www.avera.org Open in urlscan Pro
52.162.218.125 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Submission: On November 30 via manual (November 30th 2022, 8:45:49 pm UTC) from US — Scanned from DE

Summary HTTP 112 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 41 IPs in 6 countries across 36 domains to perform 112 HTTP transactions. The main IP is 52.162.218.125, located in Chicago, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.avera.org. The Cisco Umbrella rank of the primary domain is 543190.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 14th 2021. Valid for: a year.

This is the only time www.avera.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 57	52.162.218.125 52.162.218.125	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223d:2c00:12:de4a:40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e0:... 2606:4700:e0::ac40:6924	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21f... 2600:9000:21f3:3400:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	13.224.189.10 13.224.189.10	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
2 5	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	3.123.165.229 3.123.165.229	16509 (AMAZON-02) (AMAZON-02)
1	2.23.197.36 2.23.197.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	54.194.72.129 54.194.72.129	16509 (AMAZON-02) (AMAZON-02)
1	3.120.214.218 3.120.214.218	16509 (AMAZON-02) (AMAZON-02)
1	104.79.88.129 104.79.88.129	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.127.96.241 3.127.96.241	16509 (AMAZON-02) (AMAZON-02)
1 1	13.225.78.77 13.225.78.77	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	3.231.172.211 3.231.172.211	14618 (AMAZON-AES) (AMAZON-AES)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4232:9a5c:3bc3:f2af:d7e9	14618 (AMAZON-AES) (AMAZON-AES)
1	54.76.86.77 54.76.86.77	16509 (AMAZON-02) (AMAZON-02)
1	52.214.172.145 52.214.172.145	16509 (AMAZON-02) (AMAZON-02)
1 2	3.67.122.202 3.67.122.202	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2	3.215.172.219 3.215.172.219	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.189.115 13.224.189.115	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.29 13.224.189.29	16509 (AMAZON-02) (AMAZON-02)
1	52.50.139.125 52.50.139.125	16509 (AMAZON-02) (AMAZON-02)
112	41

57 52.162.218.125 (Chicago, United States) 3 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.avera.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:2c00:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

30531.tctm.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6924 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:3400:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-10.fra2.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20770730p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.165.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-165-229.eu-central-1.compute.amazonaws.com

69057.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.36 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-36.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.180 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.72.129 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-72-129.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.79.88.129 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-129.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.96.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-96-241.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.77 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-77.fra2.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.231.172.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-172-211.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:9a5c:3bc3:f2af:d7e9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.86.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-86-77.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.172.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-172-145.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.122.202 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-122-202.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.215.172.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-172-219.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-115.fra2.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-29.fra2.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.139.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-139-125.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	avera.org 3 redirects www.avera.org — Cisco Umbrella Rank: 543190	700 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1620 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3459 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3465 tracking.crazyegg.com — Cisco Umbrella Rank: 3447	32 KB
5	rfihub.com 2 redirects 20770730p.rfihub.com — Cisco Umbrella Rank: 762249 a.rfihub.com — Cisco Umbrella Rank: 2708 p.rfihub.com — Cisco Umbrella Rank: 720	8 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2610	20 KB
3	teads.tv p.teads.tv — Cisco Umbrella Rank: 4766 cm.teads.tv — Cisco Umbrella Rank: 5288 t.teads.tv — Cisco Umbrella Rank: 2506	8 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 345	12 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 194	3 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 3643	3 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 547	607 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 274	861 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 534	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 320	107 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 190	2 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 204	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6168	611 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	611 B
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 6773	41 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	180 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 536	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 423	377 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 929	183 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1139	191 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1669	109 B
1	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 2140	780 B
1	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1121	105 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 532	617 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 905	344 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 292	239 B
1	siteimproveanalytics.io 69057.global.siteimproveanalytics.io — Cisco Umbrella Rank: 700825	478 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5008	6 KB
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3338	6 KB
1	tctm.co 30531.tctm.co — Cisco Umbrella Rank: 643108	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 919	45 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	2 KB
112	36

	Domain	Requested by
57	www.avera.org	3 redirects www.avera.org
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
3	p.rfihub.com	2 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.avera.org
2	pi.pardot.com	www.avera.org pi.pardot.com
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects www.avera.org
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects www.avera.org
2	idsync.rlcdn.com	www.avera.org
2	dpm.demdex.net	1 redirects www.avera.org
2	ib.adnxs.com	1 redirects www.avera.org
2	www.google.de	www.avera.org
2	www.google.com	www.avera.org
2	solutions.invocacdn.com	www.avera.org solutions.invocacdn.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	www.avera.org www.googletagmanager.com
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	beacon.krxd.net	www.avera.org
1	aa.agkn.com	www.avera.org
1	partners.tremorhub.com	www.avera.org
1	x.dlx.addthis.com	www.avera.org
1	bpi.rtactivate.com	www.avera.org
1	live.rezync.com	1 redirects
1	bs.serving-sys.com	www.avera.org
1	contextual.media.net	www.avera.org
1	ps.eyeota.net	www.avera.org
1	pixel.rubiconproject.com	www.avera.org
1	a.rfihub.com	www.avera.org
1	cm.g.doubleclick.net	1 redirects
1	t.teads.tv	www.avera.org
1	69057.global.siteimproveanalytics.io	www.avera.org
1	cm.teads.tv	p.teads.tv
1	20770730p.rfihub.com	c1.rfihub.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	p.teads.tv	www.googletagmanager.com
1	c1.rfihub.net	www.avera.org
1	siteimproveanalytics.com	www.avera.org
1	30531.tctm.co	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	fonts.googleapis.com	www.avera.org
112	46

This site contains links to these domains. Also see Links.

Domain
www.averahealthplans.com

Subject Issuer	Validity	Valid
www.avera.org DigiCert TLS RSA SHA256 2020 CA1	`2021-12-14` - `2023-01-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-08` - `2023-04-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.tctm.co Amazon	`2022-09-08` - `2023-10-06`	a year	crt.sh
*.rfihub.net Amazon	`2022-11-29` - `2023-12-29`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
invocacdn.com Amazon	`2022-10-24` - `2023-11-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-05-24`	a year	crt.sh
*.global.r1.siteimproveanalytics.io Amazon	`2022-09-09` - `2023-10-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
rtactivate.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-13` - `2023-09-12`	a year	crt.sh
crazyegg.com Amazon	`2022-06-27` - `2023-07-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Frame ID: C24FEA1AFB7AE7E8E47C517DDAA305AB
Requests: 93 HTTP requests in this frame

Frame: https://20770730p.rfihub.com/ca.html?ver=9&rb=26159&ca=20770730&_o=26159&_t=20770730&pe=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DwlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%253d&pf=&ra=9253248945923997
Frame ID: 9FBFB5D19AA320E401423FFEC23E0D44
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Verify Your Email Address

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

112
Requests

88 %
HTTPS

37 %
IPv6

36
Domains

46
Subdomains

41
IPs

6
Countries

1114 kB
Transfer

2641 kB
Size

45
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.averahealthplans.com/
Title: Find a Health Plan

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyNTA1ODgwODc2MQ==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEBGXod5aulOnLbjQvgPI8Ac&google_cver=1

Request Chain 61

https://ib.adnxs.com/setuid?entity=18&code=5109685625058808761 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685625058808761

Request Chain 63

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685625058808761&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685625058808761&redir=

Request Chain 64

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5109685625058808761&bid=omt9pi0

Request Chain 67

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685625058808761&referrer=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DwlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%253d HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=76773f39-4a15-4512-8618-73d4e30732de%3A1669841143.7367237&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D76773f39-4a15-4512-8618-73d4e30732de%253A1669841143.7367237 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=76773f39-4a15-4512-8618-73d4e30732de%3A1669841143.7367237

Request Chain 69

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685625058808761&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685625058808761&forward=&C=1

Request Chain 72

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685625058808761&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685625058808761&img=1&__user_check__=1&sync_id=f5d0b6c9-70ef-11ed-b249-14f0ef8b0306

Request Chain 76

https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685625058808761&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685625058808761&expires=30

Request Chain 77

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y4fA9wAAADTBdQA9 HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y4fA9wAAADTBdQA9&_test=Y4fA9wAAADTBdQA9

Request Chain 89

https://www.avera.org/app/files/public/72701/Homepage-.jpg HTTP 302
https://www.avera.org/app/files/public/13ac65ca-609f-4fc6-975d-462eb35c1467/Homepage-.jpg

Request Chain 100

https://www.avera.org/app/files/public/83541/ask-the-question-suicide-prevention-home-page-panel-image.jpg HTTP 302
https://www.avera.org/app/files/public/186b461d-aada-4414-89a1-707f44edea47/ask-the-question-suicide-prevention-home-page-panel-image.jpg

Request Chain 101

https://www.avera.org/app/files/public/82030/movinghealthforward_tagline_72.png HTTP 302
https://www.avera.org/app/files/public/96c0f818-a17d-40a3-928c-2f93137b97d5/movinghealthforward_tagline_72.png

112 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request verifyEmail.aspx Show response
www.avera.org/app/security/ 30 KB
11 KB 1388ms
947ms Document
text/html 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

