mdfosb.staging.mutualcp.com Open in urlscan Pro
209.97.128.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mdfosb.staging.mutualcp.com/
Effective URL:
https://mdfosb.staging.mutualcp.com/language-picker
Submission: On May 29 via automatic, source certstream-suspicious (May 29th 2024, 10:44:05 am UTC) — Scanned from GB

Summary HTTP 28 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 28 HTTP transactions. The main IP is 209.97.128.237, located in Slough, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is mdfosb.staging.mutualcp.com.
TLS certificate: Issued by R3 on May 29th 2024. Valid for: 3 months.

This is the only time mdfosb.staging.mutualcp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	209.97.128.237 209.97.128.237	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6812:d0ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2400:52e0:1e0... 2400:52e0:1e00::1079:1	200325 (BUNNYCDN) (BUNNYCDN)
1	51.11.20.152 51.11.20.152	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6813:e763	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6811:f7cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:d::210:f150	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:594::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
28	14

10 209.97.128.237 (Slough, United Kingdom) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

mdfosb.staging.mutualcp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d0ad (United States)

ASN13335 (CLOUDFLARENET, US)

hello.myfonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1079:1 (Germany)

ASN200325 (BUNNYCDN, SI)

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.11.20.152 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.dump4barn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:e763 (United States)

ASN13335 (CLOUDFLARENET, US)

instant.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f7cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:d::210:f150 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:594::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgsct.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	mutualcp.com 1 redirects mdfosb.staging.mutualcp.com	136 KB
4	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4164 consentcdn.cookiebot.com — Cisco Umbrella Rank: 4847 imgsct.cookiebot.com — Cisco Umbrella Rank: 4914	35 KB
3	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 ade.googlesyndication.com — Cisco Umbrella Rank: 317	922 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2533	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	287 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 771	15 KB
2	plausible.io plausible.io — Cisco Umbrella Rank: 9799	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	31 KB
1	instant.page instant.page — Cisco Umbrella Rank: 20237	1 KB
1	dump4barn.com secure.dump4barn.com	321 B
1	myfonts.net hello.myfonts.net — Cisco Umbrella Rank: 10026	354 B
28	11

	Domain	Requested by
10	mdfosb.staging.mutualcp.com	1 redirects mdfosb.staging.mutualcp.com
3	www.googletagmanager.com	mdfosb.staging.mutualcp.com www.googletagmanager.com
2	ade.googlesyndication.com	1 redirects
2	www.google-analytics.com	www.googletagmanager.com
2	consent.cookiebot.com	www.googletagmanager.com consent.cookiebot.com
2	unpkg.com	1 redirects mdfosb.staging.mutualcp.com
2	plausible.io	mdfosb.staging.mutualcp.com plausible.io
1	region1.google-analytics.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	imgsct.cookiebot.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	cdn.jsdelivr.net	mdfosb.staging.mutualcp.com
1	instant.page	mdfosb.staging.mutualcp.com
1	secure.dump4barn.com	mdfosb.staging.mutualcp.com
1	hello.myfonts.net	mdfosb.staging.mutualcp.com
28	15

This site contains links to these domains. Also see Links.

Domain
browser-update.org
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
mdfosb.staging.mutualcp.com R3	`2024-05-29` - `2024-08-27`	3 months	crt.sh
*.myfonts.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-09-28`	a year	crt.sh
plausible.io R3	`2024-04-23` - `2024-07-22`	3 months	crt.sh
secure.norm0care.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-07-06`	7 months	crt.sh
instant.page GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-28` - `2025-02-27`	a year	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-02-26`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://mdfosb.staging.mutualcp.com/language-picker
Frame ID: 1E81DB2C9DB0378DFA4824856149BD74
Requests: 27 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: BD433461044D085EC06558EA4EF754C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Language Picker | MEDITE SMARTPLY

Page URL History Show full URLs

https://mdfosb.staging.mutualcp.com/ HTTP 302
https://mdfosb.staging.mutualcp.com/language-picker Page URL

