URL: https://refer.ahsfriends.com/5star
Submission: On August 28 via api from US — Scanned from DE

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 50 HTTP transactions. The main IP is 54.162.21.79, located in United States and belongs to AMAZON-AES, US. The main domain is refer.ahsfriends.com.
TLS certificate: Issued by R3 on July 17th 2023. Valid for: 3 months.
This is the only time refer.ahsfriends.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
14 ahsfriends.com
refer.ahsfriends.com
x379.ahsfriends.com
218 KB
11 xtlo.net
origin.xtlo.net — Cisco Umbrella Rank: 25290
origin-7.xtlo.net — Cisco Umbrella Rank: 223228
origin-0.xtlo.net — Cisco Umbrella Rank: 522243
origin-3.xtlo.net — Cisco Umbrella Rank: 614384
origin-2.xtlo.net — Cisco Umbrella Rank: 425219
origin-4.xtlo.net — Cisco Umbrella Rank: 66164
246 KB
7 cloudsponge.com
api.cloudsponge.com — Cisco Umbrella Rank: 102601
collect.cloudsponge.com — Cisco Umbrella Rank: 143243
57 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
21 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
82 KB
2 blueconic.net
frontdoor.blueconic.net — Cisco Umbrella Rank: 287933
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6490
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
352 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
61 KB
50 12
Domain Requested by
7 x379.ahsfriends.com refer.ahsfriends.com
x379.ahsfriends.com
7 refer.ahsfriends.com refer.ahsfriends.com
6 api.cloudsponge.com refer.ahsfriends.com
api.cloudsponge.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 origin.xtlo.net refer.ahsfriends.com
4 fonts.googleapis.com refer.ahsfriends.com
2 origin-0.xtlo.net refer.ahsfriends.com
2 connect.facebook.net refer.ahsfriends.com
connect.facebook.net
2 frontdoor.blueconic.net x379.ahsfriends.com
1 collect.cloudsponge.com api.cloudsponge.com
1 origin-4.xtlo.net refer.ahsfriends.com
1 www.facebook.com refer.ahsfriends.com
1 www.google.de refer.ahsfriends.com
1 www.google.com refer.ahsfriends.com
1 origin-2.xtlo.net refer.ahsfriends.com
1 origin-3.xtlo.net refer.ahsfriends.com
1 stats.g.doubleclick.net www.google-analytics.com
1 origin-7.xtlo.net refer.ahsfriends.com
1 www.googletagmanager.com refer.ahsfriends.com
50 19

This site contains links to these domains. Also see Links.

Domain
www.extole.com
www.ahs.com
appleid.apple.com
Subject Issuer Validity Valid
refer.ahsfriends.com
R3
2023-07-17 -
2023-10-15
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
x379.ahsfriends.com
Amazon RSA 2048 M02
2023-01-11 -
2024-02-09
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
media.extole.com
Amazon RSA 2048 M01
2023-06-21 -
2024-07-19
a year crt.sh
*.blueconic.net
Amazon RSA 2048 M01
2023-06-08 -
2024-07-06
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-06-07 -
2023-09-05
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
www.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
www.google.de
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
cloudsponge.com
Amazon RSA 2048 M03
2023-08-25 -
2024-09-22
a year crt.sh

This page contains 1 frames:

Primary Page: https://refer.ahsfriends.com/5star
Frame ID: 1E7C532E32414B5C4DE1A3EFFA6A5D56
Requests: 49 HTTP requests in this frame