50f564384ebe348cff8084cba74b5e6f393176403400ebbe68a2aa7b858e32d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 10431
Content-Type: text/html; charset=utf-8
Date: Wed, 30 Nov 2022 20:45:41 GMT
Expect-CT: max-age=86400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/8.5
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Robots-Tag: noindex
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK default.css
www.avera.org/css-min/ 24 KB
9 KB 116ms
116ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css-min/default.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

abe2cac72ed872f31e123a48df71a53174cc36dbefc4164e526e456d1482f159

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:41 GMT
Content-Length: 7937
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 16 Nov 2022 16:54:19 GMT
Server: Microsoft-IIS/8.5
ETag: "80ef8c11dcf9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK client.css
www.avera.org/css-min/ 87 KB
26 KB 133ms
131ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css-min/client.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

5bd1509337ed0340671fe3a20fd38f2bb22718239f709014cdf99f251bd7808c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:41 GMT
Content-Length: 26216
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 16 Nov 2022 16:54:19 GMT
Server: Microsoft-IIS/8.5
ETag: "80ef8c11dcf9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
www.avera.org/scripts/ 93 KB
47 KB 366ms
141ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/scripts/jquery-1.11.3.min.js

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

67f31bf65c22382c6fad74dd5d556deaf4e108f270ac95f87d89df69c8ed1a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:41 GMT
Content-Length: 47758
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:54:58 GMT
Server: Microsoft-IIS/8.5
ETag: "0bd738534f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-migrate-1.2.1.min.js Show response
www.avera.org/scripts/ 7 KB
5 KB 366ms
142ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/scripts/jquery-migrate-1.2.1.min.js

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:41 GMT
Content-Length: 4079
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:32 GMT
Server: Microsoft-IIS/8.5
ETag: "02c145576c4d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 150 KB
68 KB 372ms
147ms Script
text/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/WebResource.axd?d=omLPgGeJNC_y7GFjEXlaQLIldGYw4Oh0081evCARb1Vx57lXLky5915CjeJ3UaW_3OsKvY-dAw-Dv65cngerRr9kzoF3A21xGotcr16GwuOx7j8jCH8necdHDcHhESMzWiNRu0QOoeV8XdkNYcTbHQ2&t=637983253360000000

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

6882d51943dfbefd6a3ef4b957c7a4bc06976e071b00d497dedebb75cbc6bc55

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:41 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 68417
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:16 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 30 Nov 2023 16:27:42 GMT

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 14 KB
4 KB 366ms
123ms Script
text/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/WebResource.axd?d=4UFlqIq8P5vCqX7mGiiCoiYajF5qqMK4eXrfRm20qRSmjebHCDxmFewFviNSce0tRLIuJS8RSusI_V43dzNNKzWIBV23GD5pxiL50mxZJVIHbHBn6SXcLqCdWDlEnf7PywP3dXMjABZgtsUusZ6PuK72JMpSzefIlMJlG4L0vVjzwWdnlHyyW3iTA8hgjj1q0&t=637983253360000000

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

822204d7b5e456b3004a8bfcc237a11291dd0368b70c7d1031c3185fa9f552be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:41 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 3308
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:16 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 30 Nov 2023 16:27:42 GMT

GET
H/1.1 200
OK jquery.searchIdPrintResults.js Show response
www.avera.org/scripts/ 1 KB
1 KB 488ms
120ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/scripts/jquery.searchIdPrintResults.js

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

05b777f92a6b004deaa5d081f1d44f3a90f50410d7882ca76d475936d9a17e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:41 GMT
Content-Length: 621
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:54:58 GMT
Server: Microsoft-IIS/8.5
ETag: "0bd738534f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H2 200 css2
fonts.googleapis.com/ 26 KB
2 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Nov 2022 20:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 20:19:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Nov 2022 20:45:41 GMT

GET
H/1.1 200
OK avera.css
www.avera.org/css/ 261 KB
62 KB 569ms
453ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css/avera.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ee72aea709bfd36b9e2d858574e054ac44bb68f469cb539974f413a4f6d8f2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
Content-Length: 62604
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK no-cols.css
www.avera.org/css/templates/ 524 B
1 KB 366ms
143ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css/templates/no-cols.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

b7325ac83bd101ce91be8abfbd07b130e5f37a3485d85c72d80c149b31ae2798

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:41 GMT
Content-Length: 269
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK avera-logo.png
www.avera.org/imgs/ 8 KB
8 KB 116ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/avera-logo.png

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

eb22874fc8e8d2e5494f421e1b336fd90a6b026cfc539a33b3acfaee33ea2f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:42 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 7774
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK search-icon2x.png
www.avera.org/imgs/icons/ 2 KB
3 KB 120ms
119ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/icons/search-icon2x.png

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

972cc181c11ea10492a1cdbdc45d375b47791bd682e31f4fa783a969050075fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:42 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:52 GMT
Server: Microsoft-IIS/8.5
ETag: "0f01c5e34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 2084
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 23 KB
7 KB 117ms
116ms Script
application/x-javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/WebResource.axd?d=jYr4BoKVcrfRFg4D2UDxHtVjNMwp56ezP2GkmXW49ia4Sqv1UQQFNu40QJ-liMfAwKUTPvfvs0bRzz2tA8ruXgf9vDoZm7611lzjWsP0C181&t=637814437746327080

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 6768
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sat, 26 Feb 2022 09:42:54 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 30 Nov 2023 16:27:43 GMT

GET
H/1.1 200
OK client.js Show response
www.avera.org/scripts/ 34 KB
15 KB 115ms
115ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/scripts/client.js

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

37dddab995ec8c715249818a1883df536fe47693ece7f7af46a9cafb3c276199

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
Content-Length: 14288
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:54:58 GMT
Server: Microsoft-IIS/8.5
ETag: "0bd738534f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 2 KB
2 KB 117ms
117ms Script
text/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/WebResource.axd?d=WrTag9d4pW-qwXkXXDGOYjucA0352jufQuCp1nf1i1GujjEShl4acpF69_kCNDrRYBMgBOhV4Roi2f4ryQHMQfZTb9GiXsRFv8KZJWgTOmQ2noY8t8qaOhXcXbN-7JUEoKswTLNa3kSTuIJsmdMnhl1zgNAQ6Vnv2Q3mX_i-AwF8URb1zTJemxq9NNpdXmAhiK3RXYFYNv51mhXk1niiwg2&t=637983253360000000

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

411d6092d1c4c1448905b119e2f2504fa02dae98ab253f79e2699e4ecec95d77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 758
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:16 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 30 Nov 2023 16:27:43 GMT

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 766 B
1 KB 119ms
119ms Script
text/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/WebResource.axd?d=kFmSMQddctvMHxqq9EtHX-INICGPmjxzqB1DSBr-Hg8O_zoKagnUiHhN207gpBMFG8_YAX42criy-72nogtSVP-RCdkjxc-pJjQGYx4FwILPcFObNEPkQAjZNUmgti78TF4MI8DNoc4axigQEEagqgEI_X6uCdc75TPrngGGf8s1&t=637983253360000000

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

b0e90e848170144310bc41087314c1505d23ed447a1002039c2db35563e082fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 414
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:16 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 30 Nov 2023 16:28:36 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.avera.org/ 26 KB
9 KB 117ms
116ms Script
application/x-javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/ScriptResource.axd?d=nJ_VPT9-PS37Jz93ffSRjBCwtFAiDgllbYyKQvyMuJYJqiAEAw4hSYcZUQ2Ai6I9JgvWdz8ObhaoaQGCAql9opPyMv-sbEpY66a59kQxdALWe0fy7C8Ar5AZR5ASEpvmwlegRAHFaS9hmDV12YIWgh5MRYy482TvIDp1xUy6QsY1&t=14d69f50

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 8327
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 30 Nov 2022 20:12:00 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 30 Nov 2023 20:12:00 GMT

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 897 B
1 KB 116ms
116ms Script
text/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/WebResource.axd?d=VVSdmAqtynhM5rn5UEA03Qa3A0uc8xLvNmEwARmLQYUuE_m1mu4c7Ilf5JP8unFKXLMj7fPT1uN_5dp6Zgr_rNNM90vvJah7Kz4_tlhPUJNZREnwoe62j9Su5NLCDRmKb1qKFrhCWDHKBMzAnX0dPMBl9_noZyK2kBsN0JFQxCzOTzzGnt-3WSRmsWiumfSM41HSyiQITV91_v5bCERufA2&t=637983253360000000

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

0aade28df809068b9b4da9877621fe3ecc0fa3234161f23552c61dc884c12954

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 525
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:16 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 30 Nov 2023 16:29:17 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.avera.org/ 100 KB
37 KB 119ms
119ms Script
application/x-javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/ScriptResource.axd?d=wYUnArtQrNPyvM7wYYZvMGcFuWb0b8YZD_JczWHOCf4UuZLV03v7D4tfOm3isce564hDtb_-Q6O_6cOUra9FC25usqadIzlCK20zlvmVr46qhtRn3cgt57vCzkN6323dPGuVxXrBxMIUw44ClwGUE6xGpsakvlIUkRJRbe6AE_ggG5PF7HZKXZoz7I1BN07i0&t=49337fe8

