www.exim.gov Open in urlscan Pro
44.195.201.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.email.nam.org/?qs=8b6aff6368febb3cd273d79e5353df70f477c0784ef06ea4a0071e712935c19dee6ed6b205eef3acdc154e0baecc...
Effective URL:
https://www.exim.gov/events?utm_source=328725&utm_medium=email
Submission: On November 11 via api (November 11th 2022, 5:12:54 pm UTC) from US — Scanned from DE

Summary HTTP 53 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 23 domains to perform 53 HTTP transactions. The main IP is 44.195.201.52, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.exim.gov. The Cisco Umbrella rank of the primary domain is 442210.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on April 19th 2022. Valid for: a year.

This is the only time www.exim.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.180.32 13.111.180.32	22606 (EXACT-7) (EXACT-7)
5	44.195.201.52 44.195.201.52	14618 (AMAZON-AES) (AMAZON-AES)
7	2600:9000:236... 2600:9000:236e:6e00:16:8d40:9c40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7ecb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.222.214.118 52.222.214.118	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:73b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
53	23

1 13.111.180.32 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.email.nam.org

click.email.nam.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.195.201.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-201-52.compute-1.amazonaws.com

www.exim.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:236e:6e00:16:8d40:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

img.exim.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ecb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-118.fra56.r.cloudfront.net

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	exim.gov www.exim.gov — Cisco Umbrella Rank: 442210 img.exim.gov	980 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 355 www.linkedin.com — Cisco Umbrella Rank: 576 px4.ads.linkedin.com — Cisco Umbrella Rank: 6256	3 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	233 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	125 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 376	12 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5922	629 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	629 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	3 KB
3	gstatic.com fonts.gstatic.com	68 KB
2	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2248 forms.hubspot.com — Cisco Umbrella Rank: 3126	2 KB
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1409	374 B
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 716	9 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	68 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3333	878 B
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4126	88 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2157	16 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3160	3 KB
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 7847	890 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2144	21 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 160	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	2 KB
1	nam.org 1 redirects click.email.nam.org — Cisco Umbrella Rank: 349736	237 B
53	23

	Domain	Requested by
7	img.exim.gov	www.exim.gov
5	www.exim.gov	img.exim.gov
4	www.facebook.com	www.exim.gov
4	connect.facebook.net	www.exim.gov connect.facebook.net
3	bat.bing.com	www.exim.gov bat.bing.com
3	www.google.de	www.exim.gov
3	www.google.com	www.exim.gov
3	fonts.gstatic.com	fonts.googleapis.com
2	px.ads.linkedin.com	2 redirects
2	cdn.linkedin.oribi.io	snap.licdn.com
2	snap.licdn.com	www.exim.gov js.hsadspixel.net
2	googleads.g.doubleclick.net	www.googleadservices.com www.googletagmanager.com
2	www.google-analytics.com	www.exim.gov www.google-analytics.com
1	www.googletagmanager.com	js.hsadspixel.net
1	forms.hubspot.com	js.hsleadflows.net
1	api.hubapi.com	js.hsadspixel.net
1	js.hsleadflows.net	js-na1.hs-scripts.com
1	js.hs-banner.com	js-na1.hs-scripts.com
1	js.hsadspixel.net	js-na1.hs-scripts.com
1	track.hubspot.com
1	js-na1.hs-scripts.com	js.hs-analytics.net
1	px4.ads.linkedin.com	www.exim.gov
1	www.linkedin.com	1 redirects
1	js.hs-analytics.net	www.exim.gov
1	www.googleadservices.com	www.exim.gov
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	www.exim.gov
1	click.email.nam.org	1 redirects
53	28

This site contains links to these domains. Also see Links.

Domain
eximonline.exim.gov
elms.exim.gov
etod.inquisiqlms.com
grow.exim.gov
www.linkedin.com
www.youtube.com
www.facebook.com
www.instagram.com
twitter.com
events.tvworldwide.com
sba.gov
trade.gov
usa.gov
www.sba.gov
whitehouse.gov
img.exim.gov

Subject Issuer	Validity	Valid
Sectigo RSA Organization Validation Secure Server CA	`2022-04-19` - `2023-04-19`	a year	crt.sh
img.exim.gov Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-21` - `2022-11-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-13` - `2023-06-13`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.exim.gov/events?utm_source=328725&utm_medium=email
Frame ID: 7BCBEC099ADFF45D49E3363B8CB011D8
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Events | EXIM.GOV

Page URL History Show full URLs

https://click.email.nam.org/?qs=8b6aff6368febb3cd273d79e5353df70f477c0784ef06ea4a0071e712935c19dee6ed6b2... HTTP 302
https://www.exim.gov/events?utm_source=328725&utm_medium=email Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

53
Requests

98 %
HTTPS

80 %
IPv6

23
Domains

28
Subdomains

23
IPs

3
Countries

1438 kB
Transfer

2845 kB
Size

23
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://eximonline.exim.gov/apps/bap
Title: EXIM Online

Search URL Search Domain Scan URL

URL: https://eximonline.exim.gov/
Title: Letter of Interest

Search URL Search Domain Scan URL

URL: https://elms.exim.gov/
Title: ELMS

Search URL Search Domain Scan URL

URL: https://etod.inquisiqlms.com/Default.aspx
Title: Training on Demand

Search URL Search Domain Scan URL

URL: https://grow.exim.gov/customer-success?utm_source=eximdotgovnav
Title: Success Stories

Search URL Search Domain Scan URL

URL: https://grow.exim.gov/blog
Title: Export Finance Solutions Blog

Search URL Search Domain Scan URL

URL: https://grow.exim.gov/consultationrequest?utm_source=eximdotgovnav
Title: Request a Consultation

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/eximbankus

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/EximBankofUS

Search URL Search Domain Scan URL

URL: https://www.facebook.com/eximbankus/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/eximbankus/

Search URL Search Domain Scan URL

URL: https://twitter.com/eximbankus

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLpDj5ohdwYcvhl4sBYge2brQA0QeOizae
Title: 2021

