login.securedocs.com Open in urlscan Pro
34.197.141.86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://altasciences.securedocs.com/
Effective URL:
https://login.securedocs.com/users/sign_in
Submission: On July 01 via manual (July 1st 2020, 3:02:10 pm UTC) from CH

Summary HTTP 42 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 7 countries across 23 domains to perform 42 HTTP transactions. The main IP is 34.197.141.86, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is login.securedocs.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on October 8th 2019. Valid for: 2 years.

This is the only time login.securedocs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 10	34.197.141.86 34.197.141.86	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE)
3	23.210.248.216 23.210.248.216	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.224.102.77 13.224.102.77	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:821::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 2	52.30.34.11 52.30.34.11	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.112.65 151.101.112.65	54113 (FASTLY) (FASTLY)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7 10	52.51.60.151 52.51.60.151	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1 1	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.23.94.221 52.23.94.221	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3 6	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
42	23

10 34.197.141.86 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-141-86.compute-1.amazonaws.com

altasciences.securedocs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.securedocs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.210.248.216 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-216.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.102.77 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-77.zrh50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.34.11 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-34-11.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.65 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

tag.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.51.60.151 (Dublin, Ireland) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-60-151.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.248.44 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.23.94.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-94-221.compute-1.amazonaws.com

pixel.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom) 1 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.173.27 (Ascension Island) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	prfct.co 7 redirects pixel-geo.prfct.co pixel.prfct.co	5 KB
10	securedocs.com 4 redirects altasciences.securedocs.com login.securedocs.com	796 KB
6	adnxs.com 3 redirects secure.adnxs.com	6 KB
5	facebook.com www.facebook.com	734 B
4	adroll.com s.adroll.com d.adroll.com	14 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	1 KB
2	facebook.net connect.facebook.net	165 KB
2	google.de www.google.de	213 B
2	google.com 1 redirects www.google.com	302 B
2	driftt.com js.driftt.com	45 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	gstatic.com fonts.gstatic.com	18 KB
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	openx.net us-u.openx.net	180 B
1	yahoo.com 1 redirects ads.yahoo.com	658 B
1	addthis.com 1 redirects cw.addthis.com	453 B
1	twitter.com analytics.twitter.com	573 B
1	marinsm.com tag.marinsm.com	5 KB
1	cloudflare.com cdnjs.cloudflare.com	18 KB
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	googleadservices.com www.googleadservices.com	11 KB
1	googletagmanager.com www.googletagmanager.com	44 KB
1	googleapis.com fonts.googleapis.com	854 B
42	23

	Domain	Requested by
10	pixel-geo.prfct.co	7 redirects login.securedocs.com
8	login.securedocs.com	2 redirects login.securedocs.com
6	secure.adnxs.com	3 redirects login.securedocs.com
5	www.facebook.com	login.securedocs.com
3	s.adroll.com	www.googletagmanager.com s.adroll.com
2	pixel.prfct.co	login.securedocs.com
2	connect.facebook.net	tag.marinsm.com connect.facebook.net
2	www.google.de	login.securedocs.com
2	www.google.com	1 redirects login.securedocs.com
2	js.driftt.com	login.securedocs.com js.driftt.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	fonts.gstatic.com	login.securedocs.com
2	altasciences.securedocs.com	2 redirects
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com	login.securedocs.com
1	us-u.openx.net	login.securedocs.com
1	ads.yahoo.com	1 redirects
1	cw.addthis.com	1 redirects
1	analytics.twitter.com	login.securedocs.com
1	tag.marinsm.com	login.securedocs.com
1	cdnjs.cloudflare.com	login.securedocs.com
1	d.adroll.com	login.securedocs.com
1	d.adroll.mgr.consensu.org	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	login.securedocs.com
1	fonts.googleapis.com	login.securedocs.com
42	28

This site contains links to these domains. Also see Links.

Domain
hubs.ly
www.securedocs.com

Subject Issuer	Validity	Valid
*.securedocs.com GeoTrust RSA CA 2018	`2019-10-08` - `2022-01-06`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
drift.com Amazon	`2019-10-03` - `2020-11-03`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2019-11-06` - `2020-12-06`	a year	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
g.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2020-04-20` - `2020-09-23`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
*.prfct.co DigiCert SHA2 Secure Server CA	`2019-09-03` - `2021-10-27`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://login.securedocs.com/users/sign_in
Frame ID: 149674A6B54C9405462F5AE6AA6CBE04
Requests: 42 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: 4B9C8125F60DCCA165A40337B5FAC983
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://altasciences.securedocs.com/ HTTP 301
https://altasciences.securedocs.com/ HTTP 302
https://login.securedocs.com/login/start?return_to=https%3A%2F%2Faltasciences.securedocs.com%2F HTTP 302
https://login.securedocs.com/login/complete HTTP 302
https://login.securedocs.com/users/sign_in Page URL