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 37031
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 30 Nov 2022 16:27:43 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 30 Nov 2023 16:27:43 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.avera.org/ 39 KB
15 KB 116ms
116ms Script
application/x-javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/ScriptResource.axd?d=MQB67sxauURHKIbBby0IauFkaTI8LOX0bxcsg78R-V4AFsUrZJv3SvekcyqbS6K_7DpmRHlZpNwxWjBj2cFBrePbJlSNtJNsVsCnCFMJzG17vN_I5Rs2KKfAD-oVVqYBJhNuJGNu7ysJvZxNBVNBGsqVCmaTGtJqFrfnXTazPKwVLJ71tf8yJl_3lBK-XDwK0&t=49337fe8

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 14430
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 30 Nov 2022 16:27:43 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 30 Nov 2023 16:27:43 GMT

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 3 KB
2 KB 118ms
117ms Script
application/x-javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/WebResource.axd?d=FlY_XPMdkB9X0IuEX_uoRCdO3KiH_D98Ph1dqhkZMRB1Z_uyeEN_CgvFOtTwFN8PjKisKp5KQdLlVgtxc7t78f9Bm1_vGNI8sho5W7x9T741&t=637814437746327080

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
X-AspNet-Version: 4.0.30319
Content-Length: 1062
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sat, 26 Feb 2022 09:42:54 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Thu, 30 Nov 2023 17:05:36 GMT

GET
H/1.1 200
OK avera.js Show response
www.avera.org/scripts/ 102 KB
37 KB 122ms
121ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/scripts/avera.js

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

64d6669a5e1fb2b01be947d4a5f7f0ddfa85ee174483248acf473edbc193fc04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
Content-Length: 37470
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:54:58 GMT
Server: Microsoft-IIS/8.5
ETag: "0bd738534f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK public.css
www.avera.org/css/tiny-mce/ 42 KB
12 KB 197ms
196ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css/tiny-mce/public.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/css/avera.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

f08006fbc97f17f1cd26a30fc3e046622207953b7e8d4182c51d81e252e34747

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
Content-Length: 11755
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK forms.css
www.avera.org/css/ 9 KB
4 KB 150ms
149ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css/forms.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/css/avera.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

359277ca3321cae12dcb73545a3abb94ec64e0e595f99557e64e437fcd711023

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
Content-Length: 2783
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK datepicker.css
www.avera.org/css/ 4 KB
2 KB 153ms
152ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css/datepicker.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/css/avera.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

6ee1a78db9127677fc0e343c8b2ae01bcb616b3ef194dd207ae6fe00e002414c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
Content-Length: 1658
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:20 GMT
Server: Microsoft-IIS/8.5
ETag: "01eed4d76c4d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK forms-core.css
www.avera.org/css/ 23 KB
8 KB 156ms
156ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css/forms-core.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/css/forms.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ce2967a02b012efe560e49eff4241f81955a3d8f9ca4e75102238e14f3e12c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css/forms.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
Content-Length: 7222
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:20 GMT
Server: Microsoft-IIS/8.5
ETag: "01eed4d76c4d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK tableSort.css
www.avera.org/css/tiny-mce/ 32 B
856 B 122ms
122ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css/tiny-mce/tableSort.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/css/tiny-mce/public.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

59e09d0093da63c9aa75b13efaa4451aeebd3534fa9cb31d1e81dba674711ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css/tiny-mce/public.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
Content-Length: 52
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:26 GMT
Server: Microsoft-IIS/8.5
ETag: "0a5805176c4d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK tableSort-core.css
www.avera.org/css/tiny-mce/ 14 KB
6 KB 148ms
147ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/css/tiny-mce/tableSort-core.css

Requested by

Host: www.avera.org
URL: https://www.avera.org/css/tiny-mce/tableSort.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

40dcb619490d3995b3b00c44cbc7a23cc431910971734c2ed725ecc504545eb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css/tiny-mce/tableSort.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:42 GMT
Content-Length: 4985
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 09 Sep 2022 18:02:26 GMT
Server: Microsoft-IIS/8.5
ETag: "0a5805176c4d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 403 KB
104 KB 84ms
62ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7905f541197db185ab7f6545d7b7907ab37b391e1962bdd884473721dd52f44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:45:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105673
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Nov 2022 20:45:43 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avera.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 432299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 20:40:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avera.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 187251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 16:44:52 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 115 KB
45 KB 50ms
21ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-MXB48L7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

495f1dc165fb97f36eae9edca363b818794f02bb575962aae4515430f204cc0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:45:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45566
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Nov 2022 20:45:43 GMT

GET
H2 200 0056.js Show response
script.crazyegg.com/pages/scripts/0031/ 6 KB
2 KB 504ms
447ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6903d519be5345a82db42d44ff8f2b9b93b5ab1a2973008c2443abe037d50eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:45:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 20:45:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
ce-version: 11.5.9
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77266da8f97a917a-FRA
content-length: 2198

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1060691714/ 2 KB
2 KB 83ms
58ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1060691714/?random=1669841143134&cv=11&fst=1669841143134&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DwlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%253d&tiba=Verify%20Your%20Email%20Address&auid=1517407817.1669841143&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592578012e77080dcd2228e0d1a61fc04c497e44a5f84ec064123557187b8050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 931
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 55ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 30 Nov 2022 20:45:42 GMT
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E8F7377FE4584C49BD5175E90EC28E0D Ref B: FRAEDGE1420 Ref C: 2022-11-30T20:45:43Z
etag: "077538f81f4d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11421

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 19:15:51 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5392
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 30 Nov 2022 21:15:51 GMT

GET
H2 200 t.js Show response
30531.tctm.co/ 46 KB
15 KB 96ms
23ms Script
application/x-javascript 2600:9000:223d:2c00:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://30531.tctm.co/t.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2c00:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 45eef49f3a571e7e9936f0b56badd7028bde5f8fd3701c51f11a93ac527a9781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:45:43 GMT
content-encoding: gzip
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
last-modified: Wed, 30 Nov 2022 20:45:43 GMT
server: ctm
x-amz-cf-pop: FRA56-P3
etag: W/6387c0f70000774316f9208b-30531
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: PQPkwX5RI3Lv5q1Qr_IzWZJERctAK9UbLsXas1g--aXt7PoMdXSElQ==

GET
H2 200 siteanalyze_69057.js Show response
siteimproveanalytics.com/js/ 14 KB
6 KB 87ms
41ms Script
application/javascript 2606:4700:e0::ac40:6924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_69057.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b5b48b9621e7af2d0783f2aa0e7a26734476499e6756710794583d864c95b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:45:43 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GSVH5B5F2B3W6CDZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5127
x-amz-id-2: ak+lYw4m9RHkjdMoHwRoYwKuKUbuFQrtEB7xFcCt7tScjVzKffuOfs9jKHiuQGhLdeiIJkPjrsg=
last-modified: Mon, 16 May 2022 09:44:16 GMT
server: cloudflare
etag: "0db568765387ecbf4ebab6b1396d61c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s03rhBxrXOrIhhsXZTVWtqU6tcKxu889MW8iiPCPc1m4SZaNvW9ehgAPXI4zJoGHUl5KJLODX1VAjA39JuLSr07XX815PDCTHTqvH9WxrTET1G8XxNC1X1Pwxzd66MrWAVn6CqSHmRdhs9dq9M%2B0qpiLNqOdvvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 77266da8e9449c01-FRA

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 80ms
7ms Script
application/x-javascript 2600:9000:21f3:3400:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3400:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:57:54 GMT
content-encoding: gzip
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
last-modified: Wed, 30 Nov 2022 19:57:44 GMT
server: Jetty(9.3.29.v20201019)
x-amz-cf-pop: FRA2-C2
age: 2869
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: N_B2swXZLOsMSs80OUYQNxWN6bG4RIbKMznHOo_psCCgL6Z820phyg==
expires: Wed, 30 Nov 2022 20:57:54 GMT

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 19 KB
7 KB 94ms
13ms Script
application/javascript 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d295f42892d46d099570e81df48f4cf04001f1db26dda88086b228351e692ecd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 20:45:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Nov 2022 15:39:01 GMT
Server: AmazonS3
x-amz-request-id: J08CG5CFZZPCQ6PG
ETag: "e383a0b60611f3ac57558752994bb9a5"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=130
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6340
x-amz-id-2: c0BRv/5IFgZqhwzAhGqLJ1tHS2XhSYTFYZTklwkx2v8dl0I/5d5MZTcNUa83HJ42zphjx1PlJOY=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6KMB13EQJ9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6ef99ef5a095a2f445166501211f5f94093da7b619a98f53b1ccfc445ec8cc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:45:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77507
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Nov 2022 20:45:43 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 36ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6KMB13EQJ9&gtm=2oebs0&_p=1460928346&cid=211317883.1669841143&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669841143&sct=1&seg=0&dl=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DwlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%253d&dt=Verify%20Your%20Email%20Address&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6KMB13EQJ9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:45:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avera.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK light-pattern.png
www.avera.org/imgs/ 2 KB
3 KB 115ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/light-pattern.png