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLpDj5ohdwYctbsdijjEq8DOZSzST63XtO
Title: 2020

Search URL Search Domain Scan URL

URL: https://events.tvworldwide.com/EXIM/2019
Title: 2019

Search URL Search Domain Scan URL

URL: http://events.tvworldwide.com/Events/EXIM-Event/2018
Title: 2018

Search URL Search Domain Scan URL

URL: http://events.tvworldwide.com/Events/EXIM/2017
Title: 2017

Search URL Search Domain Scan URL

URL: http://events.tvworldwide.com/Events/EXIMEvent/2016.aspx
Title: 2016

Search URL Search Domain Scan URL

URL: http://events.tvworldwide.com/Events/EximEvent/150423.aspx
Title: 2015

Search URL Search Domain Scan URL

URL: http://events.tvworldwide.com/Events/EximEvent/140424.aspx
Title: 2014

Search URL Search Domain Scan URL

URL: http://events.tvworldwide.com/Events/EximEvent/ExImEvent130404.aspx?VID=EXIM/130404_EXIM_0845_HD.flv&Cap=EXIM/130404_EXIM_0845.xml
Title: 2013

Search URL Search Domain Scan URL

URL: http://events.tvworldwide.com/Events/EximEvent/ExImEvent120412.aspx
Title: 2012

Search URL Search Domain Scan URL

URL: http://events.tvworldwide.com/Events/EximEvent.aspx
Title: 2011

Search URL Search Domain Scan URL

URL: https://sba.gov/
Title: SBA | Small Business Administration

Search URL Search Domain Scan URL

URL: https://trade.gov/
Title: Trade.gov

Search URL Search Domain Scan URL

URL: https://usa.gov/
Title: USA.gov

Search URL Search Domain Scan URL

URL: https://www.sba.gov/local-assistance/export-trade-assistance/us-export-assistance-centers
Title: U.S. Export Assistance Centers

Search URL Search Domain Scan URL

URL: https://usa.gov/business
Title: USA Small Business

Search URL Search Domain Scan URL

URL: https://whitehouse.gov/
Title: White House

Search URL Search Domain Scan URL

URL: https://img.exim.gov/s3fs-public/documents/Affirmative%20Action%20Plan%20-%202020.pdf
Title: EXIM Affirmative Action Plan 2021

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.email.nam.org/?qs=8b6aff6368febb3cd273d79e5353df70f477c0784ef06ea4a0071e712935c19dee6ed6b205eef3acdc154e0baeccfcbe2edbb3ab166d7d866dae83722e7543e2 HTTP 302
https://www.exim.gov/events?utm_source=328725&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=689297&time=1668186768532&url=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D689297%26time%3D1668186768532%26url%3Dhttps%253A%252F%252Fwww.exim.gov%252Fevents%253Futm_source%253D328725%2526utm_medium%253Demail%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=689297&time=1668186768532&url=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=689297&time=1668186768532&url=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&liSync=true&e_ipv6=AQIahD-Vm0gwGAAAAYRnrgZ09ZsipR9KLAPoYyw_O3M2AOPsb6ZcegCY_bGk3_x8OT3P9Fosuw

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request events Show response
www.exim.gov/
Redirect Chain

https://click.email.nam.org/?qs=8b6aff6368febb3cd273d79e5353df70f477c0784ef06ea4a0071e712935c19dee6ed6b205eef3acdc154e0baeccfcbe2edbb3ab166d7d866dae83722e7543e2
https://www.exim.gov/events?utm_source=328725&utm_medium=email

523 KB
524 KB

1960ms
1698ms

Document
text/html

44.195.201.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.195.201.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-195-201-52.compute-1.amazonaws.com

Software

Apache /

Resource Hash

ceacf03f285b4ed02a3da60f2df366c7870aa2b20bde658088661bfb928ff71a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN ALLOW-FROM https://research.exim.gov/

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, no-cache, private
content-language: en
content-type: text/html; charset=UTF-8
date: Fri, 11 Nov 2022 17:12:31 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
link: <http://www.exim.gov/events>; rel="canonical", <http://www.exim.gov/node/5522>; rel="shortlink"
permissions-policy: interest-cohort=()
server: Apache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN ALLOW-FROM https://research.exim.gov/
x-ua-compatible: IE=edge

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 183
Content-Type: text/html; charset=utf-8
Date: Fri, 11 Nov 2022 17:12:28 GMT
Location: https://www.exim.gov/events?utm_source=328725&utm_medium=email

GET
H2 200 css_vlAhvDhwMZAs6Ec009RWWsH0lPII3BhR3YY79sfXZLo.css
img.exim.gov/s3fs-public/css/ 35 KB
6 KB 497ms
424ms Stylesheet
text/css 2600:9000:236e:6e00:16:8d40:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.exim.gov/s3fs-public/css/css_vlAhvDhwMZAs6Ec009RWWsH0lPII3BhR3YY79sfXZLo.css?VersionId=xTzwgkjrywzUH5lmIc1I2BNzfnQp6_ad

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:6e00:16:8d40:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

be5021bc387031902ce84734d3d4565ac1f494f208dc1851dd863bf6c7d764ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: xTzwgkjrywzUH5lmIc1I2BNzfnQp6_ad
content-encoding: gzip
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
date: Fri, 11 Nov 2022 17:12:33 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P1
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 08 Nov 2022 21:44:19 GMT
server: AmazonS3
etag: W/"c3cc03d04f0dbead91532c24ddb1085e"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=300
x-amz-cf-id: aF0h0wiABtzvlnjzK1nGatNoXxvh4BvifMMv6LVfWwg8KIdhK7S0cQ==