Screenshot

Page Title

American Home Shield Refer a Friend Program

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

50
Requests

100 %
HTTPS

47 %
IPv6

12
Domains

19
Subdomains

17
IPs

3
Countries

692 kB
Transfer

1838 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 5star
refer.ahsfriends.com/
20 KB
5 KB
Document
General
Full URL
https://refer.ahsfriends.com/5star
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.162.21.79 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-21-79.compute-1.amazonaws.com
Software
Extole /
Resource Hash
e7bc7e5a0a378464cf46f2838feb9c0f2a6cfca623083948c8cb2167b9a2dbd2
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.extole.com frame-ancestors https://*.extole.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://*.extole.com ALLOW-FROM https://*.extole.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
access-control-expose-headers
X-Extole-Token
content-encoding
gzip
content-length
4579
content-security-policy
frame-ancestors https://*.extole.com frame-ancestors https://*.extole.com
content-type
text/html
date
Mon, 28 Aug 2023 17:25:07 GMT
p3p
CP="Please see our privacy policy"
server
Extole
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Accept-Encoding
x-extole-token
HO29UF1TEMCCV4T51C6DV3HVQR
x-frame-options
ALLOW-FROM https://*.extole.com ALLOW-FROM https://*.extole.com
css
fonts.googleapis.com/
2 KB
968 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/5star
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d243481a66bdffbe09bc2f74f8f1b57714dcd20963e8703c1372716d3fe689a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Aug 2023 17:25:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 16:07:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Aug 2023 17:25:07 GMT
css
fonts.googleapis.com/
2 KB
631 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/5star
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8f85cdf3499d284b8a072fdf645d8314e4ff7e444856f0c43d9ca27bfb007b0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Aug 2023 17:25:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 16:39:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Aug 2023 17:25:07 GMT
core.js
refer.ahsfriends.com/
49 KB
16 KB
Script
General
Full URL
https://refer.ahsfriends.com/core.js
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/5star
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.162.21.79 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-21-79.compute-1.amazonaws.com
Software
Extole /
Resource Hash
aa752b197f35b3efaf4ffa99b6c15dda2cbe5f7aaae7e7dc0d0113836c7b1cc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/5star
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 17:25:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Extole
access-control-max-age
3600
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/javascript
p3p
CP="Please see our privacy policy"
access-control-expose-headers
X-Extole-Token
cache-control
no-transform, max-age=3600
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
script.js
x379.ahsfriends.com/
130 KB
40 KB
Script
General
Full URL
https://x379.ahsfriends.com/script.js
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/5star
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-75.ams1.r.cloudfront.net
Software
- /
Resource Hash
a80a5d8265d67ca82f6b810460cb1ad44da0d4dc4bf47baaafc32944bdd2dd94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 17:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 1559f99ec21d6c3066e5715e5c06aa76.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
AMS1-P3
age
407
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
39882
x-xss-protection
1; mode=block
last-modified
Mon, 28 Aug 2023 17:12:05 GMT
server
-
etag
cc86bdd4b077a223fe465e35f28d722c
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
U9bAJ9Cdc_jIiRlEQg10ESBE-V4qOfMzoUxxaZYtM3oyC4J9fD4bCA==
expires
Mon, 28 Aug 2023 17:28:21 GMT
js
www.googletagmanager.com/gtag/
166 KB
61 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1685974-4
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/5star
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d6ba97b38dc44f2e623e9e25e891f7b8842cd1978e15a718a36d5aed85e8415d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 17:25:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62506
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 16:05:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Aug 2023 17:25:07 GMT
ahs-logo-rgb_1607558308352.png
origin.xtlo.net/type=creativeArchive:clientId=86545:creativeArchiveId=7013449851117301977:version=12:coreAssetsVersion=1544591110420/images/
55 KB
53 KB
Image
General
Full URL
https://origin.xtlo.net/type=creativeArchive:clientId=86545:creativeArchiveId=7013449851117301977:version=12:coreAssetsVersion=1544591110420/images/ahs-logo-rgb_1607558308352.png
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/5star
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-90.fra53.r.cloudfront.net
Software
Extole /
Resource Hash
7a3461d6811635bb8776d1eb866ab851494bcc637ef88245520e60fd9a0f443c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 04:49:22 GMT
content-encoding
gzip
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified
Mon, 21 Aug 2023 18:49:16 GMT
server
Extole
x-amz-cf-pop
FRA53-C1
age
304546
access-control-max-age
2592000
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
x-amz-cf-id
Gk-2Fo97OPCzkv-SvixViM3SoZxqNYbXJdOGUBJ93FxCu2X40PFBEg==
cs
frontdoor.blueconic.net/DG/DEFAULT/
16 B
700 B
Script
General
Full URL
https://frontdoor.blueconic.net/DG/DEFAULT/cs?&callback=bc_json966
Requested by
Host: x379.ahsfriends.com
URL: https://x379.ahsfriends.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.216.15.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-15-3.compute-1.amazonaws.com
Software
- /
Resource Hash
7ffe0dd284ef77a1231bed65c510e6c26d7d996e627ed3c337b5243631d8ecda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 17:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
193 KB
52 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/5star
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 28 Aug 2023 17:25:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
hHpWAdW373EVQgldmtFuq3veXLNkCG9GNJ9E8LG53JY/OBPm89xMOiveEnqy5AZdfdLvv9aL3A40fKK1NHvG0Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
20-AHS-Web-1072-AdvocateMicrosite_1605733142975.jpg
origin.xtlo.net/type=creativeArchive:clientId=86545:creativeArchiveId=7013449851117301977:version=12:coreAssetsVersion=1544591110420/img/
96 KB
95 KB
Image
General
Full URL
https://origin.xtlo.net/type=creativeArchive:clientId=86545:creativeArchiveId=7013449851117301977:version=12:coreAssetsVersion=1544591110420/img/20-AHS-Web-1072-AdvocateMicrosite_1605733142975.jpg
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/5star
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-90.fra53.r.cloudfront.net
Software
Extole /
Resource Hash
78727aaa6a455ee033f419aa8afb18ad43ffbfcfbb9af2c5b0eef88ba4687127

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 11:30:06 GMT
content-encoding
gzip
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified
Mon, 14 Aug 2023 18:25:39 GMT
server
Extole
x-amz-cf-pop
FRA53-C1
age
626102
access-control-max-age
2592000
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
x-amz-cf-id
iMPqi43S4bNsBAsdrfbTn5GSU7tZQj-WExJ4khZUnvuZZo72puAWnA==
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1685974-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Aug 2023 15:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5726
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 28 Aug 2023 17:49:43 GMT
MainView.js
origin-7.xtlo.net/type=creativeArchive:clientId=86545:creativeArchiveId=7013449851117301977:version=12:coreAssetsVersion=1544591110420/js/
1 KB
999 B
Script
General
Full URL
https://origin-7.xtlo.net/type=creativeArchive:clientId=86545:creativeArchiveId=7013449851117301977:version=12:coreAssetsVersion=1544591110420/js/MainView.js?site=refer.ahsfriends.com
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-81.fra53.r.cloudfront.net
Software
Extole /
Resource Hash
e4e3834599cdc286a843a1fc23186718a852ec7be48f4803635c9610632476ad