Requested by

Host: www.avera.org
URL: https://www.avera.org/css/avera.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ed88f9f4ddc6d33339fb4d88e0495ef8d039a1330ac634a8a88d61e0d396606d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:43 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:50 GMT
Server: Microsoft-IIS/8.5
ETag: "0c3eb5c34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 2194
X-UA-Compatible: chrome=1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1460928346&t=pageview&_s=1&dl=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DwlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%253d&ul=en-us&de=UTF-8&dt=Verify%20Your%20Email%20Address&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDAAEADQAAAACAAI~&jid=577900952&gjid=1158449897&cid=211317883.1669841143&tid=UA-2450492-1&_gid=466756194.1669841143&_r=1&gtm=2wgbs05WJDLK&z=510830322

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avera.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:45:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avera.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
www.avera.org/ 46 KB
18 KB 725ms
725ms XHR
text/html 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/

Requested by

Host: www.avera.org
URL: https://www.avera.org/scripts/jquery-1.11.3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

6fae1e29b35e501c848539f7f70fde38bf4bf2c933d65f0bcf8f8045aacec6a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Date: Wed, 30 Nov 2022 20:45:43 GMT
Cache-Control: private
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Content-Length: 17640
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK arrow-up-circle.png
www.avera.org/imgs/ 1 KB
2 KB 115ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/arrow-up-circle.png

Requested by

Host: www.avera.org
URL: https://www.avera.org/css/avera.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

309046ca3d1b480cb6e22ded574cccefdc6554cf40aa4fdfaf77d1acbe9f2a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:43 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 1326
X-UA-Compatible: chrome=1

GET
H2 204 13006411.js Show response
bat.bing.com/p/action/ 0
118 B 113ms
113ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13006411.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 30 Nov 2022 20:45:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9B0D644F21364360A8383BB58E73D0DC Ref B: FRAEDGE1420 Ref C: 2022-11-30T20:45:43Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 34ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13006411&tm=gtm002&Ver=2&mid=9cfcb727-a01c-4c24-bd38-867e7bbe5d0d&sid=f5467dc070ef11edb6f5d734ad79b9e5&vid=f54693f070ef11edb5c3c39bc22ae470&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Verify%20Your%20Email%20Address&p=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DwlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%253d&r=&lt=2952&evt=pageLoad&sv=1&rn=614217

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 30 Nov 2022 20:45:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F2DD5B9C5F254E318ECF7BDC1BD70E2A Ref B: FRAEDGE1420 Ref C: 2022-11-30T20:45:43Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 124 KB
40 KB 90ms
11ms Script
text/javascript 13.224.189.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-10.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dcba9eabd6a7b2bd8fe0e055111f29dd4d7d547f83761f2fd5319c6ef5694aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id: nafYdifE25HIJ7E5_xPq2bg19QQXpqjq
content-encoding: gzip
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
date: Wed, 30 Nov 2022 20:09:36 GMT
last-modified: Wed, 05 Oct 2022 20:29:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 2168
etag: W/"4636ba1892918feeed6b191a409be199"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
x-amz-replication-status: COMPLETED
x-amz-cf-id: nJbGLVdb8RDdNIW4e5cuLNWWdCJcJJezWIsFMUaXgKRsaPDYn2oX8A==

GET
H2 200 /
www.google.com/pagead/1p-user-list/1060691714/ 42 B
548 B 41ms
18ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1060691714/?random=1669841143134&cv=11&fst=1669838400000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DwlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%253d&tiba=Verify%20Your%20Email%20Address&fmt=3&is_vtc=1&random=2679379905&rmt_tld=0&ipr=y

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:45:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1060691714/ 42 B
548 B 41ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1060691714/?random=1669841143134&cv=11&fst=1669838400000&bg=ffffff&guid=ON&async=1&gtm=2wgbs0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DwlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%253d&tiba=Verify%20Your%20Email%20Address&fmt=3&is_vtc=1&random=2679379905&rmt_tld=1&ipr=y

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:45:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2450492-1&cid=211317883.1669841143&jid=577900952&gjid=1158449897&_gid=466756194.1669841143&_u=aDDAAEACQAAAACAAI~&z=1007107254

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avera.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 30 Nov 2022 20:45:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avera.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK slick.js Show response
www.avera.org/scripts/ 42 KB
16 KB 116ms
116ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avera.org/scripts/slick.js

Requested by

Host: www.avera.org
URL: https://www.avera.org/WebResource.axd?d=omLPgGeJNC_y7GFjEXlaQLIldGYw4Oh0081evCARb1Vx57lXLky5915CjeJ3UaW_3OsKvY-dAw-Dv65cngerRr9kzoF3A21xGotcr16GwuOx7j8jCH8necdHDcHhESMzWiNRu0QOoeV8XdkNYcTbHQ2&t=637983253360000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

13db9535837b68ad951f79fc71e9344b71a600d397a1bc0032f005ac260ded16

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 30 Nov 2022 20:45:43 GMT
Content-Length: 15758
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 15 Nov 2022 20:54:58 GMT
Server: Microsoft-IIS/8.5
ETag: "0bd738534f9d81:0"
Expect-CT: max-age=86400
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes

GET
H/1.1 200
OK ca.html Show response
20770730p.rfihub.com/ Frame 9FBF 3 KB
3 KB 255ms
19ms Document
text/html 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20770730p.rfihub.com/ca.html?ver=9&rb=26159&ca=20770730&_o=26159&_t=20770730&pe=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DwlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%253d&pf=&ra=9253248945923997
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: c81c906e946326673d3d050bdc3eac15fadc8d2253e2d27524d92b7daa39a71a

Request headers

Referer: https://www.avera.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2701
Content-Type: text/html;charset=utf-8
Date: Wed, 30 Nov 2022 20:45:43 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.3.29.v20201019)

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 132 B
846 B 105ms
37ms Fetch
application/json 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DwlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%253d&buyer_pixel_id=4963
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4b5e2c67a5a866735933e7da96f0fef9b808cf2ab2f2b9e1b77f7ecb24b51030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 20:45:43 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.avera.org
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Origin-Trial: Az9xQo/imzWWuauBg0JngENQMoxulJzGzdGQ0VfUZDk7et2DJfmfUxfOWnHlwQiZRFG+Grc8bH8xWgOPW2ltjQQAAAB+eyJvcmlnaW4iOiJodHRwczovL3RlYWRzLnR2OjQ0MyIsImZlYXR1cmUiOiJQcml2YWN5U2FuZGJveEFkc0FQSXMiLCJleHBpcnkiOjE2ODA2NTI3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
Connection: keep-alive
Content-Length: 132
Expires: Wed, 30 Nov 2022 20:45:43 GMT

GET
H2 200 image.aspx
69057.global.siteimproveanalytics.io/ 34 B
478 B 86ms
7ms Image
image/gif 3.123.165.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://69057.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DwlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%253d&title=Verify%20Your%20Email%20Address&res=1600x1200&accountid=69057&rt=3028&prev=32f9d01b-073c-020b-4c16-14ced5da4ad6&luid=73fe9d5a-ba6f-425f-0519-399152b27b7c&rnd=5594
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.165.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-165-229.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 30 Nov 2022 20:45:43 GMT
cache-control: max-age=0
content-length: 34
expires: Wed, 30 Nov 2022 20:45:43 UTC

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 50ms
32ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2450492-1&cid=211317883.1669841143&jid=577900952&_u=aDDAAEACQAAAACAAI~&z=588517556

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:45:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 48ms
31ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2450492-1&cid=211317883.1669841143&jid=577900952&_u=aDDAAEACQAAAACAAI~&z=588517556

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:45:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/1842/1248633193/ 3 KB
1 KB 405ms
405ms Script
text/javascript 13.224.189.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/1842/1248633193/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-10.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1e2d5c67db7e75218040da891cefbef4b6f4d7190cbb7233b775daf24c81dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id: og8LYy4F7wYsj7xWF5dblQTTolj4Jr4r
content-encoding: br
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
date: Wed, 30 Nov 2022 20:45:44 GMT
last-modified: Fri, 03 Jun 2022 20:39:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"91458637d9d9d3064f357ca4faab79db"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: max-age=300
x-amz-replication-status: COMPLETED
x-amz-cf-id: 6BH5EY0qVSanUIGpxkKctpN8KhYQihzf3-XvRm-_tk3Ey5O7mhffhQ==

GET
H2 200 track
t.teads.tv/ 23 B
143 B 85ms
39ms Image
image/gif 2.23.197.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.8.1_cfd38aa&buyer_pixel_id=4963&referer=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DXXXXXXXX&user_session_id=5f75f493-24b3-4ace-b212-3662d5d2a17e
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.36 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Wed, 30 Nov 2022 20:45:43 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 9FBF
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyNTA1ODgwODc2MQ==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEBGXod5aulOnLbjQvgPI8Ac&google_cver=1

42 B
1006 B

59ms
16ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEBGXod5aulOnLbjQvgPI8Ac&google_cver=1
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: HTTP/1.1
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 30 Nov 2022 20:45:43 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:45:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEBGXod5aulOnLbjQvgPI8Ac&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 9FBF
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5109685625058808761
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685625058808761