Detected technologies

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Plausible (Analytics) Expand

Overall confidence: 100%
Detected patterns

plausible\.io/js/plausible\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

28
Requests

93 %
HTTPS

79 %
IPv6

11
Domains

15
Subdomains

14
IPs

3
Countries

529 kB
Transfer

1487 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://browser-update.org/update.html
Title: upgrading your browser

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MEDITESMARTPLY

Search URL Search Domain Scan URL

URL: https://twitter.com/MediteSmartPly

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/coillte-panel-products

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CoilltePanelProducts

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mdfosb.staging.mutualcp.com/ HTTP 302
https://mdfosb.staging.mutualcp.com/language-picker Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://unpkg.com/htmx.org@1.5.0 HTTP 302
https://unpkg.com/htmx.org@1.5.0/dist/htmx.min.js

Request Chain 24

https://ade.googlesyndication.com/ddm/activity/src=14092128;type=sessi0;cat=sessi0;ord=8992485166687;npa=0;gdid=dMWZhNz;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45m0v9176354632z8832415655za201zb832415655;gcs=G100;gcd=13p3p3l3l5;dma=0;epver=2;~oref=https%3A%2F%2Fmdfosb.staging.mutualcp.com%2Flanguage-picker HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=14092128;dc_pre=CMOmz-7WsoYDFbDxOwIdEgIFog;type=sessi0;cat=sessi0;ord=8992485166687;npa=0;gdid=dMWZhNz;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45m0v9176354632z8832415655za201zb832415655;gcs=G100;gcd=13p3p3l3l5;dma=0;epver=2;~oref=https%3A%2F%2Fmdfosb.staging.mutualcp.com%2Flanguage-picker

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request language-picker Show response
mdfosb.staging.mutualcp.com/
Redirect Chain

https://mdfosb.staging.mutualcp.com/
https://mdfosb.staging.mutualcp.com/language-picker

172 KB
47 KB

119ms
118ms

Document
text/html

209.97.128.237
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://mdfosb.staging.mutualcp.com/language-picker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.97.128.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Craft CMS SEOmatic

Resource Hash

97c52017fc8a587bd206e526190502afa37b37fb4a49a9eb055c0cc9dbb5493c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 29 May 2024 10:44:00 GMT
permissions-policy: interest-cohort=()
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Craft CMS SEOmatic
x-robots-tag: none
x-xss-protection: 1; mode=block

Redirect headers

content-type: text/html; charset=UTF-8
date: Wed, 29 May 2024 10:44:00 GMT
location: https://mdfosb.staging.mutualcp.com/language-picker
permissions-policy: interest-cohort=()
referrer-policy: no-referrer-when-downgrade
server: nginx
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Craft CMS SEOmatic
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 33fd05
hello.myfonts.net/count/ 0
354 B 221ms
89ms Stylesheet
text/css 2606:4700::6812:d0ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/33fd05
Requested by: Host: mdfosb.staging.mutualcp.com
URL: https://mdfosb.staging.mutualcp.com/language-picker
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 10:44:00 GMT
server: cloudflare
age: 1
expect-ct: null
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 88b5e3017e4c771d-LHR
content-length: 0
expires: Thu, 29 May 2025 10:44:00 GMT

GET
H2 200 plausible.js Show response
plausible.io/js/ 1 KB
1 KB 240ms
65ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://plausible.io/js/plausible.js

Requested by

Host: mdfosb.staging.mutualcp.com
URL: https://mdfosb.staging.mutualcp.com/language-picker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1079 /

Resource Hash

965387ce9489d0167cf33444ab52d064bb3fab35e94b12082ff5eb00a34c070c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 10:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1079
cdn-cachedat: 05/29/2024 10:26:18
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.0.3
alt-svc: h3=":443"; ma=2592000
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, max-age=3600
permissions-policy: interest-cohort=()
cdn-requestid: 0d3e540c2f60aaae388ea175e194f5a1
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 213207.js Show response
secure.dump4barn.com/js/ 16 B
321 B 257ms
90ms Script
text/javascript 51.11.20.152
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.dump4barn.com/js/213207.js
Requested by: Host: mdfosb.staging.mutualcp.com
URL: https://mdfosb.staging.mutualcp.com/language-picker
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.11.20.152 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c694318b0ab2404890680271b00daefd3cf8de300496f18e6d6d47e9964067e9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 10:44:00 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=86400
Connection: keep-alive
Request-Context: appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20

