baf9dc
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

covid.bestplace4kids.com Open in urlscan Pro 54.174.156.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

62 %IPv6

17 Domains

22 Subdomains

19 IPs

5 Countries

1181 kBTransfer

3478 kBSize

6 Cookies

2 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

covid.bestplace4kids.com Open in urlscan Pro
54.174.156.76 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

62 %
IPv6

17
Domains

22
Subdomains

19
IPs

5
Countries

1181 kB
Transfer

3478 kB
Size

6
Cookies

30 HTTP transactions
0 data transactions