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685625058808761

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 20:45:43 GMT
AN-X-Request-Uuid: 550b1ec7-8e2b-4d1a-b285-4cfd48eb97e0
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.27.14.20; 193.27.14.20; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 20:45:43 GMT
AN-X-Request-Uuid: d842d845-8add-4dbb-be12-f4ead7c022f0
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685625058808761
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 193.27.14.20; 193.27.14.20; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 9FBF 0
239 B 49ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5109685625058808761&
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 9FBF
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685625058808761&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685625058808761&redir=

42 B
942 B

33ms
33ms

Image
image/gif

54.194.72.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685625058808761&redir=

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

HTTP/1.1

Server

54.194.72.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-72-129.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-00fcfd78a.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: drLWYWRMTcE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v045-093556e0f.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: wp8Pn8Y/RZw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685625058808761&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 9FBF
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5109685625058808761&bid=omt9pi0

0
344 B

38ms
7ms

Image
text/plain

3.120.214.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5109685625058808761&bid=omt9pi0
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: HTTP/1.1
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 20:45:43 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5109685625058808761&bid=omt9pi0
Date: Wed, 30 Nov 2022 20:45:43 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 9FBF 45 B
617 B 129ms
93ms Image
image/gif 104.79.88.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5109685625058808761

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.79.88.129 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-129.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 30 Nov 2022 20:45:43 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Wed, 30 Nov 2022 20:45:43 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame 9FBF 0
105 B 67ms
7ms Image
text/plain 3.127.96.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.96.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-96-241.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:45:43 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame 9FBF
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685625058808761&referrer=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DwlsjJdFu0sQ7mpjv87jQulKHS...
https://p.rfihub.com/cm?pub=39342&in=0&userid=76773f39-4a15-4512-8618-73d4e30732de%3A1669841143.7367237&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D76773f39-4a15-4512-8618-73d4e30...
https://idsync.rlcdn.com/501709.gif?partner_uid=76773f39-4a15-4512-8618-73d4e30732de%3A1669841143.7367237

0
9 B

32ms
17ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=76773f39-4a15-4512-8618-73d4e30732de%3A1669841143.7367237
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:45:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

Location: https://idsync.rlcdn.com/501709.gif?partner_uid=76773f39-4a15-4512-8618-73d4e30732de%3A1669841143.7367237
Date: Wed, 30 Nov 2022 20:45:43 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 9FBF 43 B
109 B 376ms
147ms Image
image/gif 3.231.172.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5109685625058808761
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.172.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-172-211.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:45:43 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9FBF
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685625058808761&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685625058808761&forward=&C=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685625058808761&forward=&C=1
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 20:45:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 20:45:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=57&external_user_id=5109685625058808761&forward=&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame 9FBF 0
98 B 41ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5109685625058808761
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:45:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 9FBF 43 B
191 B 889ms
521ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5109685625058808761

Requested by

Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

expires: Wed, 30 Nov 2022 20:45:44 GMT
pragma: no-cache
date: Wed, 30 Nov 2022 20:45:44 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 9FBF
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685625058808761&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685625058808761&img=1&__user_check__=1&sync_id=f5d0b6c9-70ef-11ed-b249-14f0ef8b0306

43 B
547 B

25ms
25ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685625058808761&img=1&__user_check__=1&sync_id=f5d0b6c9-70ef-11ed-b249-14f0ef8b0306
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 20:45:44 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 5
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 30 Nov 2022 20:45:44 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7180&uid=5109685625058808761&img=1&__user_check__=1&sync_id=f5d0b6c9-70ef-11ed-b249-14f0ef8b0306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 101
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 9FBF 43 B
183 B 354ms
102ms Image
image/gif 2600:1f18:612b:4232:9a5c:3bc3:f2af:d7e9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5109685625058808761&r=y4fGUqIGD6T5
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:9a5c:3bc3:f2af:d7e9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 30 Nov 2022 20:45:43 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 9FBF 43 B
377 B 122ms
32ms Image
image/gif 54.76.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5109685625058808761
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.86.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-86-77.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:45:43 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 9FBF 0
338 B 131ms
30ms Image
text/plain 52.214.172.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5109685625058808761
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.172.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-172-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-served-by: beacon-n016-dub-prod.krxd.net
date: Wed, 30 Nov 2022 20:45:43 GMT
cache-control: private, no-cache, no-store
x-request-time: D=38 t=1669841143
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 9FBF
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685625058808761&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685625058808761&expires=30

43 B
345 B

13ms
13ms

Image
image/gif

3.67.122.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685625058808761&expires=30
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: H2
Server: 3.67.122.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-122-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:45:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685625058808761&expires=30
date: Wed, 30 Nov 2022 20:45:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 9FBF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y4fA9wAAADTBdQA9
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y4fA9wAAADTBdQA9&_test=Y4fA9wAAADTBdQA9

42 B
1 KB

16ms
16ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=Y4fA9wAAADTBdQA9&_test=Y4fA9wAAADTBdQA9
Protocol: HTTP/1.1
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 30 Nov 2022 20:45:43 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-hhn4058-HHN
pragma: no-cache
date: Wed, 30 Nov 2022 20:45:43 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1669841144.876520,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=Y4fA9wAAADTBdQA9&_test=Y4fA9wAAADTBdQA9
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 www.avera.org.json Show response
script.crazyegg.com/pages/data-scripts/0031/0056/site/ 8 KB
2 KB 165ms
146ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0031/0056/site/www.avera.org.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c8f3976c297646ce0b2d0f8243093318bcc49df1764b7fddb672aec0b4e5891

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:45:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 20:45:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.9
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77266dabea108ffa-FRA
content-length: 1987

GET
H2 200 051214b1ee034dc81c1493c28aa557bd.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 77 KB
26 KB 16ms
16ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24d256e41daf93aa8f841558593376434d6f1ba705376eb33d2e34ad6fea5d27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:45:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Nov 2022 16:53:01 GMT
server: cloudflare
age: 444048
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77266dacc9dd917a-FRA
content-length: 26836

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 323ms
104ms Script
application/javascript 3.215.172.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-172-219.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: 3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 20:45:44 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Wed, 30 Nov 2022 05:22:50 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1946
expires: Fri, 29 Nov 2024 20:45:44 GMT

GET
H2 200 www.avera.org.json Show response
script.crazyegg.com/pages/data-scripts/0031/0056/sampling/ 148 B
204 B 138ms
137ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0031/0056/sampling/www.avera.org.json?t=463844
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75de71d661c1987893c1a7d34055948538979386a8c57db357352470d7aab3e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:45:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 20:45:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.9
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77266dad2c648ffa-FRA
content-length: 141

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
460 B 35ms
7ms XHR
application/json 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 16:18:54 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 5286411
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: 28_avjOwxZRnxwsIEIvWPRCBujxME3y7ny0LuwKHbi7RKKxAh5-X5A==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
461 B 41ms
7ms XHR
application/json 13.224.189.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-29.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 08:40:59 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 2635486
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: jOMye1HauCVV29x6OhfkMnMjXwYoWCUlnGQuWiy0yYOK1x7524IcOA==

GET
BLOB 200
OK 9aa2b829-5c26-4425-bb60-61fc97ffd027
https://www.avera.org/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.avera.org/9aa2b829-5c26-4425-bb60-61fc97ffd027
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H2 200 clock Show response
tracking.crazyegg.com/ 26 B
133 B 169ms
85ms XHR
text/plain 52.50.139.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1669841144065&tk=e5e6a883902191cb1f2efa7a2b724b13
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.139.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-139-125.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 693f1db291502a573f08d8124cc03b6bc0e7ee4cac98228eb16ee024c4f56853

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 30 Nov 2022 20:45:44 GMT
cache-control: no-store
server: awselb/2.0
content-length: 26
content-type: text/plain

GET
H/1.1 200
OK avera-logo.png
www.avera.org/imgs/ 8 KB
8 KB 116ms
116ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/avera-logo.png

Requested by

Host: www.avera.org
URL: https://www.avera.org/scripts/jquery-1.11.3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

eb22874fc8e8d2e5494f421e1b336fd90a6b026cfc539a33b3acfaee33ea2f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:43 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 7774
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK avera-logo-rev-white.png
www.avera.org/imgs/ 6 KB
7 KB 120ms
120ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/avera-logo-rev-white.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

3b37fea8c665a9de30e8ef27f1fa30d8da8d992f70c499f31847802df520e9c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:43 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 6225
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK avera-chart.png
www.avera.org/imgs/ 6 KB
7 KB 130ms
128ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/avera-chart.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

74eb310e1ac770c9f6b97f2b6f88bbe9cd80297cce8f2c01d9dd3975c7fd4297

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:43 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 6373
X-UA-Compatible: chrome=1

GET
H/1.1

200
OK

Homepage-.jpg
www.avera.org/app/files/public/13ac65ca-609f-4fc6-975d-462eb35c1467/
Redirect Chain

https://www.avera.org/app/files/public/72701/Homepage-.jpg
https://www.avera.org/app/files/public/13ac65ca-609f-4fc6-975d-462eb35c1467/Homepage-.jpg