Request headers

Referer
https://refer.ahsfriends.com/
Origin
https://refer.ahsfriends.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 19:55:57 GMT
content-encoding
gzip
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 17:24:19 GMT
server
Extole
x-amz-cf-pop
FRA53-C1
age
1805352
access-control-max-age
2592000
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
content-length
598
x-amz-cf-id
G-Uwqq7p9BA51argl1y4ccmdu1lK43p0ZJsJ8vVY74hyGiTKeM6wLw==
collect
www.google-analytics.com/j/
2 B
210 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=737166793&t=pageview&_s=1&dl=https%3A%2F%2Frefer.ahsfriends.com%2F5star&ul=en-us&de=UTF-8&dt=American%20Home%20Shield%20Refer%20a%20Friend%20Program&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1964554157&gjid=281443484&cid=1461684530.1693243509&tid=UA-1685974-4&_gid=405490819.1693243509&_r=1&gtm=457e38n0&jsscut=1&z=436309337
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://refer.ahsfriends.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 17:25:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://refer.ahsfriends.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
564418513908009
connect.facebook.net/signals/config/
113 KB
30 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/564418513908009?v=2.9.125&r=stable&domain=refer.ahsfriends.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f5652ce54c5c5c825d9d0d503dc0153eba073e3dba6843279b0870ba1e1ddd66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 28 Aug 2023 17:25:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
HQhSZWs9VIeFpY0dXkK2ihc8aUv/E0GtOtZzZLQCld/CSsNpsgrcMtmmQOHQ9KvF4TGkZlizOxUaXfxs0r/rHw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
352 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1685974-4&cid=1461684530.1693243509&jid=1964554157&gjid=281443484&_gid=405490819.1693243509&_u=YEBAAUAAAAAAACAAI~&z=1012511411
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://refer.ahsfriends.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 28 Aug 2023 17:25:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://refer.ahsfriends.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
user-service.js
origin-0.xtlo.net/type=core:clientId=86545:coreAssetsVersion=1544591110420/common/
6 KB
2 KB
Script
General
Full URL
https://origin-0.xtlo.net/type=core:clientId=86545:coreAssetsVersion=1544591110420/common/user-service.js?site=refer.ahsfriends.com
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.199.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-199-128.mxp64.r.cloudfront.net
Software
Extole /
Resource Hash
9abcc3cc4b635f1952f38f4bc9cd9826f4db9851fcacd0cd1d9a3498024fed0b

Request headers

Referer
https://refer.ahsfriends.com/
Origin
https://refer.ahsfriends.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 19:55:58 GMT
content-encoding
gzip
via
1.1 3495b9515a62390d5318bcb6d011781c.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 19:55:58 GMT
server
Extole
x-amz-cf-pop
MXP64-P2
age
1805351
access-control-max-age
2592000
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
content-length
1900
x-amz-cf-id
C504HVdPdn4TwZtjEOvBmNl65Vz2IlRafnUX_vnn79NDJT5Jw-nhGg==
create-zone-builder.js
origin-3.xtlo.net/type=core:clientId=86545:coreAssetsVersion=1544591110420/common/
1 KB
982 B
Script
General
Full URL
https://origin-3.xtlo.net/type=core:clientId=86545:coreAssetsVersion=1544591110420/common/create-zone-builder.js?site=refer.ahsfriends.com
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-81.fra53.r.cloudfront.net
Software
Extole /
Resource Hash
115f2d938a1c9e14ce9b33b6ed1949ec9b320ca3a2ee16a11a6552f402a6a0a1

Request headers

Referer
https://refer.ahsfriends.com/
Origin
https://refer.ahsfriends.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 18:39:35 GMT
content-encoding
gzip
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified
Mon, 14 Aug 2023 18:39:35 GMT
server
Extole
x-amz-cf-pop
FRA53-C1
age
1205134
access-control-max-age
2592000
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
content-length
581
x-amz-cf-id
-F2sJf33IUqS-8X-F5Dq3qX-axZoYrDRmgNT0tgj96OzqBgsL4nzWQ==
ElementControl.js
origin-0.xtlo.net/type=core:clientId=86545:coreAssetsVersion=1544591110420/common/client/
3 KB
1 KB
Script
General
Full URL
https://origin-0.xtlo.net/type=core:clientId=86545:coreAssetsVersion=1544591110420/common/client/ElementControl.js?site=refer.ahsfriends.com
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.199.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-199-128.mxp64.r.cloudfront.net
Software
Extole /
Resource Hash
dfed00cb8d701c7f7b1bef592dab5d5b162c483dac49c5e67c7c3ca619cd602d

Request headers

Referer
https://refer.ahsfriends.com/
Origin
https://refer.ahsfriends.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 19:55:58 GMT
content-encoding
gzip
via
1.1 3495b9515a62390d5318bcb6d011781c.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 19:55:58 GMT
server
Extole
x-amz-cf-pop
MXP64-P2
age
1805351
access-control-max-age
2592000
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
content-length
1072
x-amz-cf-id
3eYrKjC7l1mNdwdnXGBdOuPxXmU8UdRu4ho9CGVDUyQDfCJGvZ0_lQ==
view-state.js
origin-2.xtlo.net/type=core:clientId=86545:coreAssetsVersion=1544591110420/common/client/
1 KB
869 B
Script
General
Full URL
https://origin-2.xtlo.net/type=core:clientId=86545:coreAssetsVersion=1544591110420/common/client/view-state.js?site=refer.ahsfriends.com
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.199.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-199-23.mxp64.r.cloudfront.net
Software
Extole /
Resource Hash
7e6e81ba5e3dd25d4c11650b5f48b7825329fead68fd3722df39c052ec2c329b