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

42
Requests

100 %
HTTPS

46 %
IPv6

23
Domains

28
Subdomains

23
IPs

7
Countries

1140 kB
Transfer

2940 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://hubs.ly/H01Sqx_0

Search URL Search Domain Scan URL

URL: http://hubs.ly/H01Sqzb0

Search URL Search Domain Scan URL

URL: http://www.securedocs.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: http://www.securedocs.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://altasciences.securedocs.com/ HTTP 301
https://altasciences.securedocs.com/ HTTP 302
https://login.securedocs.com/login/start?return_to=https%3A%2F%2Faltasciences.securedocs.com%2F HTTP 302
https://login.securedocs.com/login/complete HTTP 302
https://login.securedocs.com/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1400563697&t=pageview&_s=1&dl=https%3A%2F%2Flogin.securedocs.com%2Fusers%2Fsign_in&ul=en-us&de=UTF-8&dt=SecureDocs%20Inc.%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=961544891&gjid=1819853324&cid=307231437.1593615711&tid=UA-29552594-1&_gid=972685190.1593615711&_r=1&gtm=2wg6o0KWJW48&z=1424664875 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29552594-1&cid=307231437.1593615711&jid=961544891&_gid=972685190.1593615711&gjid=1819853324&_v=j83&z=1424664875 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29552594-1&cid=307231437.1593615711&jid=961544891&_v=j83&z=1424664875 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29552594-1&cid=307231437.1593615711&jid=961544891&_v=j83&z=1424664875&slf_rd=1&random=1162092367

Request Chain 20

https://d.adroll.mgr.consensu.org/consent/iabcheck/HFPZZX3GXRGZTISQ2DP3OA?_s=13396acb13842c561170e96b2358e2d9&_b=2 HTTP 302
https://d.adroll.com/consent/check/HFPZZX3GXRGZTISQ2DP3OA/?_s=13396acb13842c561170e96b2358e2d9&_b=2

Request Chain 24

https://pixel-geo.prfct.co/tagjs?a_id=65989&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=65989&source=js_tag

Request Chain 27

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_QRaql8joCmljH2wsH

Request Chain 28

https://pixel-geo.prfct.co/cs/?partnerId=crw HTTP 302
https://cw.addthis.com/t.gif?pid=37&pidt=0&pdid=pa_QRaql8joCmljH2wsH&cu=https%3A%2F%2Fpixel.prfct.co%2Fcb%3FpartnerId%3Dcrw HTTP 302
https://pixel.prfct.co/cb?partnerId=crw

Request Chain 29

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_QRaql8joCmljH2wsH&sigv=1&esig=2~1c487192c0905b9be9660ce14fd039247f72c521 HTTP 302
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_QRaql8joCmljH2wsH

Request Chain 30

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_QRaql8joCmljH2wsH

Request Chain 31

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_QRaql8joCmljH2wsH

Request Chain 32

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfUVJhcWw4am9DbWxqSDJ3c0g HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 35

https://secure.adnxs.com/seg?t=2&add=6541892 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D6541892

Request Chain 37

https://secure.adnxs.com/seg?t=2&add=7027629 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D7027629

Request Chain 39

https://secure.adnxs.com/seg?t=2&add=8380938 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D8380938

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set sign_in Show response
login.securedocs.com/users/
Redirect Chain

http://altasciences.securedocs.com/
https://altasciences.securedocs.com/
https://login.securedocs.com/login/start?return_to=https%3A%2F%2Faltasciences.securedocs.com%2F
https://login.securedocs.com/login/complete
https://login.securedocs.com/users/sign_in

7 KB
4 KB

161ms
160ms

Document
text/html

34.197.141.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.securedocs.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.197.141.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-141-86.compute-1.amazonaws.com