GET
H2 200 css_mt1bojd1nZyjWOaR61Y7JMS_q9dXm9xecMEr4pLWPOo.css
img.exim.gov/s3fs-public/css/ 2 KB
1 KB 482ms
409ms Stylesheet
text/css 2600:9000:236e:6e00:16:8d40:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.exim.gov/s3fs-public/css/css_mt1bojd1nZyjWOaR61Y7JMS_q9dXm9xecMEr4pLWPOo.css?VersionId=rh6nuZkkBA.uAQw2OofN_NLPK2C5NDh0

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:6e00:16:8d40:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9add5ba237759d9ca358e691eb563b24c4bfabd7579bdc5e70c12be292d63cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: rh6nuZkkBA.uAQw2OofN_NLPK2C5NDh0
content-encoding: br
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
date: Fri, 11 Nov 2022 17:12:33 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P1
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 Oct 2022 13:12:53 GMT
server: AmazonS3
etag: W/"5b9c095c8163ac9c4229bf704d9f0727"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=300
x-amz-cf-id: JiPqCeq8dIgQymbfDzEPctvNFXobBYLGt0AKgBdkEUlq1JMsc4-byg==

GET
H2 200 css2
fonts.googleapis.com/ 30 KB
2 KB 103ms
28ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&family=Titillium+Web:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700&display=swap

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

88143acb3fee6500cd7f8c85a470bbb5a487ec2791286dad832b3449c6c8a3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 11 Nov 2022 17:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 17:12:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Nov 2022 17:12:31 GMT

GET
H2 200 css_PB8BXXjElFLqNqjt1FWWxN2wP6oSAd1EKirb5DITtHU.css
img.exim.gov/s3fs-public/css/ 210 KB
31 KB 489ms
417ms Stylesheet
text/css 2600:9000:236e:6e00:16:8d40:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.exim.gov/s3fs-public/css/css_PB8BXXjElFLqNqjt1FWWxN2wP6oSAd1EKirb5DITtHU.css?VersionId=j2JJvqk..EOaQzGHn1YXYc8qPdbHNSK6

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:6e00:16:8d40:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3c1f015d78c49452ea36a8edd45596c4ddb03faa1201dd442a2adbe43213b475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: j2JJvqk..EOaQzGHn1YXYc8qPdbHNSK6
content-encoding: br
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
date: Fri, 11 Nov 2022 17:12:33 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P1
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 27 Oct 2022 19:50:24 GMT
server: AmazonS3
etag: W/"f2a76578df94cce18fc1f9679fe142a6"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=300
x-amz-cf-id: aVZULsd61jVgLFXVQcNVZJyT3LE7AfB9jUSEitjZYKp8n7COZYoygQ==

GET
H2 200 js_Rkg1ldumYlyniVpSwQouibl8grQ5vmqlULFg9whEHIM.js Show response
img.exim.gov/s3fs-public/js/ 123 B
690 B 502ms
430ms Script
application/javascript 2600:9000:236e:6e00:16:8d40:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.exim.gov/s3fs-public/js/js_Rkg1ldumYlyniVpSwQouibl8grQ5vmqlULFg9whEHIM.js?VersionId=ec8fAohPsaos2_k_98ZDD8wwetxDIeJK

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:6e00:16:8d40:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

46483595dba6625ca7895a52c10a2e89b97c82b439be6aa550b160f708441c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: ec8fAohPsaos2_k_98ZDD8wwetxDIeJK
date: Fri, 11 Nov 2022 17:12:33 GMT
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P1
x-cache: RefreshHit from cloudfront
content-length: 123
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 Oct 2022 13:12:53 GMT
server: AmazonS3
etag: "87ff2bc90b0b41f7548cd93b2d36373a"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=300
accept-ranges: bytes
x-amz-cf-id: 4xZX2YT1Y5htL3r6LMGRn4sAvvLOBo_ppkzImEjagKsN6oDNfPBB0g==

GET
H2 200 css_OUmHyfiM0RUbbS9NXR2uX2KvfZ7Vxg8yUuj1kOWz4Zw.css
img.exim.gov/s3fs-public/css/ 5 KB
2 KB 410ms
410ms Stylesheet
text/css 2600:9000:236e:6e00:16:8d40:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.exim.gov/s3fs-public/css/css_OUmHyfiM0RUbbS9NXR2uX2KvfZ7Vxg8yUuj1kOWz4Zw.css?VersionId=cjC6swhNyYTzroUoJCbudH0.kX4cYdP3

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:6e00:16:8d40:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

394987c9f88cd1151b6d2f4d5d1dae5f62af7d9ed5c60f3252e8f590e5b3e19c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: cjC6swhNyYTzroUoJCbudH0.kX4cYdP3
content-encoding: br
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
date: Fri, 11 Nov 2022 17:12:33 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P1
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 Oct 2022 13:12:53 GMT
server: AmazonS3
etag: W/"1b89a20a594d7c909be3d1071b4f9a8f"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=300
x-amz-cf-id: vCsmuthLishY4v9cReCD8QS4IDzJSxWDjZux66UdYOO3soTq_OxnNg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
15ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 11 Nov 2022 15:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6463
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 11 Nov 2022 17:24:49 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 51ms
17ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 11 Nov 2022 17:12:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Xryz9LMsPOS4hqGVE6yMLazo5ZCpdcD3E0CW0LswEGa2F0XEiSwuoPhCPdl0BIVicgRHVNr9xMzLf6ZF5QEQ5A==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.jpg
img.exim.gov/s3fs-public/header-images/ 181 KB
181 KB 421ms
420ms Image
image/jpeg 2600:9000:236e:6e00:16:8d40:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.exim.gov/s3fs-public/header-images/events.jpg

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:6e00:16:8d40:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a2cdd79194bc9db17003f4e4ca7446165d151bae70c134dd8be70c7a39e0bea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 11 Nov 2022 17:12:33 GMT
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P1
x-cache: RefreshHit from cloudfront
content-length: 185028
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 15 Mar 2022 14:33:01 GMT
server: AmazonS3
etag: "f04b51ba19a9d1a2787087be03569d5f"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
x-amz-cf-id: f320WxYq4cwM5SWNdFs3yGXsy9PGlIv_jdWyQVR9Uz1W86pCxY0OPA==