Request headers

Referer
https://refer.ahsfriends.com/
Origin
https://refer.ahsfriends.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 19:55:58 GMT
content-encoding
gzip
via
1.1 46abc942c169597ec3a40208e784caca.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 19:55:58 GMT
server
Extole
x-amz-cf-pop
MXP64-P2
age
1805351
access-control-max-age
2592000
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
content-length
468
x-amz-cf-id
eCrXkEs7snTv6tPIhBMWf_UIwwH2lLlPxRhnF-j8I-_BCP5iQocGvA==
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1685974-4&cid=1461684530.1693243509&jid=1964554157&_u=YEBAAUAAAAAAACAAI~&z=960184107
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/5star
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 17:25:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1685974-4&cid=1461684530.1693243509&jid=1964554157&_u=YEBAAUAAAAAAACAAI~&z=960184107
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/5star
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 17:25:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=564418513908009&ev=PageView&dl=https%3A%2F%2Frefer.ahsfriends.com&rl=&if=false&ts=1693243509180&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=28&fbp=fb.1.1693243509177.2049983215&pm=1&hrl=05cf04&it=1693243509094&coo=false&cs_cc=1&cas=6080778908623868%2C4095413373886379%2C5993518854023735%2C3875948829090428%2C2323053441144713&rqm=GET
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/5star
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 28 Aug 2023 17:25:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
api.js
origin-4.xtlo.net/type=core:clientId=86545:coreAssetsVersion=1544591110420/common/
4 KB
2 KB
Script
General
Full URL
https://origin-4.xtlo.net/type=core:clientId=86545:coreAssetsVersion=1544591110420/common/api.js?site=refer.ahsfriends.com
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-81.fra53.r.cloudfront.net
Software
Extole /
Resource Hash
b3a73f5d9d3a4076a1b70133ab6082251172fe50d75312035b5ec67b6eb328ca

Request headers

Referer
https://refer.ahsfriends.com/
Origin
https://refer.ahsfriends.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 11:30:08 GMT
content-encoding
gzip
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified
Mon, 21 Aug 2023 11:30:08 GMT
server
Extole
x-amz-cf-pop
FRA53-C1
age
626101
access-control-max-age
2592000
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
content-length
1420
x-amz-cf-id
muxRTl8nimOF6KPLNFzYhCjScYjKiJt-rAcAIxH9yV3Kth3lhYrWLg==
share_experience
refer.ahsfriends.com/zones/
172 KB
42 KB
XHR
General
Full URL
https://refer.ahsfriends.com/zones/share_experience
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.162.21.79 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-21-79.compute-1.amazonaws.com
Software
Extole /
Resource Hash
a7380240cdf94821e705e1f9981c42153c811dfc42d432773e34ca47a7ab17c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://refer.ahsfriends.com/5star
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 28 Aug 2023 17:25:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="Please see our privacy policy"
server
Extole
x-extole-token
HO29UF1TEMCCV4T51C6DV3HVQR
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/javascript
access-control-allow-origin
https://refer.ahsfriends.com
access-control-expose-headers
X-Extole-Token
cache-control
no-cache
access-control-allow-credentials
true
x-extole-cookie-consent
YEAR
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
expires
Mon, 28 Aug 2023 17:25:08 GMT
965
x379.ahsfriends.com/DG/DEFAULT/rest/rpc/
57 KB
9 KB
XHR
General
Full URL
https://x379.ahsfriends.com/DG/DEFAULT/rest/rpc/965?referer=https%3A%2F%2Frefer.ahsfriends.com%2F5star&bcsessionid=&bctempid=&overruleReferrer=&time=2023-08-28T19%3A25%3A09%2B02%3A00&ts=1693243509318
Requested by
Host: x379.ahsfriends.com
URL: https://x379.ahsfriends.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-75.ams1.r.cloudfront.net
Software
- /
Resource Hash
ae47d6624547fdd4803b72250f4375abb3a231f9882c40a96813dcceedf919a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://refer.ahsfriends.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Aug 2023 17:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 1559f99ec21d6c3066e5715e5c06aa76.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
AMS1-P3
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
8233
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refer.ahsfriends.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
tNf-12Iijk3XKyCcGjl5VPOnYBETdOJTd4KDWok-_x1liunhIM-P7w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
me
refer.ahsfriends.com/api/v4/
274 B
797 B
XHR
General
Full URL
https://refer.ahsfriends.com/api/v4/me
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.162.21.79 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-21-79.compute-1.amazonaws.com
Software
Extole /
Resource Hash
dd4a31ea9b971ccb1397d6a1c9abc09d5401857bfef896fabc21e3bbb9b53cc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://refer.ahsfriends.com/5star
accept-language
de-DE,de;q=0.9
x-extole-app
javascript_sdk
authorization
HO29UF1TEMCCV4T51C6DV3HVQR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
application/json

Response headers

date
Mon, 28 Aug 2023 17:25:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Extole
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json
p3p
CP="Please see our privacy policy"
access-control-expose-headers
X-Extole-Token
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length
172
expires
Mon, 28 Aug 2023 17:25:08 GMT
metrics
refer.ahsfriends.com/api/v4/debug/
35 B
721 B
XHR
General
Full URL
https://refer.ahsfriends.com/api/v4/debug/metrics
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.162.21.79 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-21-79.compute-1.amazonaws.com
Software
Extole /
Resource Hash
6784ed00382120dd4fe67bad54889549a2b7ee60ac93e499aade3b9e7e889dec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://refer.ahsfriends.com/5star
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 28 Aug 2023 17:25:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Extole
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://refer.ahsfriends.com
access-control-expose-headers
X-Extole-Token
cache-control
no-cache
access-control-allow-credentials
true
p3p
CP="Please see our privacy policy"
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length
55
expires
Mon, 28 Aug 2023 17:25:08 GMT
css
fonts.googleapis.com/
2 KB
655 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d243481a66bdffbe09bc2f74f8f1b57714dcd20963e8703c1372716d3fe689a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Aug 2023 17:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 16:15:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Aug 2023 17:25:09 GMT
css
fonts.googleapis.com/
2 KB
631 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8f85cdf3499d284b8a072fdf645d8314e4ff7e444856f0c43d9ca27bfb007b0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Aug 2023 17:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 16:55:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Aug 2023 17:25:09 GMT
main-en.css
origin.xtlo.net/type=creativeArchive:clientId=86545:creativeArchiveId=7013449849955634843:version=8:coreAssetsVersion=1544591110420/css/
94 KB
8 KB
Stylesheet
General
Full URL
https://origin.xtlo.net/type=creativeArchive:clientId=86545:creativeArchiveId=7013449849955634843:version=8:coreAssetsVersion=1544591110420/css/main-en.css
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-90.fra53.r.cloudfront.net
Software
Extole /
Resource Hash
90fee200d8050c6cd429e464aecfa253a861cd57989317c1695b8392abc2c7f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 12:14:31 GMT
content-encoding
gzip
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified
Mon, 21 Aug 2023 12:14:30 GMT
server
Extole
x-amz-cf-pop
FRA53-C1
age
623438
access-control-max-age
2592000
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
content-length
7863
x-amz-cf-id
WPSLWkh6VbEQBRLevWPSqo1LNEwnPjuNdY4cCuw5h2VL8jfPEGvZXQ==
me
refer.ahsfriends.com/api/v4/
274 B
797 B
XHR
General
Full URL
https://refer.ahsfriends.com/api/v4/me
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.162.21.79 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-21-79.compute-1.amazonaws.com
Software
Extole /
Resource Hash
dd4a31ea9b971ccb1397d6a1c9abc09d5401857bfef896fabc21e3bbb9b53cc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://refer.ahsfriends.com/5star
accept-language
de-DE,de;q=0.9
x-extole-app
javascript_sdk
authorization
HO29UF1TEMCCV4T51C6DV3HVQR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
application/json