Software

Resource Hash

3bb39058644d15edbf323a9f341c697fec555d2bc6dee58971b3daad3bb6d6c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Host: login.securedocs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _sso_session_v3=%2BRbpPNqtd6nAZeGrXW2NFSNBq50v7F0l6B1y9XY%2BH%2B3lC7bM76aI%2BYl5WAR87eBEyl5hpD3D93nL8Y%2BnUFlv1XoOvfxnneRiKDxLMu5HNZmGrRNthcNyT3AH7Y6R3EKWwB9BwyLYDUH22uYbCBQSQGQlkpK2C6LMlgq7T6aqNijvcAWtmtNABtXMPuAl5UgK2Q%3D%3D--%2FlpguKe3plpISaT3--uJOZb%2BqmxLJIYhKbjcO8Ow%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
Cache-control: private
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Jul 2020 15:01:50 GMT
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: _sso_session_v3=gYLYp9vrzV3Qud5JkNCyqwHB5jR%2FpcWoV6dgCoJawMqF8wrP7LOaqZkZaX%2BCJQMVe0zrNLCcasxFY2FTsfF9Xzyq%2Fk1aRrbr9nWU%2FehIBv7ctXg9Yf6gja2pmE6iNkydeQWei9yAgH4yoRi1oH1u%2BZwjr%2FuS%2BiVeTl8ngeTzTxtxQyYwm%2Ba%2FW5qecnyZW4JjObYsgQzVWSN3eODZn7lY%2Bwc%3D--A38zYFg5mk1z1oBf--fuvvbqkWYTk4Y10Yw6xihw%3D%3D; path=/; secure; HttpOnly SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Status: 200 OK
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: ALLOWALL
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: XvylXn8AAAEAAGIuLjcAAABc
X-XSS-Protection: 1; mode=block
Content-Length: 3353
Connection: keep-alive

Redirect headers

Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Jul 2020 15:01:50 GMT
Location: https://login.securedocs.com/users/sign_in
Set-Cookie: _sso_session_v3=%2BRbpPNqtd6nAZeGrXW2NFSNBq50v7F0l6B1y9XY%2BH%2B3lC7bM76aI%2BYl5WAR87eBEyl5hpD3D93nL8Y%2BnUFlv1XoOvfxnneRiKDxLMu5HNZmGrRNthcNyT3AH7Y6R3EKWwB9BwyLYDUH22uYbCBQSQGQlkpK2C6LMlgq7T6aqNijvcAWtmtNABtXMPuAl5UgK2Q%3D%3D--%2FlpguKe3plpISaT3--uJOZb%2BqmxLJIYhKbjcO8Ow%3D%3D; path=/; secure; HttpOnly SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Status: 302 Found
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Request-Id: XvylXn8AAAEAADyOBIYAAABK
Content-Length: 111
Connection: keep-alive

GET
H/1.1 200
OK application-f00bd2ad35119717d6f67a402c1316cb87a65d0b71e9a2785f0f98dd030b5fd7.css
login.securedocs.com/assets/ 27 KB
5 KB 147ms
147ms Stylesheet
text/css 34.197.141.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.securedocs.com/assets/application-f00bd2ad35119717d6f67a402c1316cb87a65d0b71e9a2785f0f98dd030b5fd7.css

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.197.141.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-141-86.compute-1.amazonaws.com

Software

Resource Hash

f00bd2ad35119717d6f67a402c1316cb87a65d0b71e9a2785f0f98dd030b5fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.securedocs.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 01 Jul 2020 15:01:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Dec 2019 09:13:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css
Cache-control: private
Connection: keep-alive
Content-Length: 5259

GET
H2 200 css
fonts.googleapis.com/ 7 KB
854 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2265e200507b1207ec22eb06405cfd80e433e6de7665ae9c7f9ef61c375a78cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Jul 2020 15:01:50 GMT
server: ESF
date: Wed, 01 Jul 2020 15:01:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Jul 2020 15:01:50 GMT

GET
H/1.1 200
OK SecureDocs_Logo-8a8b3553d27d464014cb8445e8d5820e4c102282b24af81a12809866d71c7c79.png
login.securedocs.com/assets/ 3 KB
4 KB 405ms
136ms Image
image/png 34.197.141.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.securedocs.com/assets/SecureDocs_Logo-8a8b3553d27d464014cb8445e8d5820e4c102282b24af81a12809866d71c7c79.png

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.197.141.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-141-86.compute-1.amazonaws.com

Software

Resource Hash

8a8b3553d27d464014cb8445e8d5820e4c102282b24af81a12809866d71c7c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.securedocs.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 01 Jul 2020 15:01:50 GMT
Last-Modified: Wed, 04 Dec 2019 09:12:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3535

GET
H/1.1 200
OK ContractWorks_Logo-f0e0f61168eefe4fb42a881b9a22924a37a38feaf2a6d9fb3567e7b286ba97c9.png
login.securedocs.com/assets/ 4 KB
4 KB 417ms
141ms Image
image/png 34.197.141.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.securedocs.com/assets/ContractWorks_Logo-f0e0f61168eefe4fb42a881b9a22924a37a38feaf2a6d9fb3567e7b286ba97c9.png

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.197.141.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-141-86.compute-1.amazonaws.com

Software

Resource Hash

f0e0f61168eefe4fb42a881b9a22924a37a38feaf2a6d9fb3567e7b286ba97c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.securedocs.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 01 Jul 2020 15:01:50 GMT
Last-Modified: Sat, 25 Jan 2020 03:36:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3786