GET
H2 200 logo.png
www.exim.gov/themes/custom/exim_gov/assets/images/branding/ 10 KB
10 KB 1190ms
1190ms Image
image/png 44.195.201.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.exim.gov/themes/custom/exim_gov/assets/images/branding/logo.png

Requested by

Host: img.exim.gov
URL: https://img.exim.gov/s3fs-public/css/css_PB8BXXjElFLqNqjt1FWWxN2wP6oSAd1EKirb5DITtHU.css?VersionId=j2JJvqk..EOaQzGHn1YXYc8qPdbHNSK6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.195.201.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-195-201-52.compute-1.amazonaws.com

Software

Apache /

Resource Hash

f3b2d426edfe9af0f22e44824cc96a3ed36ce2d7da3502a765e18479ddcf8207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://research.exim.gov/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 29 Oct 2021 21:33:24 GMT
server: Apache
etag: "276d-5cf8493b07100"
x-frame-options: ALLOW-FROM https://research.exim.gov/
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 10093
expires: Fri, 25 Nov 2022 17:12:32 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 58ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&family=Titillium+Web:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.exim.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 339718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 18:50:34 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 55ms
16ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.exim.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 23:57:20 GMT
x-content-type-options: nosniff
age: 321312
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11796
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:57:20 GMT

GET
H2 200 fa-solid-900.woff2
www.exim.gov/themes/custom/exim_gov/assets/fonts/ 76 KB
77 KB 1180ms
1179ms Font
font/woff2 44.195.201.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.exim.gov/themes/custom/exim_gov/assets/fonts/fa-solid-900.woff2

Requested by

Host: img.exim.gov
URL: https://img.exim.gov/s3fs-public/css/css_PB8BXXjElFLqNqjt1FWWxN2wP6oSAd1EKirb5DITtHU.css?VersionId=j2JJvqk..EOaQzGHn1YXYc8qPdbHNSK6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.195.201.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-195-201-52.compute-1.amazonaws.com

Software

Apache /

Resource Hash

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://research.exim.gov/

Request headers

Referer: https://img.exim.gov/
Origin: https://www.exim.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 28 Oct 2021 19:28:42 GMT
server: Apache
etag: "131bc-5cf6eb7e2ce80"
x-frame-options: ALLOW-FROM https://research.exim.gov/
content-type: font/woff2
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 78268
expires: Fri, 25 Nov 2022 17:12:32 GMT

GET
H2 200 605364439622333 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 215ms
214ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/605364439622333?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3412c46a917c38c43ba20a0ba1d1d5a25c407eec106f7b2b37ede22197cac981

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 11 Nov 2022 17:12:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 979Fklb8Szi9pUc/dtvWAg2BKNyCiDn8ulkhITv/6GkYiKL69SsCiSvjgbk0jRHmFStCro6U173pb6PxtNqXmQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
207 B 22ms
21ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1583873401&t=pageview&_s=1&dl=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=Events%20%7C%20EXIM.GOV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=67486055&gjid=1817818476&cid=123628693.1668186752&tid=UA-35443575-1&_gid=1708080900.1668186752&_r=1&_slc=1&z=817706544

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.exim.gov/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 17:12:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.exim.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 87ms
28ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35443575-1&cid=123628693.1668186752&jid=67486055&gjid=1817818476&_gid=1708080900.1668186752&_u=YEBAAEAAAAAAACAAI~&z=2039715107

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.exim.gov/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 11 Nov 2022 17:12:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.exim.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 100ms
55ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35443575-1&cid=123628693.1668186752&jid=67486055&_u=YEBAAEAAAAAAACAAI~&z=556942442

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 17:12:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 127ms
62ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35443575-1&cid=123628693.1668186752&jid=67486055&_u=YEBAAEAAAAAAACAAI~&z=556942442

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 17:12:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 308837200231972 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 53ms
53ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/308837200231972?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1d83c7a36cfcdf765a00dd15b2131eb0e96b7d85d1b178a2d693652210b36d8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 11 Nov 2022 17:12:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: FyJEmioOoyCB6h31xrwhcQj5m55XwLVfR80P7BQ9urxf0NYUzzO8Iv+BhTOO0xCoY6tOKsrpB91pcdM2SY61tA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 59ms
24ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=605364439622333&ev=PageView&dl=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&rl=&if=false&ts=1668186752579&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668186752578.533357605&it=1668186752303&coo=false&rqm=GET

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Nov 2022 17:12:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 exim-seal--footer.svg
www.exim.gov/themes/custom/exim_gov/assets/images/branding/ 29 KB
29 KB 1620ms
1619ms Image
image/svg+xml 44.195.201.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.exim.gov/themes/custom/exim_gov/assets/images/branding/exim-seal--footer.svg

Requested by

Host: img.exim.gov
URL: https://img.exim.gov/s3fs-public/css/css_PB8BXXjElFLqNqjt1FWWxN2wP6oSAd1EKirb5DITtHU.css?VersionId=j2JJvqk..EOaQzGHn1YXYc8qPdbHNSK6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.195.201.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-195-201-52.compute-1.amazonaws.com

Software

Apache /

Resource Hash

bd2c6988ed1901d7d96a9177459825dce8bf618849029ccceab6323efd2ce26b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://research.exim.gov/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 28 Oct 2021 20:42:02 GMT
server: Apache
etag: "73c5-5cf6fbe257a80"
x-frame-options: ALLOW-FROM https://research.exim.gov/
content-type: image/svg+xml
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 29637
expires: Fri, 25 Nov 2022 17:12:32 GMT

GET
H2 200 fa-brands-400.woff2
www.exim.gov/themes/custom/exim_gov/assets/fonts/ 75 KB
75 KB 1621ms
1620ms Font
font/woff2 44.195.201.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.exim.gov/themes/custom/exim_gov/assets/fonts/fa-brands-400.woff2