119 KB
120 KB

405ms
397ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/app/files/public/13ac65ca-609f-4fc6-975d-462eb35c1467/Homepage-.jpg

Protocol

HTTP/1.1

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

9728c80f3cf245b8f33e51fe812c822edeefd99466b5cc137f2f760b635a722c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
content-disposition: inline;filename="Homepage-.jpg"
Content-Length: 121740
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 05 Jan 2022 16:07:00 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Wed, 30 Nov 2022 20:50:45 GMT

Redirect headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Location: /app/files/public/13ac65ca-609f-4fc6-975d-462eb35c1467/Homepage-.jpg
Cache-Control: private
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Content-Length: 185
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK covid-icon.svg
www.avera.org/imgs/icons/ 9 KB
9 KB 137ms
134ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/icons/covid-icon.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

0091a4ca0b923608c0e866806e00f10a339034cfc2a86fe1af294db5ad53e044

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:43 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:52 GMT
Server: Microsoft-IIS/8.5
ETag: "0f01c5e34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 8848
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK billpay-icon.svg
www.avera.org/imgs/icons/ 5 KB
5 KB 127ms
125ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/icons/billpay-icon.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

5273692f8e093c761495bb61c46b5b3ee8188560cf8e30c9c1e02b403b2dfbbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:43 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:52 GMT
Server: Microsoft-IIS/8.5
ETag: "0f01c5e34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 4772
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK records-icon.svg
www.avera.org/imgs/icons/ 1 KB
2 KB 121ms
121ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/icons/records-icon.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

e5c86574ce0ab3ef7d02190f46d525dbeb1d98ca33d37282a896204db4de83a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:52 GMT
Server: Microsoft-IIS/8.5
ETag: "0f01c5e34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 1525
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK greeting-icon.svg
www.avera.org/imgs/icons/ 2 KB
3 KB 122ms
122ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/icons/greeting-icon.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

920405a351a356ef3083c5a7dd6cb2cae6378f2b4eecf4f49cd987a5b825a94d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:52 GMT
Server: Microsoft-IIS/8.5
ETag: "0f01c5e34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 2163
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK prayer-icon.svg
www.avera.org/imgs/icons/ 2 KB
3 KB 122ms
122ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/icons/prayer-icon.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a9247adb2c6e62a9d745f5184f0257a050a7ec3862a17c554724b16f9bdfa7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:52 GMT
Server: Microsoft-IIS/8.5
ETag: "0f01c5e34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 2418
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK donate-icon.svg
www.avera.org/imgs/icons/ 2 KB
3 KB 127ms
126ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/icons/donate-icon.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

1037f44703c0090726e42a788908a7c95e62fb53c85660f9820cb685ec8d4fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:52 GMT
Server: Microsoft-IIS/8.5
ETag: "0f01c5e34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 2215
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK employment-icon.svg
www.avera.org/imgs/icons/ 4 KB
5 KB 121ms
121ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/icons/employment-icon.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

15e233606ccd7278e5268598b02b25f48052cc15c7c2789d3fa0c7ab09d55f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:52 GMT
Server: Microsoft-IIS/8.5
ETag: "0f01c5e34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 4050
X-UA-Compatible: chrome=1

GET
H/1.1 404
Not Found woman-laying-head-on-desk.jpg
www.avera.org/app/security/app/files/public/ 11 KB
11 KB 367ms
367ms Image
text/html 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/app/security/app/files/public/woman-laying-head-on-desk.jpg?size=small

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

b8cc5c1d653c86aca7850b6fe8915cbe32486fe7514e52d02c632c79faee2b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Cache-Control: private
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
X-Robots-Tag: noindex
Content-Length: 14758
X-UA-Compatible: chrome=1

GET
H/1.1 404
Not Found mugs-of-cranberry-spiced-cider.jpg
www.avera.org/app/security/app/files/public/ 7 KB
7 KB 604ms
604ms Image
text/html 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/app/security/app/files/public/mugs-of-cranberry-spiced-cider.jpg?size=small

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

745b0c2268870d48178330de5e3965e01958d86ba4c1b5d744ea48770f077f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Cache-Control: private
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
X-Robots-Tag: noindex
Content-Length: 14763
X-UA-Compatible: chrome=1

GET
H/1.1 404
Not Found Alix-and-Bailey-Peterka.jpg
www.avera.org/app/security/app/files/public/ 7 KB
7 KB 668ms
668ms Image
text/html 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/app/security/app/files/public/Alix-and-Bailey-Peterka.jpg?size=small

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

745b0c2268870d48178330de5e3965e01958d86ba4c1b5d744ea48770f077f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Cache-Control: private
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
X-Robots-Tag: noindex
Content-Length: 14756
X-UA-Compatible: chrome=1

GET
H/1.1

200
OK

ask-the-question-suicide-prevention-home-page-panel-image.jpg
www.avera.org/app/files/public/186b461d-aada-4414-89a1-707f44edea47/
Redirect Chain

https://www.avera.org/app/files/public/83541/ask-the-question-suicide-prevention-home-page-panel-image.jpg
https://www.avera.org/app/files/public/186b461d-aada-4414-89a1-707f44edea47/ask-the-question-suicide-prevention-home-page-panel-image.jpg

34 KB
35 KB

137ms
137ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/app/files/public/186b461d-aada-4414-89a1-707f44edea47/ask-the-question-suicide-prevention-home-page-panel-image.jpg

Protocol

HTTP/1.1

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

743e4b3266284e5b6bc77b8f2518aaed4ac9f990e4dc02ec267a5804fbb378d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
content-disposition: inline;filename="ask-the-question-suicide-prevention-home-page-panel-image.jpg"
Content-Length: 35109
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 11 Oct 2022 19:03:00 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Wed, 30 Nov 2022 20:50:44 GMT

Redirect headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Location: /app/files/public/186b461d-aada-4414-89a1-707f44edea47/ask-the-question-suicide-prevention-home-page-panel-image.jpg
Cache-Control: private
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Content-Length: 233
X-UA-Compatible: chrome=1

GET
H/1.1

200
OK

movinghealthforward_tagline_72.png
www.avera.org/app/files/public/96c0f818-a17d-40a3-928c-2f93137b97d5/
Redirect Chain

https://www.avera.org/app/files/public/82030/movinghealthforward_tagline_72.png
https://www.avera.org/app/files/public/96c0f818-a17d-40a3-928c-2f93137b97d5/movinghealthforward_tagline_72.png

2 KB
3 KB

139ms
139ms

Image
image/png

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/app/files/public/96c0f818-a17d-40a3-928c-2f93137b97d5/movinghealthforward_tagline_72.png

Protocol

HTTP/1.1

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

703ce5aaa72d165502076c8e999dab1c78183e4e7f17ecd67d09a3e83e95bc8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
content-disposition: inline;filename="movinghealthforward_tagline_72.png"
Content-Length: 2147
X-UA-Compatible: chrome=1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sun, 09 Jan 2022 16:59:00 GMT
Server: Microsoft-IIS/8.5
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Expires: Wed, 30 Nov 2022 20:50:44 GMT

Redirect headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Location: /app/files/public/96c0f818-a17d-40a3-928c-2f93137b97d5/movinghealthforward_tagline_72.png
Cache-Control: private
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Content-Length: 206
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK facebook-gray.png
www.avera.org/imgs/ahp/ 797 B
2 KB 122ms
121ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/ahp/facebook-gray.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

e08a3844d3464092e8466c67bb3da89969df7706325b881ed3c6d1bf7a29e7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:50 GMT
Server: Microsoft-IIS/8.5
ETag: "0c3eb5c34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 797
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK twitter-gray.png
www.avera.org/imgs/ahp/ 2 KB
3 KB 164ms
122ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/ahp/twitter-gray.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a4a7cb4442f2edc08428b62c3092862c7cab9f712f7e054669691d013a8daed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:50 GMT
Server: Microsoft-IIS/8.5
ETag: "0c3eb5c34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 2116
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK youtube-gray.png
www.avera.org/imgs/ahp/ 2 KB
2 KB 140ms
116ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/ahp/youtube-gray.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

906d7656e5f6956255982fc7595b36c8919d00798c9ea49b8de207a041453df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:50 GMT
Server: Microsoft-IIS/8.5
ETag: "0c3eb5c34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 1569
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK pinterest-gray.png
www.avera.org/imgs/ahp/ 2 KB
3 KB 208ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/ahp/pinterest-gray.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

2648b41158b86120326e2bf0759966f426956c2d068d8f52ae75c7ca977820dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:50 GMT
Server: Microsoft-IIS/8.5
ETag: "0c3eb5c34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 2338
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK linkedin-gray.png
www.avera.org/imgs/ahp/ 1 KB
2 KB 134ms
116ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/ahp/linkedin-gray.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

2f52b9b171b491ff4c5a5d9c5bc7c668d025b4989951aa37afebbe4ebe61c8ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:50 GMT
Server: Microsoft-IIS/8.5
ETag: "0c3eb5c34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 1265
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK avera-logo-reversed.png
www.avera.org/imgs/ 5 KB
6 KB 167ms
127ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avera.org/imgs/avera-logo-reversed.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