GET
H/1.1 200
OK login_page_announcement_SSO_Feb_2018_4-6064a83b24ac2f7b85bcb0565c89ef157be30b3d3805863b8941b91af2c8d45c.png
login.securedocs.com/assets/ 202 KB
203 KB 531ms
252ms Image
image/png 34.197.141.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.securedocs.com/assets/login_page_announcement_SSO_Feb_2018_4-6064a83b24ac2f7b85bcb0565c89ef157be30b3d3805863b8941b91af2c8d45c.png

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.197.141.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-141-86.compute-1.amazonaws.com

Software

Resource Hash

6064a83b24ac2f7b85bcb0565c89ef157be30b3d3805863b8941b91af2c8d45c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.securedocs.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 01 Jul 2020 15:01:50 GMT
Last-Modified: Wed, 04 Dec 2019 09:11:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 207303

GET
H/1.1 200
OK application-8753b279cfd2b7c7c5b86b581008b7b7a62ec0385dcd0272919663af423f0cf0.js Show response
login.securedocs.com/assets/ 2 MB
574 KB 403ms
256ms Script
application/javascript 34.197.141.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.securedocs.com/assets/application-8753b279cfd2b7c7c5b86b581008b7b7a62ec0385dcd0272919663af423f0cf0.js

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.197.141.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-141-86.compute-1.amazonaws.com

Software

Resource Hash

8753b279cfd2b7c7c5b86b581008b7b7a62ec0385dcd0272919663af423f0cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.securedocs.com/users/sign_in
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 01 Jul 2020 15:01:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Dec 2019 09:13:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Cache-control: private
Connection: keep-alive
Content-Length: 586959

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 128 KB
44 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KWJW48

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ccac37ecb04b67f169e67e5c3092c9dc39e28846267b064cab610bef8705707e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 01 Jul 2020 15:01:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44938
x-xss-protection: 0
expires: Wed, 01 Jul 2020 15:01:50 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600
Origin: https://login.securedocs.com

Response headers

date: Tue, 09 Jun 2020 22:05:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1875358
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 09 Jun 2021 22:05:52 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600
Origin: https://login.securedocs.com

Response headers

date: Thu, 11 Jun 2020 05:11:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 1763426
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Fri, 11 Jun 2021 05:11:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWJW48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 6373
date: Wed, 01 Jul 2020 13:15:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Wed, 01 Jul 2020 15:15:37 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 68ms
68ms Script
text/javascript 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWJW48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

6d7477548d212c307b2637c64c2e504e65f5ca9d3b77a8ac3616afff75a8b96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 01 Jul 2020 15:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11096
x-xss-protection: 0
server: cafe
etag: 10053623745966112319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Jul 2020 15:01:50 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 35 KB
12 KB 187ms
61ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWJW48
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 25172c7c6eff519a281b45a8e97d2d3e86944ddf7185be231ce4e3a0af53dde5

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: qRFW6M.nWsOA.yLfhV13zwXaRgQ.yvFq
Content-Encoding: gzip
ETag: "cc079f74be32659ae39bb0a399ae6f9c"
x-amz-request-id: 58F136859A41BD4A
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 11133
x-amz-id-2: U9F222xpnVdnzAYfCxvdRUwkSW5t/ynH/kMkQ94ZvYaNO8IchybcKYFx3PUfmIn4a0jyf9xZRV0=
Last-Modified: Mon, 22 Jun 2020 15:40:15 GMT
Server: AmazonS3
Date: Wed, 01 Jul 2020 15:01:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 ungutm9cpz6k.js Show response
js.driftt.com/include/1593615900000/ 137 KB
45 KB 491ms
242ms Script
application/javascript 13.224.102.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1593615900000/ungutm9cpz6k.js

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.102.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-102-77.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

3d9af77a612115a65dba065ed0057a837971c78db097cd7fc8f1ab9c98e2543c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 01 Jul 2020 15:01:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: ZRH50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 23 Jun 2020 20:24:24 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
cache-control: max-age=10
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VevtEMpR3YP2UUMfwumczPsFTMn8JjbO6oygWCs5d9X_gsjLRr7Kug==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1400563697&t=pageview&_s=1&dl=https%3A%2F%2Flogin.securedocs.com%2Fusers%2Fsign_in&ul=en-us&de=UTF-8&dt=SecureDocs%20Inc.%20Login&sd=24-bit&s...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29552594-1&cid=307231437.1593615711&jid=961544891&_gid=972685190.1593615711&gjid=1819853324&_v=j83&z=1424664875
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29552594-1&cid=307231437.1593615711&jid=961544891&_v=j83&z=1424664875
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29552594-1&cid=307231437.1593615711&jid=961544891&_v=j83&z=1424664875&slf_rd=1&random=1162092367