Requested by

Host: img.exim.gov
URL: https://img.exim.gov/s3fs-public/css/css_PB8BXXjElFLqNqjt1FWWxN2wP6oSAd1EKirb5DITtHU.css?VersionId=j2JJvqk..EOaQzGHn1YXYc8qPdbHNSK6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.195.201.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-195-201-52.compute-1.amazonaws.com

Software

Apache /

Resource Hash

8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://research.exim.gov/

Request headers

Referer: https://img.exim.gov/
Origin: https://www.exim.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 28 Oct 2021 19:28:42 GMT
server: Apache
etag: "12bc0-5cf6eb7e2ce80"
x-frame-options: ALLOW-FROM https://research.exim.gov/
content-type: font/woff2
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 76736
expires: Fri, 25 Nov 2022 17:12:32 GMT

GET
H3 200 NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 121ms
60ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.exim.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:30:13 GMT
x-content-type-options: nosniff
age: 164539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12136
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:39:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 19:30:13 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 35ms
16ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=308837200231972&ev=PageView&dl=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&rl=&if=false&ts=1668186752657&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1668186752578.533357605&it=1668186752303&coo=false&rqm=GET

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Nov 2022 17:12:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 18ms
17ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=605364439622333&ev=Microdata&dl=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&rl=&if=false&ts=1668186754087&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Events%20%7C%20EXIM.GOV%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1668186752578.533357605&it=1668186752303&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Nov 2022 17:12:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 js_9hHAjRJ-Ad65yiTM0L-Y967GWT3Koa-l-QyvoNx5WaM.js Show response
img.exim.gov/s3fs-public/js/ 128 KB
42 KB 410ms
410ms Script
application/javascript 2600:9000:236e:6e00:16:8d40:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.exim.gov/s3fs-public/js/js_9hHAjRJ-Ad65yiTM0L-Y967GWT3Koa-l-QyvoNx5WaM.js?VersionId=aVByKN_pu6D7UaOylqwsumpPcOEeflHl

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:6e00:16:8d40:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f611c08d127e01deb9ca24ccd0bf98f7aec6593dcaa1afa5f90cafa0dc7959a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: aVByKN_pu6D7UaOylqwsumpPcOEeflHl
content-encoding: gzip
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
date: Fri, 11 Nov 2022 17:12:49 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P1
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 Oct 2022 13:12:53 GMT
server: AmazonS3
etag: W/"76efa72b0fba496c4f83a581a751d6e2"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=300
x-amz-cf-id: GgY-2aJeqeT78ZHGVqGh7HOAFuwVEZOS8hv1cRijwGSWfxF2FxdU7A==

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 118ms
45ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

17bcafaa9b8aa4e9a351dd1fade8e49e63ab09fc2653f5b384bb05c8660ff765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16828
x-xss-protection: 0
server: cafe
etag: 8569919312416379547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 17:12:48 GMT

GET
H2 200 421983.js Show response
js.hs-analytics.net/analytics/1668186900000/ 65 KB
21 KB 221ms
177ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1668186900000/421983.js
Requested by: Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8147bbb2d5e3e482ca39de3c43fd2b42581ca9b9a98aa486a64e0a53eb52d3fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:48 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: MQ7Y8CEQKM09VF4V
x-amz-server-side-encryption: AES256
x-amz-id-2: n5RVkXzhTqqNZDRS3TwBOkVzhvPRWoijxokQ/7kOlDjEipqgsojpR08S1S5XQOhndT7FwSjApdw=
last-modified: Fri, 04 Nov 2022 20:22:50 GMT
server: cloudflare
etag: W/"891e4fbcd0b3f04aa27264f272a553a4"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7688a7a6f8809176-FRA
expires: Fri, 11 Nov 2022 17:17:48 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957439535/ 2 KB
2 KB 106ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957439535/?random=1668186768422&cv=9&fst=1668186768422&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&tiba=Events%20%7C%20EXIM.GOV&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6407d95046ffa7967030db32a1cbabcf271863304471c4d91fc5190caf94f298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 17:12:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 950
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 103ms
44ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 11 Nov 2022 17:12:48 GMT
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DB5E897123F843FCBBA77B3746BE4DD7 Ref B: FRAEDGE1217 Ref C: 2022-11-11T17:12:48Z
etag: "077538f81f4d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11421

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 100ms
31ms Script
application/x-javascript 2a02:26f0:480:f::213:7ecb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9549e9deeeab6d3a9f6ab1347e1b859fd5791cec82ff1a4175757c28b3df78e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:48 GMT
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 19:27:04 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=77424
accept-ranges: bytes
content-length: 4530

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/689297/domain/exim.gov/ 36 B
374 B 33ms
32ms XHR
application/json 52.222.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/689297/domain/exim.gov/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-118.fra56.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.exim.gov/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 16:52:19 GMT
content-encoding: gzip
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1229
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: qTveeqWX139u6pa2smbbcvN5G_UI4tEhuhAbCek34ATEuSrweDUqqg==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=689297&time=1668186768532&url=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D689297%26time%3D1668186768532%26url%3Dhttps%253A%252F%252Fwww.exim.gov%252Fevents...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=689297&time=1668186768532&url=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=689297&time=1668186768532&url=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&liSync=true&e_ipv6=AQIahD-Vm0gwGAAAA...