Response headers

date
Mon, 28 Aug 2023 17:25:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Extole
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json
p3p
CP="Please see our privacy policy"
access-control-expose-headers
X-Extole-Token
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length
172
expires
Mon, 28 Aug 2023 17:25:08 GMT
9765b09032fd3829b256a324b9d5855d80f0d706.js
api.cloudsponge.com/widget/
4 KB
4 KB
Script
General
Full URL
https://api.cloudsponge.com/widget/9765b09032fd3829b256a324b9d5855d80f0d706.js
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.81.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-101.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2b1755b39d90066875b1e5e0e630b15c5bf2be1df8df56cab502b152d4a13024
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cloudsponge.com
X-Frame-Options ALLOW-FROM https://www.cloudsponge.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-runtime
0.013017
date
Mon, 28 Aug 2023 17:25:09 GMT
content-security-policy
frame-ancestors https://www.cloudsponge.com
server
nginx
etag
W/"2b1755b39d90066875b1e5e0e630b15c"
x-frame-options
ALLOW-FROM https://www.cloudsponge.com
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public
x-request-id
b124778f-9823-40f2-8a2b-aec1fbb850b0
20-AHS-Web-1072-SharExperince_1605735510601.jpg
origin.xtlo.net/type=creativeArchive:clientId=86545:creativeArchiveId=7013449849955634843:version=8:coreAssetsVersion=1544591110420/img/
44 KB
43 KB
Image
General
Full URL
https://origin.xtlo.net/type=creativeArchive:clientId=86545:creativeArchiveId=7013449849955634843:version=8:coreAssetsVersion=1544591110420/img/20-AHS-Web-1072-SharExperince_1605735510601.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-90.fra53.r.cloudfront.net
Software
Extole /
Resource Hash
ba4cbf8261dfa658ba159829680ae6aa6899a5025f7d87370e95b5ff02b686c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 12:14:31 GMT
content-encoding
gzip
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified
Mon, 21 Aug 2023 12:14:30 GMT
server
Extole
x-amz-cf-pop
FRA53-C1
age
623438
access-control-max-age
2592000
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
x-amz-cf-id
63vCZo4XIJMHeNGmdKyZZdU4iVDsIeEphxIjd4xgOUUOwRtavtKfeQ==
20-AHS-Web-1072-SharExperinceMobile_1605735653964.jpg
origin.xtlo.net/type=creativeArchive:clientId=86545:creativeArchiveId=7013449849955634843:version=8:coreAssetsVersion=1544591110420/img/
39 KB
39 KB
Image
General
Full URL
https://origin.xtlo.net/type=creativeArchive:clientId=86545:creativeArchiveId=7013449849955634843:version=8:coreAssetsVersion=1544591110420/img/20-AHS-Web-1072-SharExperinceMobile_1605735653964.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-90.fra53.r.cloudfront.net
Software
Extole /
Resource Hash
a8f8b68989323bf156a93db16977d6993b962001498ffeb5f2ba5c318b4d45ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 12:14:31 GMT
content-encoding
gzip
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified
Mon, 21 Aug 2023 12:14:30 GMT
server
Extole
x-amz-cf-pop
FRA53-C1
age
623438
access-control-max-age
2592000
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
x-amz-cf-id
_A3wC8PtgGQBFmfMo-wuQuHW48AxgjSU9LtaeZ7Bpk739Z0b2Z-KEg==
metrics
refer.ahsfriends.com/api/v4/debug/
35 B
721 B
XHR
General
Full URL
https://refer.ahsfriends.com/api/v4/debug/metrics
Requested by
Host: refer.ahsfriends.com
URL: https://refer.ahsfriends.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.162.21.79 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-21-79.compute-1.amazonaws.com
Software
Extole /
Resource Hash
340efa2e771bc1cac70b983fc11812119dab1f0b3f8c2881b650b719456b4559
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://refer.ahsfriends.com/5star
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 28 Aug 2023 17:25:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Extole
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://refer.ahsfriends.com