42 B
106 B

17ms
17ms

Image
image/gif

2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29552594-1&cid=307231437.1593615711&jid=961544891&_v=j83&z=1424664875&slf_rd=1&random=1162092367

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jul 2020 15:01:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Jul 2020 15:01:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29552594-1&cid=307231437.1593615711&jid=961544891&_v=j83&z=1424664875&slf_rd=1&random=1162092367
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/979595858/ 2 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979595858/?random=1593615710954&cv=9&fst=1593615710954&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Flogin.securedocs.com%2Fusers%2Fsign_in&tiba=SecureDocs%20Inc.%20Login&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7444eda7035936bec0d47c8cf4759880e9cd40d57e593c4e2fe818eb969f913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jul 2020 15:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1004
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/979595858/ 42 B
123 B 26ms
25ms Image
image/gif 2a00:1450:4001:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/979595858/?random=1593615710954&cv=9&fst=1593615600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6o0&sendb=1&frm=0&url=https%3A%2F%2Flogin.securedocs.com%2Fusers%2Fsign_in&tiba=SecureDocs%20Inc.%20Login&async=1&fmt=3&is_vtc=1&random=1567277457&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jul 2020 15:01:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/979595858/ 42 B
107 B 20ms
20ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/979595858/?random=1593615710954&cv=9&fst=1593615600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6o0&sendb=1&frm=0&url=https%3A%2F%2Flogin.securedocs.com%2Fusers%2Fsign_in&tiba=SecureDocs%20Inc.%20Login&async=1&fmt=3&is_vtc=1&random=1567277457&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jul 2020 15:01:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/HFPZZX3GXRGZTISQ2DP3OA/ 38 B
757 B 65ms
64ms Script
application/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/HFPZZX3GXRGZTISQ2DP3OA/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3df00a08f45cc1168d3acf108e4d6af4fbba516ac25b375074d3573506f7743f

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 9SfszV3KkNbFvY99YHF7OsikInSAI29T
Content-Encoding: gzip
ETag: "4a0397fea136aeaacbd2de2b529cea9f"
x-amz-request-id: B139E4EEBBCC04CD
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 58
x-amz-id-2: ml4VniwFd7spqKxzV37vgd4qeXg9rRbrUm85FW66R4g2hnrVaOoeVTDsE3znue3UTgITxfZsJME=
Last-Modified: Mon, 22 Jun 2020 19:38:49 GMT
Server: AmazonS3
Date: Wed, 01 Jul 2020 15:01:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/HFPZZX3GXRGZTISQ2DP3OA/GPLYKDEGW5HL7KRB6CRC3L/ 0
773 B 220ms
155ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/HFPZZX3GXRGZTISQ2DP3OA/GPLYKDEGW5HL7KRB6CRC3L/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ULC.XesyIE5SxRKqhBfRlZ_9r_k0OxQn
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: 8A78835F9139AA8F
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: anaA0HmEPfwY96hvtzWJbL3daadb/agFUiiYJCrki5Xw4PN5eXcUxek1QphLYx2yruu5lAqLdsw=
Last-Modified: Tue, 30 Jun 2020 14:50:29 GMT
Server: AmazonS3
Date: Wed, 01 Jul 2020 15:01:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/HFPZZX3GXRGZTISQ2DP3OA/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/HFPZZX3GXRGZTISQ2DP3OA?_s=13396acb13842c561170e96b2358e2d9&_b=2
https://d.adroll.com/consent/check/HFPZZX3GXRGZTISQ2DP3OA/?_s=13396acb13842c561170e96b2358e2d9&_b=2

378 B
470 B

71ms
69ms

Script
application/javascript

52.30.34.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/HFPZZX3GXRGZTISQ2DP3OA/?_s=13396acb13842c561170e96b2358e2d9&_b=2
Requested by: Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.34.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-34-11.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: d5051b45281fbd148eb127094f73beb85138428f4130a1e3104468c91b96528c

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 01 Jul 2020 15:01:51 GMT
server: nginx/1.16.1
content-length: 378
content-type: application/javascript

Redirect headers

status: 302
date: Wed, 01 Jul 2020 15:01:51 GMT
server: nginx/1.16.1
content-length: 105
location: https://d.adroll.com/consent/check/HFPZZX3GXRGZTISQ2DP3OA/?_s=13396acb13842c561170e96b2358e2d9&_b=2

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.5.2/ 61 KB
18 KB 19ms
19ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.5.2/rollbar.min.js

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/assets/application-8753b279cfd2b7c7c5b86b581008b7b7a62ec0385dcd0272919663af423f0cf0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75f09cdb1afc52188793ccef9e5e2f4d639b5005d6c8fc95ebed8c8c1abc5289