0
263 B

545ms
188ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=689297&time=1668186768532&url=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&liSync=true&e_ipv6=AQIahD-Vm0gwGAAAAYRnrgZ09ZsipR9KLAPoYyw_O3M2AOPsb6ZcegCY_bGk3_x8OT3P9Fosuw
Requested by: Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:49 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 0A695F3491054F88A8872C22E1BF94FE Ref B: FRAEDGE1511 Ref C: 2022-11-11T17:12:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXtNP/RBQSpssvRhog5LQ==

Redirect headers

date: Fri, 11 Nov 2022 17:12:48 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 0ED07DF6296D4A5EA57D6BFB064364FD Ref B: FRAEDGE1514 Ref C: 2022-11-11T17:12:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=689297&time=1668186768532&url=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&liSync=true&e_ipv6=AQIahD-Vm0gwGAAAAYRnrgZ09ZsipR9KLAPoYyw_O3M2AOPsb6ZcegCY_bGk3_x8OT3P9Fosuw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXtNP/JCL2vq0jm+B2fSQ==

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/689297/domain/exim.gov/ 0
0 366ms
286ms Preflight 52.222.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/689297/domain/exim.gov/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-118.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.exim.gov
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 20299
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 11 Nov 2022 11:34:29 GMT
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-id: y0Pw8D1Ci9GirajXpUMJHqVkku983Kl8w1U1nSxuqINEbz-ltSGffg==
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront

GET
H3 200 /
www.google.com/pagead/1p-user-list/957439535/ 42 B
64 B 71ms
28ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957439535/?random=1668186768422&cv=9&fst=1668186000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&tiba=Events%20%7C%20EXIM.GOV&fmt=3&is_vtc=1&random=2529940104&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 17:12:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/957439535/ 42 B
64 B 69ms
29ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957439535/?random=1668186768422&cv=9&fst=1668186000000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&tiba=Events%20%7C%20EXIM.GOV&fmt=3&is_vtc=1&random=2529940104&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 17:12:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5511650.js Show response
bat.bing.com/p/action/ 0
118 B 115ms
114ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5511650.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 11 Nov 2022 17:12:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 716EDE5F206B4FC487B9E6BFE00203BB Ref B: FRAEDGE1217 Ref C: 2022-11-11T17:12:48Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 43ms
42ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5511650&Ver=2&mid=39b8afc8-2b61-4482-a85e-1f91fce56666&sid=11156c0061e411ed9a139f9d637e8bd4&vid=1115916061e411edbd4169007aa9fad5&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Events%20%7C%20EXIM.GOV&p=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&r=&lt=19365&evt=pageLoad&sv=1&rn=344325

Requested by

Host: www.exim.gov
URL: https://www.exim.gov/events?utm_source=328725&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 11 Nov 2022 17:12:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6E6F5A2F13DE453C87DD4E3DE9FBC759 Ref B: FRAEDGE1217 Ref C: 2022-11-11T17:12:48Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 421983.js Show response
js-na1.hs-scripts.com/ 2 KB
890 B 1447ms
1403ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-na1.hs-scripts.com/421983.js
Requested by: Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1668186900000/421983.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d8c8586d05baec4c46d7394e2327028f12ee59332187d6d8e7a94d88e645226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:51 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 11 Nov 2022 16:04:39 GMT
server: cloudflare
x-hubspot-correlation-id: ee4c735a-f7d2-41e8-b3ae-239ee573d479
x-trace: 2B1A297AEC14C7AF3462E3AD8AD86F5435AFA71427000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.exim.gov
cache-control: public, max-age=30
access-control-allow-credentials: true
cf-ray: 7688a7aebe2c91ed-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
901 B 260ms
192ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1059085154&v=1.1&a=421983&rcu=http%3A%2F%2Fwww.exim.gov%2Fevents&pu=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&t=Events+%7C+EXIM.GOV&cts=1668186769649&vi=49e34b105a9f30228ebb396484ddd81e&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b65971df-5115-4198-b550-1db44169b248
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvJDSMWa%2FbXibh0XI%2F7%2BSYVOMUDCyX8pb6USy82vM0oFdlfZzoo8EYwyU%2FA8gVfFaadv4JwrqL7bhR%2Bulvxcjb6Tanb3gj52%2FwhBt%2FOe81QTVgxAmwCaV7%2BH3L8Hzad9B0k9f1kpUft0msZlu1bF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7688a7aedc1a8fc5-FRA
x-robots-tag: none

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 89ms
37ms Script
application/javascript 2606:4700::6811:73b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/421983.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f553c20a33d25dc12d94a7fa7a0999446235612f20decd643daf0b4c7e381492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:51 GMT
x-amz-version-id: DLUYzpWToXViCCMAk42gu6ZXj0CV1cO1
via: 1.1 b9e3ae23b2e5d7b2e1c159467ba23f34.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 439
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.301/bundles/pixels-release.js&cfRay=76889cffea649963-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Mon, 31 Oct 2022 12:04:15 UTC
server: cloudflare
etag: W/"6c8c013098279271f03db17ec4dd49a5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7688a7b7dbbc6915-FRA
x-amz-cf-id: 4ufR11vzgiV_U6m0Qf7ANcIzw-DWe0BmWClptZaRB9hnbioq3uD5uA==
x-hs-target-asset: adsscriptloaderstatic/static-1.301/bundles/pixels-release.js

GET
H2 200 421983.js Show response
js.hs-banner.com/ 60 KB
16 KB 539ms
492ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/421983.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/421983.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca10bd1201b54ce0497d77a1dcea08d0002c2297e1aa4f76f119f6ef2243b42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:51 GMT
x-amz-version-id: O4bkI6bgoILBP.474RlY0Teoc8fK1ehE
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 8WEYYPXVT9EJ2X74
x-amz-server-side-encryption: AES256
x-amz-id-2: evSb89e+zPlevGmSC+zvpyqwquZVF2w0en2Ml3xZct1/5nvuVIUye88JjzOCcRFXbDeESYqBppc=
last-modified: Tue, 25 Oct 2022 19:55:00 GMT
server: cloudflare
etag: W/"1643a8eca10b6f05a572302a6d5883f2"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.exim.gov
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7688a7b7cd94698b-FRA
expires: Fri, 11 Nov 2022 17:17:51 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 548 KB
88 KB 102ms
59ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/421983.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3855bfa2d2ca2c87e33eb53baf78e86305b469743f8038a353d3709170af5877