access-control-expose-headers
X-Extole-Token
cache-control
no-cache
access-control-allow-credentials
true
p3p
CP="Please see our privacy policy"
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length
55
expires
Mon, 28 Aug 2023 17:25:08 GMT
a4ba42678df4b1025b1a184373f78230
x379.ahsfriends.com/plugin/plugin/
60 KB
15 KB
Script
General
Full URL
https://x379.ahsfriends.com/plugin/plugin/a4ba42678df4b1025b1a184373f78230
Requested by
Host: x379.ahsfriends.com
URL: https://x379.ahsfriends.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-75.ams1.r.cloudfront.net
Software
- /
Resource Hash
e38893f736c632afc1cbb2cf70591b45640ab44073479df143f10b47c2a0fcdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 21:01:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 1559f99ec21d6c3066e5715e5c06aa76.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
AMS1-P3
age
1801395
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
14739
x-xss-protection
1; mode=block
last-modified
Sun, 06 Aug 2023 21:01:54 GMT
server
-
etag
a4ba42678df4b1025b1a184373f78230
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
z1nwtCHvm19TYT7mtZZTbt20f_R3bCnqD5VoJQFkZbUVqRhVUhuS3Q==
expires
Tue, 06 Aug 2024 21:01:54 GMT
63f0b26548dbaa8f8a947da7c7252ef7
x379.ahsfriends.com/plugin/library/
263 KB
85 KB
Script
General
Full URL
https://x379.ahsfriends.com/plugin/library/63f0b26548dbaa8f8a947da7c7252ef7
Requested by
Host: x379.ahsfriends.com
URL: https://x379.ahsfriends.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-75.ams1.r.cloudfront.net
Software
- /
Resource Hash
711133465f578ed4d99d39f33c209f605721ca7d3820e03d8fe4d30389b48eb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 21:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 1559f99ec21d6c3066e5715e5c06aa76.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
AMS1-P3
age
1801085
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
85912
x-xss-protection
1; mode=block
last-modified
Sun, 06 Aug 2023 21:07:03 GMT
server
-
etag
63f0b26548dbaa8f8a947da7c7252ef7
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
wdr2uU-W2gOFPhbSYuHsAvHItOdRr7z5SY-Y75pzH_yGQfep0UNN1Q==
expires
Tue, 06 Aug 2024 21:07:03 GMT
LB-Zone-2
x379.ahsfriends.com/DG/DEFAULT/rest/rpc/965/
2 KB
2 KB
XHR
General
Full URL
https://x379.ahsfriends.com/DG/DEFAULT/rest/rpc/965/LB-Zone-2?referer=https%3A%2F%2Frefer.ahsfriends.com%2F5star&bcsessionid=&bctempid=c4ed5e85-5782-4f5a-bd9d-63533f3230f9&overruleReferrer=&time=2023-08-28T19%3A25%3A09%2B02%3A00&ts=1693243509797
Requested by
Host: x379.ahsfriends.com
URL: https://x379.ahsfriends.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-75.ams1.r.cloudfront.net
Software
- /
Resource Hash
f941d71b8716616e309cff6b005ab11484865c2de6157632880d3d88bbf1089f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://refer.ahsfriends.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Aug 2023 17:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 1559f99ec21d6c3066e5715e5c06aa76.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
AMS1-P3
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
945
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refer.ahsfriends.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
lbOwxJVNmtJIlrRfIC2Ge0_NYio52CFfdQ-MH5l2apaKUAAoBFZcWA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
address_books16-6568e47320c6b0094abbc3fda6b91a24fb4bde8dcb99c57a54144024db330c17.js
api.cloudsponge.com/assets/
145 KB
40 KB
Script
General
Full URL
https://api.cloudsponge.com/assets/address_books16-6568e47320c6b0094abbc3fda6b91a24fb4bde8dcb99c57a54144024db330c17.js
Requested by
Host: api.cloudsponge.com
URL: https://api.cloudsponge.com/widget/9765b09032fd3829b256a324b9d5855d80f0d706.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.81.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-101.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6568e47320c6b0094abbc3fda6b91a24fb4bde8dcb99c57a54144024db330c17