05abebf463c3a259ccb353c6142886a9d711878bc197d2ca9b0607679817b4db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/app/security/verifyEmail.aspx?email=wlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Date: Wed, 30 Nov 2022 20:45:44 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 20:53:48 GMT
Server: Microsoft-IIS/8.5
ETag: "096ba5b34f9d81:0"
Expect-CT: max-age=86400
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14400
Permissions-Policy: geolocation=(self), payment=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), sync-xhr=(self "https://formulate.geonetric.com" "https://forms.geonetric.com"), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
Accept-Ranges: bytes
Content-Length: 5571
X-UA-Compatible: chrome=1

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 72 B
510 B 127ms
127ms Script
text/html 3.215.172.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=12820&account_id=564662&title=Verify%20Your%20Email%20Address&url=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DwlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%253d&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-172-219.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 20:45:44 GMT
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
Server: PardotServer
vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
cache-control: max-age=63072000
Connection: keep-alive
Content-Length: 89
expires: Fri, 29 Nov 2024 20:45:44 GMT

GET
BLOB 200
OK ce40ce8c-dbbc-45d0-a1e0-d4c69a7a6b52
https://www.avera.org/ 241 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.avera.org/ce40ce8c-dbbc-45d0-a1e0-d4c69a7a6b52
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3b4ddb98df7288a34fcb65b2345c4f441a26d7f52beb7dd0b83c9cff3910a54

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 241
Content-Type: text/javascript

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 34ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6KMB13EQJ9&gtm=2oebs0&_p=1460928346&cid=211317883.1669841143&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1669841143&sct=1&seg=0&dl=https%3A%2F%2Fwww.avera.org%2Fapp%2Fsecurity%2FverifyEmail.aspx%3Femail%3DwlsjJdFu0sQ7mpjv87jQulKHSWlj65w5JlYb74V5CX0%253d&dt=Verify%20Your%20Email%20Address&en=scroll&epn.percent_scrolled=90&_et=10
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6KMB13EQJ9&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:45:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avera.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