GET
H2 200 en.png
mdfosb.staging.mutualcp.com/assets/images/ 14 KB
14 KB 31ms
30ms Image
image/png 209.97.128.237
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mdfosb.staging.mutualcp.com/assets/images/en.png

Requested by

Host: mdfosb.staging.mutualcp.com
URL: https://mdfosb.staging.mutualcp.com/language-picker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.97.128.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c0f4ee7f82b2a335287953eebd1995692b149762aa339e8a60c70ea5a4a98cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 10:44:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 May 2024 10:36:48 GMT
server: nginx
etag: "66570540-3859"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 14425
x-xss-protection: 1; mode=block

GET
H2 200 fr.png
mdfosb.staging.mutualcp.com/assets/images/ 12 KB
12 KB 31ms
31ms Image
image/png 209.97.128.237
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mdfosb.staging.mutualcp.com/assets/images/fr.png

Requested by

Host: mdfosb.staging.mutualcp.com
URL: https://mdfosb.staging.mutualcp.com/language-picker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.97.128.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7e31f601ba0eb7448bfe254b421c577e80edc014f3b63e63e3cbb0f485e14dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 10:44:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 May 2024 10:36:48 GMT
server: nginx
etag: "66570540-2f25"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 12069
x-xss-protection: 1; mode=block

GET
H2 200 nl.png
mdfosb.staging.mutualcp.com/assets/images/ 10 KB
10 KB 31ms
30ms Image
image/png 209.97.128.237
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mdfosb.staging.mutualcp.com/assets/images/nl.png

Requested by

Host: mdfosb.staging.mutualcp.com
URL: https://mdfosb.staging.mutualcp.com/language-picker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.97.128.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c9ac2f1a3c599471809449c92c38be2cbbf0ce77b8e916c34a7ba9a2d4c1d8cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 10:44:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 May 2024 10:36:48 GMT
server: nginx
etag: "66570540-278b"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 10123
x-xss-protection: 1; mode=block

GET
H2 200 main.css
mdfosb.staging.mutualcp.com/assets/dist/ 73 KB
13 KB 32ms
32ms Stylesheet
text/css 209.97.128.237
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://mdfosb.staging.mutualcp.com/assets/dist/main.css?id=42dd8b0651d24f7e9b7f

Requested by

Host: mdfosb.staging.mutualcp.com
URL: https://mdfosb.staging.mutualcp.com/language-picker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.97.128.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

69f8782892dcfd67b31ede2d6e052177ca22932516894a60afaf1aea4dea3814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 10:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 May 2024 10:36:48 GMT
server: nginx
etag: W/"66570540-125ac"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 app.js Show response
mdfosb.staging.mutualcp.com/assets/dist/ 5 KB
2 KB 31ms
29ms Script
application/javascript 209.97.128.237
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://mdfosb.staging.mutualcp.com/assets/dist/app.js?id=57e3e20818bbfd8a6d2b

Requested by

Host: mdfosb.staging.mutualcp.com
URL: https://mdfosb.staging.mutualcp.com/language-picker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.97.128.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

26898c0e0168f6800b39a8741c9eac97721dfbd614f695301fef6f833bf4673d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 10:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 May 2024 10:36:48 GMT
server: nginx
etag: W/"66570540-13ad"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block

GET
H2 200 3.0.0 Show response
instant.page/ 2 KB
1 KB 189ms
54ms Script
text/javascript 2606:4700::6813:e763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://instant.page/3.0.0
Requested by: Host: mdfosb.staging.mutualcp.com
URL: https://mdfosb.staging.mutualcp.com/language-picker
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:e763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f0ad9f3ff31904d6a4962296240ac2afa342ab957442389db0d04a33b40ef78