Request headers

Referer
https://refer.ahsfriends.com/
Origin
https://refer.ahsfriends.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 17:25:10 GMT
content-encoding
gzip
last-modified
Fri, 07 Jul 2023 19:11:41 GMT
server
nginx
etag
"64a8636d-9efd"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
content-length
40701
expires
Thu, 31 Dec 2037 23:55:55 GMT
wlt
api.cloudsponge.com/
43 B
467 B
Image
General
Full URL
https://api.cloudsponge.com/wlt?k=9765b09032fd3829b256a324b9d5855d80f0d706&t=k&v=1.6.0&h=refer.ahsfriends.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.81.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-101.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cloudsponge.com
X-Frame-Options ALLOW-FROM https://www.cloudsponge.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-runtime
0.009030
date
Mon, 28 Aug 2023 17:25:10 GMT
content-security-policy
frame-ancestors https://www.cloudsponge.com
content-encoding
gzip
server
nginx
etag
W/"a065920df8cc4016d67c3a464be90099"
x-frame-options
ALLOW-FROM https://www.cloudsponge.com
p3p
policyref="/w3c/policy1.p3p",CP="ALL DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
x-request-id
b665cf09-5a81-432b-96a0-1778dba4bc73
965
x379.ahsfriends.com/DG/DEFAULT/rest/rpc/
562 B
1 KB
XHR
General
Full URL
https://x379.ahsfriends.com/DG/DEFAULT/rest/rpc/965?referer=https%3A%2F%2Frefer.ahsfriends.com%2F5star&bcsessionid=c4ed5e85-5782-4f5a-bd9d-63533f3230f9&bctempid=&overruleReferrer=&time=2023-08-28T19%3A25%3A10%2B02%3A00&ts=1693243510194
Requested by
Host: x379.ahsfriends.com
URL: https://x379.ahsfriends.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-75.ams1.r.cloudfront.net
Software
- /
Resource Hash
22a8fb45667300981bc526d92ca904acb4c0f4df3f051bfd6322e939aa3cd298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://refer.ahsfriends.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Aug 2023 17:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 1559f99ec21d6c3066e5715e5c06aa76.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
AMS1-P3
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
181
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refer.ahsfriends.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
1oD6JZKlgSBk9rwH0LcqO4rnu6MN2Gs9MBhCa0yNtwjsWeCXFMhrsw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
965
x379.ahsfriends.com/DG/DEFAULT/rest/rpc/
188 B
1 KB
XHR
General
Full URL
https://x379.ahsfriends.com/DG/DEFAULT/rest/rpc/965?referer=https%3A%2F%2Frefer.ahsfriends.com%2F5star&bcsessionid=c4ed5e85-5782-4f5a-bd9d-63533f3230f9&bctempid=&overruleReferrer=&time=2023-08-28T19%3A25%3A10%2B02%3A00&ts=1693243510196
Requested by
Host: x379.ahsfriends.com
URL: https://x379.ahsfriends.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-75.ams1.r.cloudfront.net
Software
- /
Resource Hash
99ae6778f0a0ab1910e291f7350059a68a4f96868fd90d5a710a76aeee9d0e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://refer.ahsfriends.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Aug 2023 17:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 1559f99ec21d6c3066e5715e5c06aa76.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
AMS1-P3
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
167
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refer.ahsfriends.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
4HvvSeUYbGcbxVLt8fMl6ePHVkQylL5_liT5kGD8c7defk5kRqZnvA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=737166793&t=event&ni=1&_s=2&dl=https%3A%2F%2Frefer.ahsfriends.com%2F5star&ul=en-us&de=UTF-8&dt=American%20Home%20Shield%20Refer%20a%20Friend%20Program&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=BlueConic&ea=Profile&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=1461684530.1693243509&uid=c4ed5e85-5782-4f5a-bd9d-63533f3230f9&tid=UA-1685974-4&_gid=405490819.1693243509&gtm=457e38n0&cd124=c4ed5e85-5782-4f5a-bd9d-63533f3230f9&z=2021753979
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 22:25:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68391
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=737166793&t=event&ni=1&_s=3&dl=https%3A%2F%2Frefer.ahsfriends.com%2F5star&ul=en-us&de=UTF-8&dt=American%20Home%20Shield%20Refer%20a%20Friend%20Program&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=BlueConic&ea=Profile&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=1461684530.1693243509&uid=c4ed5e85-5782-4f5a-bd9d-63533f3230f9&tid=UA-1685974-4&_gid=405490819.1693243509&gtm=457e38n0&cd126=&cd127=&cd128=&z=613292783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 22:25:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68391
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=737166793&t=event&ni=1&_s=4&dl=https%3A%2F%2Frefer.ahsfriends.com%2F5star&ul=en-us&de=UTF-8&dt=American%20Home%20Shield%20Refer%20a%20Friend%20Program&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=BlueConic&ea=Profile&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=1461684530.1693243509&uid=c4ed5e85-5782-4f5a-bd9d-63533f3230f9&tid=UA-1685974-4&_gid=405490819.1693243509&gtm=457e38n0&cd125=&z=925720082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 22:25:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68391
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cs
frontdoor.blueconic.net/DG/DEFAULT/
66 B
856 B
Script
General
Full URL
https://frontdoor.blueconic.net/DG/DEFAULT/cs?bcsessionid=c4ed5e85-5782-4f5a-bd9d-63533f3230f9&&callback=bc_json967
Requested by
Host: x379.ahsfriends.com
URL: https://x379.ahsfriends.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.216.15.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-15-3.compute-1.amazonaws.com
Software
- /
Resource Hash
b84f4d06c43851c56e137b9c22dc926d164a954b31c04331ddfd14ce1cb753c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 17:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
auth
api.cloudsponge.com/api/
37 B
431 B
XHR
General
Full URL
https://api.cloudsponge.com/api/auth?
Requested by
Host: api.cloudsponge.com
URL: https://api.cloudsponge.com/assets/address_books16-6568e47320c6b0094abbc3fda6b91a24fb4bde8dcb99c57a54144024db330c17.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.81.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-101.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1931c9c68e4ee2b57831a0acc8bea584ff3aa124a1d6cbebc5a8bfe82cc1e742
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cloudsponge.com
X-Frame-Options ALLOW-FROM https://www.cloudsponge.com