Request headers

Referer: https://www.exim.gov/
Origin: https://www.exim.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:51 GMT
x-amz-version-id: KhB59u4NuDuWX66mGRFuhkI5gjuG325U
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 11830
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1118/bundle/main/lead-flows-release.js&cfRay=768786e9bca49134-IAD
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Mon, 07 Nov 2022 11:27:56 UTC
server: cloudflare
etag: W/"a3c3903aee4f14a643a059fe24214e75"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 7688a7b7cf799bf4-FRA
x-amz-cf-id: aIIUJGqts-dq0zlBIMHYYMvFuC2BV6nQpc5WRTuFb8gqW3BPbPOBqQ==
x-hs-target-asset: lead-flows-js/static-1.1118/bundle/main/lead-flows-release.js

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 204 B
878 B 206ms
163ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=421983

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab1f877a8ff015d2463eeb9779b0bb9435c59030c5469f374f80158e4371834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 69463f02-e6fd-4ca2-b592-e823c10d3454
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B455BA3A91F27F3AE7E8EE274A1ECA907B237040D000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.exim.gov
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkH9tGle7oYdy6tFVKnDektzhitsvVibU3qa%2FLcnMJLr%2BffExsTFVznQHw3V5ADJP78e8k7VpTbUVKCBZqtQtmic4OUN4R6csbV%2FW5XpA6qLPz75AwMBwZhh7zOl0wBezDd73MkAvnpjabEF"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 7688a7bb58d0bbcb-FRA
access-control-allow-headers: *

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 254 B
1 KB 254ms
213ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=421983&utk=49e34b105a9f30228ebb396484ddd81e&__hstc=120003415.49e34b105a9f30228ebb396484ddd81e.1668186769641.1668186769641.1668186769641.1&__hssc=120003415.1.1668186769642&currentUrl=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e330ccacbfb4d63d361175bba27bf4d46c3694c4e38ee71e1ddeb5dcac1a7dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 19f37969-f531-4f07-9528-ab59983076ee
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.exim.gov
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZ4byz2FqPh4CcnTkKWJx5B8G6FJIJeFzKpQG4utRZxtoMrVcsEIZR%2BIC6t3qH9kFzC4ubdLRhfFIAU0rIZsz738QvxnBLX2rk%2F7wn0RUPYl13N8v%2BvbbbGxOplqty7yyfbJLv9tAardqgh%2BH992"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7688a7bb6f0f9b5b-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
68 KB 104ms
42ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-957439535

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17e5c5bc8d80c94165f1a1c6741f2e7ea82d7d0c0edea91d2d7530b57b5b36e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68865
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Nov 2022 17:12:51 GMT

GET
H3 200 193645871077419 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 51ms
51ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/193645871077419?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa26f1af39e7e1145489a8448db659ff903bbaae20bb51fa5317237c3bf96891

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 11 Nov 2022 17:12:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: NcuiX4vtnpOE84i+q4B7LopZtplqOT7f3YVu3a1YuF7fKBiHFm/RALtVVk/LhTbca/yh0uYgzqAL0xCH0HvPxQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 33ms
32ms Script
application/x-javascript 2a02:26f0:480:f::213:7ecb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9549e9deeeab6d3a9f6ab1347e1b859fd5791cec82ff1a4175757c28b3df78e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:12:51 GMT
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 19:27:04 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=77421
accept-ranges: bytes
content-length: 4530

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 17ms
16ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=193645871077419&ev=PageView&dl=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&rl=&if=false&ts=1668186771946&sw=1600&sh=1200&ud[external_id]=49e34b105a9f30228ebb396484ddd81e&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1668186752578.533357605&it=1668186752303&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Nov 2022 17:12:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957439535/ 2 KB
932 B 184ms
131ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957439535/?random=1668186772118&cv=11&fst=1668186772118&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&tiba=Events%20%7C%20EXIM.GOV&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1980513413.1668186772&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-957439535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06edcc335d442a23ccbbafb6318f0c45696399452edd0ccd4c4dee72457323dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 17:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 906
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/957439535/ 42 B
64 B 33ms
32ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957439535/?random=1668186772118&cv=11&fst=1668186000000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&tiba=Events%20%7C%20EXIM.GOV&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2785174001&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 17:12:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/957439535/ 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957439535/?random=1668186772118&cv=11&fst=1668186000000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.exim.gov%2Fevents%3Futm_source%3D328725%26utm_medium%3Demail&tiba=Events%20%7C%20EXIM.GOV&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2785174001&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.exim.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 17:12:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.exim.gov/	1970-01-20 16:59:06	Name: _ga Value: GA1.2.123628693.1668186752
.exim.gov/	1970-01-20 07:24:33	Name: _gid Value: GA1.2.1708080900.1668186752
.exim.gov/	1970-01-20 07:23:06	Name: _gat Value: 1
.exim.gov/	1970-01-20 09:32:42	Name: _fbp Value: fb.1.1668186752578.533357605
.bing.com/	1970-01-20 16:44:42	Name: MUID Value: 219C04701B3864B0127416291AEA6542
.exim.gov/	1970-01-20 07:24:33	Name: _uetsid Value: 11156c0061e411ed9a139f9d637e8bd4
.exim.gov/	1970-01-20 16:44:42	Name: _uetvid Value: 1115916061e411edbd4169007aa9fad5
.linkedin.com/	1970-01-20 08:06:18	Name: UserMatchHistory Value: AQLwrYHELCe1LwAAAYRnrgUbbS7Xj-ZFO_Zd2DjbC5MqcbL3Nho-Adx2wq1MCl_LvRQw2Z4jWNxjug
.linkedin.com/	1970-01-20 08:06:18	Name: AnalyticsSyncHistory Value: AQLbafCoTGtp6gAAAYRnrgUbsHeqmnZn4-3vS3aDM0HzhD2anzOjmHYZWE0jk2VHLUCh3OGEpUyP5mVGuSIlFw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:08:42	Name: bcookie Value: "v=2&72fc08ab-ce88-4e6c-865f-ffebd3f74443"
.linkedin.com/	1970-01-20 07:24:33	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2539:u=1:x=1:i=1668186768:t=1668273168:v=2:sig=AQHLwvItM4g5zqgE7-9yM_T5hzE8WO4c"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:08:42	Name: bscookie Value: "v=1&2022111117124830df10c9-c15d-4d5b-8a62-3a72abc6ba95AQEb0koA2-3vzRDuEdcePH1iE6cbaWKN"
.linkedin.com/	1970-01-20 11:42:18	Name: li_gc Value: MTswOzE2NjgxODY3Njg7MjswMjFJChL9vF8/KDwsA3HXUAFQ4JccPWhQtwMz1snV88bZiQ==
.www.exim.gov/	1970-01-20 07:24:33	Name: ln_or Value: d
.hubspot.com/	1970-01-20 07:23:08	Name: __cf_bm Value: xPVA6EqZD26xleM2qxiodbfyKU8.7Tskvqc9r85zu.U-1668186769-0-ATiIzcsZdRpEIQdnxxOhbGz+1u4+1P+5pQ642OZvJiaO0ioqR2ubX8YEVGdAezStZuC9be9Av85NKuqVbUdEI7M=
.exim.gov/	1970-01-20 11:42:18	Name: __hstc Value: 120003415.49e34b105a9f30228ebb396484ddd81e.1668186769641.1668186769641.1668186769641.1
.exim.gov/	1970-01-20 11:42:18	Name: hubspotutk Value: 49e34b105a9f30228ebb396484ddd81e
.exim.gov/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.exim.gov/	1970-01-20 07:23:08	Name: __hssc Value: 120003415.1.1668186769642
.exim.gov/	1970-01-20 09:32:42	Name: _gcl_au Value: 1.1.1980513413.1668186772
.doubleclick.net/	1970-01-20 16:44:42	Name: IDE Value: AHWqTUnmgShvfwwXH0PdmV53dVmpQc8Q4OzvHWqcX9T8-M8l7mRPKQW2NPsRupfs