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Origin: https://mdfosb.staging.mutualcp.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 10:44:00 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 88b5e3018f4d7785-LHR

GET
H2

200

htmx.min.js Show response
unpkg.com/htmx.org@1.5.0/dist/
Redirect Chain

https://unpkg.com/htmx.org@1.5.0
https://unpkg.com/htmx.org@1.5.0/dist/htmx.min.js

33 KB
15 KB

107ms
106ms

Script
application/javascript

2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/htmx.org@1.5.0/dist/htmx.min.js

Requested by

Host: mdfosb.staging.mutualcp.com
URL: https://mdfosb.staging.mutualcp.com/language-picker

Protocol

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41c28c4dd9e234098f2f2e0121288e7988872d01df0fe985225a12adfdc1233c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://mdfosb.staging.mutualcp.com/language-picker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 29 May 2024 10:44:01 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5901484
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HSJ33760WWB0QX1GTB5R8RPY-lhr
server: cloudflare
etag: "83d9-jD58gEBTOmF/8FA5xNFqoCXphjA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 88b5e3029a476331-LHR

Redirect headers

date: Wed, 29 May 2024 10:44:00 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HS9562YAQ77W7SAAR0GAK0B5-lhr
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6201282
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /htmx.org@1.5.0/dist/htmx.min.js
cache-control: public, max-age=31536000
cf-ray: 88b5e301e9556331-LHR

GET
H2 200 alpine-ie11.min.js Show response
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.4.0/dist/ 86 KB
31 KB 159ms
32ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.4.0/dist/alpine-ie11.min.js

Requested by

Host: mdfosb.staging.mutualcp.com
URL: https://mdfosb.staging.mutualcp.com/language-picker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

680a5e983f7e5623e141d275392cef132231bac7fe496d8310a7f62672a32a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 May 2024 10:44:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2364358
x-jsd-version: 2.4.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31231
x-served-by: cache-fra-etou8220068-FRA, cache-lon420113-LON
x-jsd-version-type: version
etag: W/"15737-/0OtvnX5awLS+CFfQ6NvzZZn1SA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 343 KB
107 KB 252ms
102ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WWN33WC

Requested by

Host: mdfosb.staging.mutualcp.com
URL: https://mdfosb.staging.mutualcp.com/language-picker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

001f2e17fc428ac18c337ed033c3616740fd7743bceb84975f8905ee592d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 10:44:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109173
x-xss-protection: 0
last-modified: Wed, 29 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 May 2024 10:44:01 GMT

GET
H2 200 FrutigerLTStd-Roman.woff2
mdfosb.staging.mutualcp.com/assets/fonts/ 18 KB
18 KB 30ms
30ms Font
font/woff2 209.97.128.237
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://mdfosb.staging.mutualcp.com/assets/fonts/FrutigerLTStd-Roman.woff2

Requested by

Host: mdfosb.staging.mutualcp.com
URL: https://mdfosb.staging.mutualcp.com/language-picker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.97.128.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f8b36fae2a25df5e847f7b4ff593f78fae6323ab1c4f31a3f257ea8641526f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Origin: https://mdfosb.staging.mutualcp.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 10:44:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 May 2024 10:36:48 GMT
server: nginx
etag: "66570540-4730"
x-frame-options: SAMEORIGIN
content-type: font/woff2
accept-ranges: bytes
content-length: 18224
x-xss-protection: 1; mode=block

GET
H2 200 FrutigerLTStd-Light.woff2
mdfosb.staging.mutualcp.com/assets/fonts/ 18 KB
18 KB 31ms
31ms Font
font/woff2 209.97.128.237
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://mdfosb.staging.mutualcp.com/assets/fonts/FrutigerLTStd-Light.woff2

Requested by

Host: mdfosb.staging.mutualcp.com
URL: https://mdfosb.staging.mutualcp.com/language-picker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.97.128.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