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://login.securedocs.com/
Origin: https://login.securedocs.com

Response headers

date: Wed, 01 Jul 2020 15:01:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 21109934
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03ac7f152c0000178a6a844200000001
served-in-seconds: 0.003
timing-allow-origin: *
last-modified: Wed, 23 Jan 2019 02:30:51 GMT
server: cloudflare
etag: W/"5c47d1db-f5fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5ac101351e38178a-FRA
expires: Mon, 21 Jun 2021 15:01:51 GMT

GET
H/1.1 200
OK 57eea6743a12769f070000e8.js Show response
tag.marinsm.com/serve/ 13 KB
5 KB 186ms
59ms Script
text/javascript 151.101.112.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.marinsm.com/serve/57eea6743a12769f070000e8.js

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.65 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

fc28b1b000c8fc2c55a48df8b34d5a6b5703a9d64bbd241efc794fb4e3de916d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 01 Jul 2020 15:01:51 GMT
Via: 1.1 vegur, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 1709
X-Cache: HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4198
X-Served-By: cache-hhn4024-HHN
Server: Cowboy
X-Timer: S1593615712.893596,VS0,VE1
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 133 KB
33 KB 9ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tag.marinsm.com
URL: https://tag.marinsm.com/serve/57eea6743a12769f070000e8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73d764e56e8727bfd3de86dbe1c52f5105b4d6d0c41dbf91565e719e7cd74aed

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34036
x-xss-protection: 0
pragma: public
x-fb-debug: EVXace85lLbGZaCSMDIgemRQycOkC1KZcek5VkslHYBrTbLFE1/UFJjNpobeHHqO2eaqN3apxAs/3whFBR3geA==
x-fb-trip-id: 1781455057
x-frame-options: DENY
date: Wed, 01 Jul 2020 15:01:51 GMT, Wed, 01 Jul 2020 15:01:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=65989&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=65989&source=js_tag

118 B
447 B

70ms
70ms

Script
text/javascript

52.51.60.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=65989&source=js_tag
Requested by: Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.60.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-60-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4a08f4fc4221c7dd5d79b992ca442184599e7c57028d8c1622304abcd16f26c5

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 118
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=65989&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 505021693169848 Show response
connect.facebook.net/signals/config/ 521 KB
131 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/505021693169848?v=2.9.21&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b43408921662975c5a113c7db8d9e9a5758d6ec1340a8f66e498f61f2feb37dd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 134447
x-xss-protection: 0
pragma: public
x-fb-debug: qYitL0lsZW7aLg/HI3y0taYi58qgkhTcvH7bulHMHyxZp6SygVKRGaJPMrB9La8ksjvLwKmnSHQ1IcLR3fTOJg==
x-fb-trip-id: 1781455057
x-frame-options: DENY
date: Wed, 01 Jul 2020 15:01:51 GMT, Wed, 01 Jul 2020 15:01:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
264 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=505021693169848&ev=PageView&dl=https%3A%2F%2Flogin.securedocs.com%2Fusers%2Fsign_in&rl=&if=false&ts=1593615712007&sw=1600&sh=1200&v=2.9.21&r=stable&ec=0&o=30&fbp=fb.1.1593615712006.49478597&it=1593615711953&coo=false&rqm=GET

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 01 Jul 2020 15:01:52 GMT, Wed, 01 Jul 2020 15:01:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Jul 2020 15:01:52 GMT

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_QRaql8joCmljH2wsH

43 B
573 B

313ms
199ms

Image
image/gif

104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_QRaql8joCmljH2wsH

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 01 Jul 2020 15:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 141
pragma: no-cache
last-modified: Wed, 01 Jul 2020 15:01:52 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: b9db8f43f1e194deea29b74321f1e5d7
x-transaction: 000309ad00c9889a
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_QRaql8joCmljH2wsH
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=crw
https://cw.addthis.com/t.gif?pid=37&pidt=0&pdid=pa_QRaql8joCmljH2wsH&cu=https%3A%2F%2Fpixel.prfct.co%2Fcb%3FpartnerId%3Dcrw
https://pixel.prfct.co/cb?partnerId=crw

43 B
365 B

574ms
141ms

Image
image/gif

52.23.94.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.prfct.co/cb?partnerId=crw
Requested by: Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.23.94.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-94-221.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

status: 302
pragma: no-cache
date: Wed, 01 Jul 2020 15:01:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
location: https://pixel.prfct.co/cb?partnerId=crw
expires: Wed, 01 Jul 2020 15:01:52 GMT

GET
H/1.1

200
OK

cb
pixel.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_QRaql8joCmljH2wsH&sigv=1&esig=2~1c487192c0905b9be9660ce14fd039247f72c521
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_QRaql8joCmljH2wsH