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN ALLOW-FROM https://research.exim.gov/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
bat.bing.com
cdn.linkedin.oribi.io
click.email.nam.org
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
img.exim.gov
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hsleadflows.net
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
track.hubspot.com
www.exim.gov
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
13.107.42.14
13.111.180.32
142.250.186.66
2600:9000:236e:6e00:16:8d40:9c40:93a1
2606:4700:4400::ac40:9a55
2606:4700::6811:43b0
2606:4700::6811:73b0
2606:4700::6811:c9cc
2606:4700::6811:d3cc
2606:4700::6811:eacc
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2008
2a00:1450:400c:c0b::9a
2a02:26f0:480:f::213:7ecb
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
44.195.201.52
52.222.214.118
06edcc335d442a23ccbbafb6318f0c45696399452edd0ccd4c4dee72457323dc
17bcafaa9b8aa4e9a351dd1fade8e49e63ab09fc2653f5b384bb05c8660ff765
17e5c5bc8d80c94165f1a1c6741f2e7ea82d7d0c0edea91d2d7530b57b5b36e4
3412c46a917c38c43ba20a0ba1d1d5a25c407eec106f7b2b37ede22197cac981
3855bfa2d2ca2c87e33eb53baf78e86305b469743f8038a353d3709170af5877
394987c9f88cd1151b6d2f4d5d1dae5f62af7d9ed5c60f3252e8f590e5b3e19c
3c1f015d78c49452ea36a8edd45596c4ddb03faa1201dd442a2adbe43213b475
3d8c8586d05baec4c46d7394e2327028f12ee59332187d6d8e7a94d88e645226
46483595dba6625ca7895a52c10a2e89b97c82b439be6aa550b160f708441c83
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
6407d95046ffa7967030db32a1cbabcf271863304471c4d91fc5190caf94f298
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
8147bbb2d5e3e482ca39de3c43fd2b42581ca9b9a98aa486a64e0a53eb52d3fc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88143acb3fee6500cd7f8c85a470bbb5a487ec2791286dad832b3449c6c8a3fa
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
9549e9deeeab6d3a9f6ab1347e1b859fd5791cec82ff1a4175757c28b3df78e7
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9add5ba237759d9ca358e691eb563b24c4bfabd7579bdc5e70c12be292d63cea
9ca10bd1201b54ce0497d77a1dcea08d0002c2297e1aa4f76f119f6ef2243b42
a2cdd79194bc9db17003f4e4ca7446165d151bae70c134dd8be70c7a39e0bea3
aa26f1af39e7e1145489a8448db659ff903bbaae20bb51fa5317237c3bf96891
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bd2c6988ed1901d7d96a9177459825dce8bf618849029ccceab6323efd2ce26b
be5021bc387031902ce84734d3d4565ac1f494f208dc1851dd863bf6c7d764ba
c1d83c7a36cfcdf765a00dd15b2131eb0e96b7d85d1b178a2d693652210b36d8
ceacf03f285b4ed02a3da60f2df366c7870aa2b20bde658088661bfb928ff71a
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
e330ccacbfb4d63d361175bba27bf4d46c3694c4e38ee71e1ddeb5dcac1a7dcc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b2d426edfe9af0f22e44824cc96a3ed36ce2d7da3502a765e18479ddcf8207
f553c20a33d25dc12d94a7fa7a0999446235612f20decd643daf0b4c7e381492
f611c08d127e01deb9ca24ccd0bf98f7aec6593dcaa1afa5f90cafa0dc7959a3
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fab1f877a8ff015d2463eeb9779b0bb9435c59030c5469f374f80158e4371834

www.exim.gov Open in urlscan Pro 44.195.201.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

98 %HTTPS

80 %IPv6

23 Domains

28 Subdomains

23 IPs

3 Countries

1438 kBTransfer

2845 kBSize

23 Cookies

30 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.exim.gov Open in urlscan Pro
44.195.201.52 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

98 %
HTTPS

80 %
IPv6

23
Domains

28
Subdomains

23
IPs

3
Countries

1438 kB
Transfer

2845 kB
Size

23
Cookies

53 HTTP transactions
0 data transactions