174e8a2ff2fb0936a4d4481e8f38d75b99a46fab7e9c8e857e0ddd505cacd8c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Origin: https://mdfosb.staging.mutualcp.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 10:44:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 May 2024 10:36:48 GMT
server: nginx
etag: "66570540-46ed"
x-frame-options: SAMEORIGIN
content-type: font/woff2
accept-ranges: bytes
content-length: 18157
x-xss-protection: 1; mode=block

POST
H2 202 event Show response
plausible.io/api/ 2 B
501 B 284ms
103ms XHR
text/plain 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/api/event
Requested by: Host: plausible.io
URL: https://plausible.io/js/plausible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 May 2024 10:44:01 GMT
cdn-edgestorageid: 1079
cdn-cachedat: 05/29/2024 10:44:01
cdn-pullzone: 682664
application: 10.0.1.5
alt-svc: h3=":443"; ma=2592000
content-length: 2
x-request-id: F9PvtHip2ymp8EkD0bSr
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.04
cdn-requestpullcode: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: d8055b042eee131dd0b8c5596995ce02
cdn-requestcountrycode: GB
cdn-requestpullsuccess: True

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 109 KB
34 KB 236ms
70ms Script
application/javascript 2a02:26f0:480:d::210:f150
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=5aa88823-8f24-4b58-bf0f-b0304df7a577&implementation=gtm&consentmode-dataredaction=dynamic
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWN33WC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 88c87349d2bf113f3589ef89169acec4a0dde633f817506189bd0c2f7a68b892

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Wed, 29 May 2024 10:44:01 GMT
content-encoding: gzip
last-modified: Wed, 15 May 2024 08:37:48 GMT
etag: "32674b2aa3a6da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=829
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 34250
expires: Wed, 29 May 2024 10:57:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 326 KB
105 KB 81ms
78ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PQ9P6VQSLD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWN33WC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b003441f0cb67bd1bde5c8056acd24d024df159342a5de65628d3fb008b595cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 10:44:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107293
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 May 2024 10:44:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 217ms
59ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWN33WC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 29 May 2024 09:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3778
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 29 May 2024 11:41:03 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 211 KB
75 KB 90ms
89ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14092128&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWN33WC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16e330d97436f3840c09dc99c08ef547fc6bf4fe7aa5402cae7ab32505df7e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 10:44:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77198
x-xss-protection: 0
last-modified: Wed, 29 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 May 2024 10:44:01 GMT

GET
H2 200 bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame BD43 0
0 278ms
103ms Document
text/html 2a02:26f0:480:594::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=5aa88823-8f24-4b58-bf0f-b0304df7a577&implementation=gtm&consentmode-dataredaction=dynamic
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:594::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 May 2024 10:44:01 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Thu, 29 May 2025 10:44:01 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1716979441739_35115176_88982437_25_806_31_46_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/5aa88823-8f24-4b58-bf0f-b0304df7a577/ 383 B
609 B 125ms
124ms Script
application/x-javascript 2a02:26f0:480:d::210:f150
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/5aa88823-8f24-4b58-bf0f-b0304df7a577/cc.js?renew=false&referer=mdfosb.staging.mutualcp.com&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=5aa88823-8f24-4b58-bf0f-b0304df7a577&implementation=gtm&consentmode-dataredaction=dynamic
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 36ffe124dea164d4684741a72f6649d04e1ddf9b38f1880e7ef2b335e9dba065

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 10:44:01 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=60
cross-origin-resource-policy: cross-origin
content-length: 372
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H/1.1 200
OK 1.gif
imgsct.cookiebot.com/ 35 B
737 B 257ms
103ms Image
image/gif 2a02:26f0:480:594::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgsct.cookiebot.com/1.gif?dgi=5aa88823-8f24-4b58-bf0f-b0304df7a577
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:594::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 10:44:02 GMT
X-GUploader-UploadID: ABPtcPpXoo0APQzoeQhZ8p2EN2EIm5xVe4OMpxFgtJ2qRoL2vbIJ2PvvQm1XSw1b9aIggvywGNw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 35
Last-Modified: Mon, 23 Oct 2023 11:39:32 GMT
Server: UploadServer
ETag: "c2196de8ba412c60c22ab491af7b1409"
x-goog-generation: 1698061172769999
x-goog-hash: crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: public,max-age=1800
x-goog-stored-content-length: 35
Accept-Ranges: bytes
Content-Type: image/gif