43 B
460 B

621ms
134ms

Image
image/gif

52.23.94.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_QRaql8joCmljH2wsH
Requested by: Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.23.94.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-94-221.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

date: Wed, 01 Jul 2020 15:01:52 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
status: 302
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_QRaql8joCmljH2wsH
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_QRaql8joCmljH2wsH

43 B
180 B

63ms
62ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_QRaql8joCmljH2wsH
Requested by: Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jul 2020 15:01:52 GMT
via: 1.1 google
server: OXGW/16.188.2
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_QRaql8joCmljH2wsH
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_QRaql8joCmljH2wsH

0
239 B

61ms
60ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_QRaql8joCmljH2wsH
Requested by: Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_QRaql8joCmljH2wsH
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfUVJhcWw4am9DbWxqSDJ3c0g
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

68ms
67ms

Image
image/gif

52.51.60.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by: Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.60.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-60-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 01 Jul 2020 15:01:52 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 401ms
400ms Image
image/gif 52.51.60.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=8380938,7027629,6541892&source=js_tag&a_id=65989
Requested by: Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.60.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-60-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 tr
www.facebook.com/ 44 B
106 B 9ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=505021693169848&ev=ViewContent&cd[rtb_id]=6541892&noscript=1

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 01 Jul 2020 15:01:52 GMT, Wed, 01 Jul 2020 15:01:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Jul 2020 15:01:52 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=6541892
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D6541892

43 B
1 KB

102ms
55ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D6541892

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Jul 2020 15:01:54 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.113:80
AN-X-Request-Uuid: 65d55f70-1a22-441b-a27f-04ffb3859def
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Jul 2020 15:01:54 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.238:80
AN-X-Request-Uuid: c29532dd-e96f-4290-a68f-52655c186d22
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D6541892
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 tr
www.facebook.com/ 44 B
106 B 10ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=505021693169848&ev=ViewContent&cd[rtb_id]=7027629&noscript=1

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 01 Jul 2020 15:01:52 GMT, Wed, 01 Jul 2020 15:01:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Jul 2020 15:01:52 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=7027629
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D7027629

43 B
1 KB

63ms
63ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D7027629

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Jul 2020 15:01:54 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.240:80
AN-X-Request-Uuid: efd76c12-5796-4885-bd1b-7d683f23f66c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Jul 2020 15:01:54 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.12:80
AN-X-Request-Uuid: 81511353-02eb-41aa-81fd-7b569ba614c6
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D7027629
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 tr
www.facebook.com/ 44 B
106 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=505021693169848&ev=ViewContent&cd[rtb_id]=8380938&noscript=1

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 01 Jul 2020 15:01:52 GMT, Wed, 01 Jul 2020 15:01:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Jul 2020 15:01:52 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=8380938
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D8380938

43 B
1 KB

57ms
56ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D8380938

Requested by

Host: login.securedocs.com
URL: https://login.securedocs.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Jul 2020 15:01:54 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.197:80
AN-X-Request-Uuid: 3b2331bc-04e0-4e86-b881-4e508cb75936
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Jul 2020 15:01:54 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.39:80
AN-X-Request-Uuid: 41b67a63-d0c0-47fa-9865-90e42dfff120
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D8380938
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 index.html
js.driftt.com/deploy/assets/ Frame 4B9C 0
0 126ms
126ms Document
text/html 13.224.102.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1593615900000/ungutm9cpz6k.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.102.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-102-77.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login.securedocs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://login.securedocs.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 894
server: nginx
last-modified: Tue, 23 Jun 2020 20:24:24 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Jul 2020 15:01:53 GMT
etag: "920cf78ffbbdf168516c2d4ce0a4eeac"
cache-control: max-age=10
x-cache: Hit from cloudfront
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: c02jrvMhA_6e25ddlqLa27jcAIKwT4i-bawvQOUX_vh-cNYMsk5mjg==