304 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.avera.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 0bbivjacsjtrsdqoeg4avfvo
www.avera.org/	1970-01-20 16:36:17	Name: mobileview Value: web
www.avera.org/	1969-12-31 23:59:59	Name: LB_SessionId Value: 141453322.1.2526730976.2730376192
www.avera.org/	1970-01-20 16:36:17	Name: cookiesession1 Value: 678A3E61LMNOPQRSTUVXYZJKLMNO6F2F
.avera.org/	1970-01-20 10:00:17	Name: _gcl_au Value: 1.1.1517407817.1669841143
.bing.com/	1970-01-20 17:12:17	Name: MUID Value: 3E490B582AC3692E005219342BA8689C
.avera.org/	1970-01-20 17:26:41	Name: _ga_6KMB13EQJ9 Value: GS1.1.1669841143.1.0.1669841143.0.0.0
.avera.org/	1970-01-20 17:26:41	Name: _ga Value: GA1.2.211317883.1669841143
.avera.org/	1970-01-20 07:52:07	Name: _gid Value: GA1.2.466756194.1669841143
30531.tctm.co/	1969-12-31 23:59:59	Name: ct30531 Value: 6387c0f70000774316f9208b
.avera.org/	1970-01-20 07:50:41	Name: _gat_UA-2450492-1 Value: 1
.avera.org/	1970-01-20 07:52:07	Name: _uetsid Value: f5467dc070ef11edb6f5d734ad79b9e5
.avera.org/	1970-01-20 17:12:17	Name: _uetvid Value: f54693f070ef11edb5c3c39bc22ae470
.avera.org/	1970-01-20 08:33:53	Name: __ctmid Value: 6387c0f70000774316f9208b
www.avera.org/	1970-01-20 08:33:53	Name: __ctmid Value: 6387c0f70000774316f9208b
.avera.org/	1970-01-20 17:26:41	Name: nmstat Value: 32f9d01b-073c-020b-4c16-14ced5da4ad6
.avera.org/	1970-01-20 07:50:42	Name: tfpsi Value: 5f75f493-24b3-4ace-b212-3662d5d2a17e
69057.global.siteimproveanalytics.io/	1970-01-20 08:00:45	Name: AWSALBCORS Value: GN8JNObHp0lC07yv5apgOQRvR/CUyHgC3tncOhuCy1DRbLv7QXekLQhIbkGWMnFk3W3kR+WJKTjP1mvRBdTm9mLAkzpPDRJQSxgF2wvpOOeaJcXfeua8IY3+dF4F
.rfihub.com/	1970-01-20 17:12:17	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjUwtbAwsDA3MxTiM9R1LPQs0fXxyXcM8EsFABtO05UlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjUwtbAwsDA3MxTiM9R1LPQs0fXxyXcM8EsFABtO05UlAAAA
.doubleclick.net/	1970-01-20 17:12:17	Name: IDE Value: AHWqTUl7iE1ZtyVW5AHcT8TM1keI2x1cH2MWfVlHYXCIcyHd4RicST_Oq2wolEawcAM
.casalemedia.com/	1970-01-20 16:36:17	Name: CMID Value: Y4fA9y4KsiRK1SLqEQbBUwAA
.casalemedia.com/	1970-01-20 10:00:17	Name: CMPS Value: 3258
.casalemedia.com/	1970-01-20 10:00:17	Name: CMPRO Value: 3258
.adnxs.com/	1970-01-20 10:00:17	Name: uuid2 Value: 4521262939184124932
.adnxs.com/	1970-01-20 10:00:17	Name: anj Value: dTM7k!M4/YErk#WF']wIg2ImUL2F+U!@wnfH8KAM.xpH^Gmi[pFpGilEs8]fG44S^D?b`-sDenD-(a.]!2>h9/+0J2!'hB-CR>).
.media.net/	1970-01-20 16:36:17	Name: visitor-id Value: 3128427437576468000V10
.media.net/	1970-01-20 16:34:50	Name: data-rk Value: 5109685625058808761~~3
.eyeota.net/	1970-01-20 07:50:41	Name: SERVERID Value: 22406~DM
.demdex.net/	1970-01-20 12:09:53	Name: demdex Value: 36866407813929533492586159437115068081
.bidswitch.net/	1970-01-20 16:36:17	Name: tuuid Value: 10c1b514-ab08-4ca4-b0d2-346c3dec574f
.bidswitch.net/	1970-01-20 16:36:17	Name: c Value: 1669841143
.bidswitch.net/	1970-01-20 16:36:17	Name: tuuid_lu Value: 1669841143
.dpm.demdex.net/	1970-01-20 12:09:53	Name: dpm Value: 36866407813929533492586159437115068081
.avera.org/	1970-01-20 17:26:41	Name: invoca_session Value: %7B%22ttl%22%3A%222022-12-30T20%3A45%3A43.811Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D
.krxd.net/	1970-01-20 12:09:53	Name: _kuid_ Value: POv0V90P
.rezync.com/	1970-01-20 12:09:53	Name: zync-uuid Value: 76773f39-4a15-4512-8618-73d4e30732de:1669841143.7367237
live.rezync.com/	1970-01-20 12:09:53	Name: sd-session-id Value: .eJwNylEKwyAMANC75LsOYzSJXqaUmYFsdaN2Pyu9-_r54B0wf2xbl259h7JvX5vg_mqXBpQDRvut9oQCCX1mTRyST6pehRHOCYaN0d59bvU6wiL0oOzigsnFhMEpozqhGo28UKhWkDlrRIx0E2IJJHD-AYVzJJg.Y4fA9w.cUGpDEtOVk8b6UGiMgG3RBIh4AU
.everesttech.net/	1970-01-20 16:36:17	Name: everest_g_v2 Value: g_surferid~Y4fA9wAAADTBdQA9
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dXKPyE8xTSzN8c_zScoKLEsP8LRwTF7FKBBpkuZoWe7o6OgS4pQS6GjZxGJubmZubpxmbKlrkmhoqmtiamika2FmaKFrbpxikmpsYG5slJJqZWhmZmlhYmhoYqxnbmxmbmRsDgCs5CfyawAAAA
.rfihub.com/	1970-01-20 17:12:17	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dXKPyE8xTSzN8c_zScoKLEsP8LRwTA7iNTQzs7QwMTQ0MTYzt5jFiMQ3NTVehcY_hcZ_hcb_hcafxITKn4XGX4TGX4XG34TG34WungWVfwuNv4hVINIkzdGy3NHR0SXEKSXQ0XIVK5ISC0vLTaxoVnCjeQmNP0nY3NzM3Nw4zdhS1yTR0FTXxNTQSNfCzNBC19w4xSTV2MDc2Cgl1QqhSc8cGLRGxuazhJFtNjVbJIxq8iM0PgCdVTAYugEAAA
.avera.org/	1969-12-31 23:59:59	Name: cebs Value: 1
.avera.org/	1970-01-20 16:36:17	Name: _ce.s Value: v~7a314f7300629a7ef5a7849fce710edfc86f2c29~vpv~0
.spotxchange.com/	1970-01-20 08:31:00	Name: audience Value: f5d0b68d-70ef-11ed-b249-14f0ef8b0306
.avera.org/	1969-12-31 23:59:59	Name: cebsp Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5109685625058808761 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=76773f39-4a15-4512-8618-73d4e30732de%3A1669841143.7367237 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://www.avera.org/app/security/app/files/public/woman-laying-head-on-desk.jpg?size=small Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.avera.org/app/security/app/files/public/mugs-of-cranberry-spiced-cider.jpg?size=small Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.avera.org/app/security/app/files/public/Alix-and-Bailey-Peterka.jpg?size=small Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20770730p.rfihub.com
30531.tctm.co
69057.global.siteimproveanalytics.io
a.rfihub.com
aa.agkn.com
assets-tracking.crazyegg.com
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cm.g.doubleclick.net
cm.teads.tv
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
live.rezync.com
p.rfihub.com
p.teads.tv
pagestates-tracking.crazyegg.com
partners.tremorhub.com
pi.pardot.com
pixel.rubiconproject.com
ps.eyeota.net
region1.google-analytics.com
script.crazyegg.com
siteimproveanalytics.com
solutions.invocacdn.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
t.teads.tv
tracking.crazyegg.com
www.avera.org
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
104.111.215.191
104.75.89.75
104.79.88.129
13.224.189.10
13.224.189.115
13.224.189.29
13.225.78.77
142.250.185.130
151.101.130.49
185.80.39.216
185.89.210.180
185.94.180.126
193.0.160.129
2.23.197.36
2001:4860:4802:32::36
2600:1f18:612b:4232:9a5c:3bc3:f2af:d7e9
2600:9000:21f3:3400:1:76cf:fe80:93a1
2600:9000:223d:2c00:12:de4a:40:93a1
2606:4700::6813:9408
2606:4700:e0::ac40:6924
2620:1ec:c11::200
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c04::9a
3.120.214.218
3.123.165.229
3.127.96.241
3.215.172.219
3.231.172.211
3.67.122.202
35.244.174.68
52.162.218.125
52.214.172.145
52.50.139.125
54.194.72.129
54.76.86.77
69.173.144.165
0091a4ca0b923608c0e866806e00f10a339034cfc2a86fe1af294db5ad53e044
05abebf463c3a259ccb353c6142886a9d711878bc197d2ca9b0607679817b4db
05b777f92a6b004deaa5d081f1d44f3a90f50410d7882ca76d475936d9a17e19
0aade28df809068b9b4da9877621fe3ecc0fa3234161f23552c61dc884c12954
1037f44703c0090726e42a788908a7c95e62fb53c85660f9820cb685ec8d4fef
13db9535837b68ad951f79fc71e9344b71a600d397a1bc0032f005ac260ded16
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
15e233606ccd7278e5268598b02b25f48052cc15c7c2789d3fa0c7ab09d55f78
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
24d256e41daf93aa8f841558593376434d6f1ba705376eb33d2e34ad6fea5d27
2648b41158b86120326e2bf0759966f426956c2d068d8f52ae75c7ca977820dc
2f52b9b171b491ff4c5a5d9c5bc7c668d025b4989951aa37afebbe4ebe61c8ad
309046ca3d1b480cb6e22ded574cccefdc6554cf40aa4fdfaf77d1acbe9f2a13
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
359277ca3321cae12dcb73545a3abb94ec64e0e595f99557e64e437fcd711023
37dddab995ec8c715249818a1883df536fe47693ece7f7af46a9cafb3c276199
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3b37fea8c665a9de30e8ef27f1fa30d8da8d992f70c499f31847802df520e9c1
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
3c8f3976c297646ce0b2d0f8243093318bcc49df1764b7fddb672aec0b4e5891
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
40dcb619490d3995b3b00c44cbc7a23cc431910971734c2ed725ecc504545eb6
411d6092d1c4c1448905b119e2f2504fa02dae98ab253f79e2699e4ecec95d77
45eef49f3a571e7e9936f0b56badd7028bde5f8fd3701c51f11a93ac527a9781
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
495f1dc165fb97f36eae9edca363b818794f02bb575962aae4515430f204cc0f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5e2c67a5a866735933e7da96f0fef9b808cf2ab2f2b9e1b77f7ecb24b51030
50f564384ebe348cff8084cba74b5e6f393176403400ebbe68a2aa7b858e32d9
5273692f8e093c761495bb61c46b5b3ee8188560cf8e30c9c1e02b403b2dfbbe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
592578012e77080dcd2228e0d1a61fc04c497e44a5f84ec064123557187b8050
59e09d0093da63c9aa75b13efaa4451aeebd3534fa9cb31d1e81dba674711ef8
5bd1509337ed0340671fe3a20fd38f2bb22718239f709014cdf99f251bd7808c
64d6669a5e1fb2b01be947d4a5f7f0ddfa85ee174483248acf473edbc193fc04
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
67f31bf65c22382c6fad74dd5d556deaf4e108f270ac95f87d89df69c8ed1a12
6882d51943dfbefd6a3ef4b957c7a4bc06976e071b00d497dedebb75cbc6bc55
693f1db291502a573f08d8124cc03b6bc0e7ee4cac98228eb16ee024c4f56853
6ee1a78db9127677fc0e343c8b2ae01bcb616b3ef194dd207ae6fe00e002414c
6fae1e29b35e501c848539f7f70fde38bf4bf2c933d65f0bcf8f8045aacec6a0
703ce5aaa72d165502076c8e999dab1c78183e4e7f17ecd67d09a3e83e95bc8c
70b5b48b9621e7af2d0783f2aa0e7a26734476499e6756710794583d864c95b2
743e4b3266284e5b6bc77b8f2518aaed4ac9f990e4dc02ec267a5804fbb378d6
745b0c2268870d48178330de5e3965e01958d86ba4c1b5d744ea48770f077f99
74eb310e1ac770c9f6b97f2b6f88bbe9cd80297cce8f2c01d9dd3975c7fd4297
75de71d661c1987893c1a7d34055948538979386a8c57db357352470d7aab3e4
7905f541197db185ab7f6545d7b7907ab37b391e1962bdd884473721dd52f44a
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
822204d7b5e456b3004a8bfcc237a11291dd0368b70c7d1031c3185fa9f552be
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
906d7656e5f6956255982fc7595b36c8919d00798c9ea49b8de207a041453df9
920405a351a356ef3083c5a7dd6cb2cae6378f2b4eecf4f49cd987a5b825a94d
9728c80f3cf245b8f33e51fe812c822edeefd99466b5cc137f2f760b635a722c
972cc181c11ea10492a1cdbdc45d375b47791bd682e31f4fa783a969050075fc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1e2d5c67db7e75218040da891cefbef4b6f4d7190cbb7233b775daf24c81dd4
a4a7cb4442f2edc08428b62c3092862c7cab9f712f7e054669691d013a8daed3
a9247adb2c6e62a9d745f5184f0257a050a7ec3862a17c554724b16f9bdfa7e3
abe2cac72ed872f31e123a48df71a53174cc36dbefc4164e526e456d1482f159
b0e90e848170144310bc41087314c1505d23ed447a1002039c2db35563e082fd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6903d519be5345a82db42d44ff8f2b9b93b5ab1a2973008c2443abe037d50eb
b7325ac83bd101ce91be8abfbd07b130e5f37a3485d85c72d80c149b31ae2798
b8cc5c1d653c86aca7850b6fe8915cbe32486fe7514e52d02c632c79faee2b22
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c6ef99ef5a095a2f445166501211f5f94093da7b619a98f53b1ccfc445ec8cc9
c81c906e946326673d3d050bdc3eac15fadc8d2253e2d27524d92b7daa39a71a
cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204
ce2967a02b012efe560e49eff4241f81955a3d8f9ca4e75102238e14f3e12c46
d295f42892d46d099570e81df48f4cf04001f1db26dda88086b228351e692ecd
d3b4ddb98df7288a34fcb65b2345c4f441a26d7f52beb7dd0b83c9cff3910a54
d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1
dcba9eabd6a7b2bd8fe0e055111f29dd4d7d547f83761f2fd5319c6ef5694aaf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e08a3844d3464092e8466c67bb3da89969df7706325b881ed3c6d1bf7a29e7a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c86574ce0ab3ef7d02190f46d525dbeb1d98ca33d37282a896204db4de83a1
eb22874fc8e8d2e5494f421e1b336fd90a6b026cfc539a33b3acfaee33ea2f48
ed88f9f4ddc6d33339fb4d88e0495ef8d039a1330ac634a8a88d61e0d396606d
ee72aea709bfd36b9e2d858574e054ac44bb68f469cb539974f413a4f6d8f2db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f08006fbc97f17f1cd26a30fc3e046622207953b7e8d4182c51d81e252e34747
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

www.avera.org Open in urlscan Pro 52.162.218.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

112 Requests

88 %HTTPS

37 %IPv6

36 Domains

46 Subdomains

41 IPs

6 Countries

1114 kBTransfer

2641 kBSize

45 Cookies

1 Outgoing links

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.avera.org Open in urlscan Pro
52.162.218.125 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

88 %
HTTPS

37 %
IPv6

36
Domains

46
Subdomains

41
IPs

6
Countries

1114 kB
Transfer

2641 kB
Size

45
Cookies

112 HTTP transactions
0 data transactions