GET
H2 200 favicon-32x32.png
mdfosb.staging.mutualcp.com/ 1 KB
1 KB 30ms
29ms Other
image/png 209.97.128.237
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://mdfosb.staging.mutualcp.com/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.97.128.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3a53c714fc85dabe5a8667ff4a8e47fe325640c36d3a9a5b3b4ba918dc631664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 10:44:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 May 2024 10:36:48 GMT
server: nginx
etag: "66570540-4a9"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 1193
x-xss-protection: 1; mode=block

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 257ms
75ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3l3l5&rnd=1982587502.1716979443&url=https%3A%2F%2Fmdfosb.staging.mutualcp.com%2Flanguage-picker&dma=0&npa=0&gtm=45He45m0n81WWN33WCv832415655za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWN33WC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 29 May 2024 10:44:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=14092128;dc_pre=CMOmz-7WsoYDFbDxOwIdEgIFog;type=sessi0;cat=sessi0;ord=8992485166687;npa=0;gdid=dMWZhNz;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot....
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=14092128;type=sessi0;cat=sessi0;ord=8992485166687;npa=0;gdid=dMWZhNz;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.64...
https://ade.googlesyndication.com/ddm/activity/src=14092128;dc_pre=CMOmz-7WsoYDFbDxOwIdEgIFog;type=sessi0;cat=sessi0;ord=8992485166687;npa=0;gdid=dMWZhNz;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B12...

42 B
118 B

91ms
90ms

Image
image/gif

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=14092128;dc_pre=CMOmz-7WsoYDFbDxOwIdEgIFog;type=sessi0;cat=sessi0;ord=8992485166687;npa=0;gdid=dMWZhNz;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45m0v9176354632z8832415655za201zb832415655;gcs=G100;gcd=13p3p3l3l5;dma=0;epver=2;~oref=https%3A%2F%2Fmdfosb.staging.mutualcp.com%2Flanguage-picker?