GET
H2 200 /
www.facebook.com/tr/ 44 B
152 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=505021693169848&ev=Microdata&dl=https%3A%2F%2Flogin.securedocs.com%2Fusers%2Fsign_in&rl=&if=false&ts=1593615713511&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SecureDocs%20Inc.%20Login%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.21&r=stable&ec=1&o=30&fbp=fb.1.1593615712006.49478597&it=1593615711953&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.securedocs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 01 Jul 2020 15:01:53 GMT, Wed, 01 Jul 2020 15:01:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Jul 2020 15:01:53 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.securedocs.com/	1970-01-19 12:49:51	Name: _fbp Value: fb.1.1593615712006.49478597
login.securedocs.com/	1970-01-20 04:11:27	Name: driftt_aid Value: 2ebbdec8-9cd4-4bf2-8f14-f77cfbf9feb3
.login.securedocs.com/	1970-01-19 10:40:15	Name: _gat_UA-29552594-1 Value: 1
.login.securedocs.com/	1970-01-19 10:41:42	Name: _gid Value: GA1.3.972685190.1593615711
.login.securedocs.com/	1970-01-20 04:11:27	Name: _ga Value: GA1.3.307231437.1593615711
login.securedocs.com/	1969-12-31 23:59:59	Name: _sso_session_v3 Value: gYLYp9vrzV3Qud5JkNCyqwHB5jR%2FpcWoV6dgCoJawMqF8wrP7LOaqZkZaX%2BCJQMVe0zrNLCcasxFY2FTsfF9Xzyq%2Fk1aRrbr9nWU%2FehIBv7ctXg9Yf6gja2pmE6iNkydeQWei9yAgH4yoRi1oH1u%2BZwjr%2FuS%2BiVeTl8ngeTzTxtxQyYwm%2Ba%2FW5qecnyZW4JjObYsgQzVWSN3eODZn7lY%2Bwc%3D--A38zYFg5mk1z1oBf--fuvvbqkWYTk4Y10Yw6xihw%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
altasciences.securedocs.com
analytics.twitter.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
cw.addthis.com
d.adroll.com
d.adroll.mgr.consensu.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.driftt.com
login.securedocs.com
pixel-geo.prfct.co
pixel.prfct.co
pixel.rubiconproject.com
s.adroll.com
secure.adnxs.com
stats.g.doubleclick.net
tag.marinsm.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.244.42.195
13.224.102.77
151.101.112.65
172.217.16.130
172.217.22.34
23.210.248.216
23.210.248.44
2606:4700::6810:85e5
2a00:1288:f03d:1fa::4000
2a00:1450:4001:808::2002
2a00:1450:4001:809::200e
2a00:1450:4001:818::2003
2a00:1450:4001:81f::2003
2a00:1450:4001:821::2004
2a00:1450:4001:824::2008
2a00:1450:4001:824::200a
2a00:1450:400c:c07::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.197.141.86
35.244.159.8
37.252.173.27
52.23.94.221
52.30.34.11
52.51.60.151
69.173.144.165
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2265e200507b1207ec22eb06405cfd80e433e6de7665ae9c7f9ef61c375a78cd
25172c7c6eff519a281b45a8e97d2d3e86944ddf7185be231ce4e3a0af53dde5
3bb39058644d15edbf323a9f341c697fec555d2bc6dee58971b3daad3bb6d6c4
3d9af77a612115a65dba065ed0057a837971c78db097cd7fc8f1ab9c98e2543c
3df00a08f45cc1168d3acf108e4d6af4fbba516ac25b375074d3573506f7743f
4a08f4fc4221c7dd5d79b992ca442184599e7c57028d8c1622304abcd16f26c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6064a83b24ac2f7b85bcb0565c89ef157be30b3d3805863b8941b91af2c8d45c
6d7477548d212c307b2637c64c2e504e65f5ca9d3b77a8ac3616afff75a8b96e
73d764e56e8727bfd3de86dbe1c52f5105b4d6d0c41dbf91565e719e7cd74aed
75f09cdb1afc52188793ccef9e5e2f4d639b5005d6c8fc95ebed8c8c1abc5289
8753b279cfd2b7c7c5b86b581008b7b7a62ec0385dcd0272919663af423f0cf0
8a8b3553d27d464014cb8445e8d5820e4c102282b24af81a12809866d71c7c79
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b43408921662975c5a113c7db8d9e9a5758d6ec1340a8f66e498f61f2feb37dd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
ccac37ecb04b67f169e67e5c3092c9dc39e28846267b064cab610bef8705707e
d5051b45281fbd148eb127094f73beb85138428f4130a1e3104468c91b96528c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7444eda7035936bec0d47c8cf4759880e9cd40d57e593c4e2fe818eb969f913
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00bd2ad35119717d6f67a402c1316cb87a65d0b71e9a2785f0f98dd030b5fd7
f0e0f61168eefe4fb42a881b9a22924a37a38feaf2a6d9fb3567e7b286ba97c9
fc28b1b000c8fc2c55a48df8b34d5a6b5703a9d64bbd241efc794fb4e3de916d
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

login.securedocs.com Open in urlscan Pro 34.197.141.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

46 %IPv6

23 Domains

28 Subdomains

23 IPs

7 Countries

1140 kBTransfer

2940 kBSize

6 Cookies

4 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

login.securedocs.com Open in urlscan Pro
34.197.141.86 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

46 %
IPv6

23
Domains

28
Subdomains

23
IPs

7
Countries

1140 kB
Transfer

2940 kB
Size

6
Cookies

42 HTTP transactions
1 data transactions