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://mdfosb.staging.mutualcp.com/language-picker
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 May 2024 10:44:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 May 2024 10:44:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=14092128;dc_pre=CMOmz-7WsoYDFbDxOwIdEgIFog;type=sessi0;cat=sessi0;ord=8992485166687;npa=0;gdid=dMWZhNz;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe45m0v9176354632z8832415655za201zb832415655;gcs=G100;gcd=13p3p3l3l5;dma=0;epver=2;~oref=https%3A%2F%2Fmdfosb.staging.mutualcp.com%2Flanguage-picker?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 196ms
63ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PQ9P6VQSLD&gtm=45je45m0v873612846z8832415655za200zb832415655&_p=1716979440750&gcs=G100&gcd=13p3p3l3l5&npa=0&dma=0&gdid=dMWZhNz&cid=1122518352.1716979443&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1716979441&sct=1&seg=0&dl=https%3A%2F%2Fmdfosb.staging.mutualcp.com%2Flanguage-picker&dt=Language%20Picker%20%7C%20MEDITE%20SMARTPLY&en=page_view&_fv=1&_ss=1&tfd=3490
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PQ9P6VQSLD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 29 May 2024 10:44:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mdfosb.staging.mutualcp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 45ms
43ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=534969760&t=pageview&_s=1&dl=https%3A%2F%2Fmdfosb.staging.mutualcp.com%2Flanguage-picker&ul=en-gb&de=UTF-8&dt=Language%20Picker%20%7C%20MEDITE%20SMARTPLY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEAAAAABEAAAAAAAIk~&cid=1122518352.1716979443&tid=UA-101372089-1&_gid=317432204.1716979443&gtm=45He45m0n81WWN33WCv832415655za200&gcs=G100&gcd=13p3p3l3l5&dma=0&z=225662377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mdfosb.staging.mutualcp.com/language-picker
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 29 May 2024 02:43:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28815
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.myfonts.net/	1970-01-20 20:56:21	Name: __cf_bm Value: n7Oi1Dicwk2Q9hFguNdmzexgcDrsjA8luOVX3kqSOhA-1716979440-1.0.1.1-v4Ny2HMRE22BIfbxJyyeWwLI9OjI2CsZvy3Pm3iN.ta.F62zYTkyW9lk4ivWpo9yaIVzZpkvQMvOrFpg3oMxXg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other	warning	URL: https://mdfosb.staging.mutualcp.com/language-picker Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
cdn.jsdelivr.net
consent.cookiebot.com
consentcdn.cookiebot.com
hello.myfonts.net
imgsct.cookiebot.com
instant.page
mdfosb.staging.mutualcp.com
pagead2.googlesyndication.com
plausible.io
region1.google-analytics.com
secure.dump4barn.com
unpkg.com
www.google-analytics.com
www.googletagmanager.com
142.250.185.194
2001:4860:4802:34::36
209.97.128.237
2400:52e0:1e00::1079:1
2606:4700::6811:f7cb
2606:4700::6812:d0ad
2606:4700::6813:e763
2a00:1450:4001:810::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:82b::2008
2a02:26f0:480:594::f09
2a02:26f0:480:d::210:f150
2a04:4e42:600::485
51.11.20.152
001f2e17fc428ac18c337ed033c3616740fd7743bceb84975f8905ee592d8470
16e330d97436f3840c09dc99c08ef547fc6bf4fe7aa5402cae7ab32505df7e94
174e8a2ff2fb0936a4d4481e8f38d75b99a46fab7e9c8e857e0ddd505cacd8c5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26898c0e0168f6800b39a8741c9eac97721dfbd614f695301fef6f833bf4673d
36ffe124dea164d4684741a72f6649d04e1ddf9b38f1880e7ef2b335e9dba065
3a53c714fc85dabe5a8667ff4a8e47fe325640c36d3a9a5b3b4ba918dc631664
41c28c4dd9e234098f2f2e0121288e7988872d01df0fe985225a12adfdc1233c
680a5e983f7e5623e141d275392cef132231bac7fe496d8310a7f62672a32a46
69f8782892dcfd67b31ede2d6e052177ca22932516894a60afaf1aea4dea3814
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f0ad9f3ff31904d6a4962296240ac2afa342ab957442389db0d04a33b40ef78
7e31f601ba0eb7448bfe254b421c577e80edc014f3b63e63e3cbb0f485e14dfe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88c87349d2bf113f3589ef89169acec4a0dde633f817506189bd0c2f7a68b892
965387ce9489d0167cf33444ab52d064bb3fab35e94b12082ff5eb00a34c070c
97c52017fc8a587bd206e526190502afa37b37fb4a49a9eb055c0cc9dbb5493c
b003441f0cb67bd1bde5c8056acd24d024df159342a5de65628d3fb008b595cd
c0f4ee7f82b2a335287953eebd1995692b149762aa339e8a60c70ea5a4a98cef
c694318b0ab2404890680271b00daefd3cf8de300496f18e6d6d47e9964067e9
c9ac2f1a3c599471809449c92c38be2cbbf0ce77b8e916c34a7ba9a2d4c1d8cb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8b36fae2a25df5e847f7b4ff593f78fae6323ab1c4f31a3f257ea8641526f0e

mdfosb.staging.mutualcp.com Open in urlscan Pro 209.97.128.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

93 %HTTPS

79 %IPv6

11 Domains

15 Subdomains

14 IPs

3 Countries

529 kBTransfer

1487 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

mdfosb.staging.mutualcp.com Open in urlscan Pro
209.97.128.237 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

93 %
HTTPS

79 %
IPv6

11
Domains

15
Subdomains

14
IPs

3
Countries

529 kB
Transfer

1487 kB
Size

1
Cookies

28 HTTP transactions
0 data transactions