Request headers

Referer
https://refer.ahsfriends.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
Authorization
Basic OTc2NWIwOTAzMmZkMzgyOWIyNTZhMzI0YjlkNTg1NWQ4MGYwZDcwNjo=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-runtime
0.006105
date
Mon, 28 Aug 2023 17:25:10 GMT
content-security-policy
frame-ancestors https://www.cloudsponge.com
server
nginx
x-frame-options
ALLOW-FROM https://www.cloudsponge.com
access-control-max-age
7200
access-control-allow-methods
OPTIONS, POST, GET
access-control-allow-origin
https://refer.ahsfriends.com
access-control-expose-headers
cache-control
no-cache
content-type
application/json; charset=utf-8
vary
Origin
x-request-id
e36a111e-48b7-40fe-8534-452f3a79004e
auth
api.cloudsponge.com/api/
0
0
Preflight
General
Full URL
https://api.cloudsponge.com/api/auth?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.81.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-101.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-requested-with
Access-Control-Request-Method
GET
Origin
https://refer.ahsfriends.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers
authorization,x-requested-with
access-control-allow-methods
OPTIONS, POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
date
Mon, 28 Aug 2023 17:25:10 GMT
server
nginx
collect
collect.cloudsponge.com/v1/
19 B
379 B
XHR
General
Full URL
https://collect.cloudsponge.com/v1/collect?an=CloudSponge%20Widget&tid=UA-10218190-7&dl=%2Fload&dt=Loaded%20Script&dr=https%3A%2F%2Frefer.ahsfriends.com%2F5star&k=9765b09032fd3829b256a324b9d5855d80f0d706&av=1.6.0&cid=CA1.1.1491990360.1693243511&t=pageview&ts=1693243510758
Requested by
Host: api.cloudsponge.com
URL: https://api.cloudsponge.com/assets/address_books16-6568e47320c6b0094abbc3fda6b91a24fb4bde8dcb99c57a54144024db330c17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.199.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-199-105.mxp64.r.cloudfront.net
Software
/
Resource Hash
70358b772fc9a444816f49f054eb8e785c265815592c3bb474e63eb6bf850be6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 17:25:11 GMT
via
1.1 2a8b2d3e9bd5df82402374dbf8edcd96.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-P2
x-amzn-trace-id
Root=1-64ecd877-1291cf335032c11b77668284
x-amzn-requestid
2d3682ae-e36d-40cc-9e2d-a801e4803914
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
KYbCqE0PIAMFzkg=
content-length
19
x-amz-cf-id
VjSlsB7zldFyM4OWJ31STnubH1LBt2K5Afz3J7J5t8VNNqozP2i0Cg==
high-contrast-8ff85710d83fb8cb1002caa44a704f79ade7bff703ed19947162ff6c5a7a02e3.css
api.cloudsponge.com/assets/themes/
61 KB
11 KB
Stylesheet
General
Full URL
https://api.cloudsponge.com/assets/themes/high-contrast-8ff85710d83fb8cb1002caa44a704f79ade7bff703ed19947162ff6c5a7a02e3.css
Requested by
Host: api.cloudsponge.com
URL: https://api.cloudsponge.com/assets/address_books16-6568e47320c6b0094abbc3fda6b91a24fb4bde8dcb99c57a54144024db330c17.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.81.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-101.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8ff85710d83fb8cb1002caa44a704f79ade7bff703ed19947162ff6c5a7a02e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refer.ahsfriends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 17:25:10 GMT
content-encoding
gzip
last-modified
Fri, 07 Jul 2023 19:11:42 GMT
server
nginx
etag
"64a8636e-2b62"
content-type
text/css
cache-control
max-age=315360000
content-length
11106
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| extole object| blueConicPreListeners function| BCClass object| blueConicClient function| gtag object| dataLayer function| fbq function| _fbq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| bc_json966 object| cloudspongeProxy object| cloudsponge function| $ function| RuleService function| FormRuleService object| justDetectAdblock object| bcConnectionUtil function| md5 object| regeneratorRuntime function| BlueConicDataLayerUtility boolean| bcUrlListenerActive object| bc_json967 object| cloudspongeUI object| CS_LOCALE function| authToken object| csWidgetTemplate object| csContactsTemplate object| csUtils object| csTemplate object| csWebHooks object| csModel object| csStorage object| csPreferences object| csLoadingView object| csBooksView object| csLoginView object| csImportView object| csContactsView object| csWidget function| csLaunch function| csInit

13 Cookies

Domain/Path Name / Value
x379.ahsfriends.com/DG/DEFAULT Name: BCSessionID
Value: c4ed5e85-5782-4f5a-bd9d-63533f3230f9
frontdoor.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: c4ed5e85-5782-4f5a-bd9d-63533f3230f9
.refer.ahsfriends.com/ Name: access_token
Value: HO29UF1TEMCCV4T51C6DV3HVQR
.refer.ahsfriends.com/ Name: xtl_bid
Value: 7272425488338120339
.ahsfriends.com/ Name: _ga
Value: GA1.2.1461684530.1693243509
.ahsfriends.com/ Name: _gid
Value: GA1.2.405490819.1693243509
.ahsfriends.com/ Name: _gat_gtag_UA_1685974_4
Value: 1
.ahsfriends.com/ Name: _fbp
Value: fb.1.1693243509177.2049983215
refer.ahsfriends.com/ Name: extole_access_token
Value: HO29UF1TEMCCV4T51C6DV3HVQR
refer.ahsfriends.com/ Name: BCSessionID
Value: c4ed5e85-5782-4f5a-bd9d-63533f3230f9
frontdoor.blueconic.net/ Name: AWSALBCORS
Value: DaOn1spKySK3fX99PxMap/UbEOlwENmnF7mrgmdGa8uaz9s1cXgRddoCjxKZJ5ZSANVMZSpBtKo4f2UVdZ42G/Oef00qBmdc40hy/REIDPtWXLJhinlf7gvQovaI
x379.ahsfriends.com/ Name: AWSALB
Value: VjpLCPq7r25Pt2MbfvDRoE24/tiEWj8syMKQwjlNwYO64Znf4P00q2TyiorRziygEF/pT0mivpyCa9uZ0AyqbWdAuIRyTTfShVXZpxApgT0UWb0zLX6jS13SR79g
x379.ahsfriends.com/ Name: AWSALBCORS
Value: VjpLCPq7r25Pt2MbfvDRoE24/tiEWj8syMKQwjlNwYO64Znf4P00q2TyiorRziygEF/pT0mivpyCa9uZ0AyqbWdAuIRyTTfShVXZpxApgT0UWb0zLX6jS13SR79g

1 Console Messages

Source Level URL
Text
network error URL: https://api.cloudsponge.com/api/auth?
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://*.extole.com frame-ancestors https://*.extole.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://*.extole.com ALLOW-FROM https://*.extole.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cloudsponge.com
collect.cloudsponge.com
connect.facebook.net
fonts.googleapis.com
frontdoor.blueconic.net
origin-0.xtlo.net
origin-2.xtlo.net
origin-3.xtlo.net
origin-4.xtlo.net
origin-7.xtlo.net
origin.xtlo.net
refer.ahsfriends.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x379.ahsfriends.com
108.138.199.105
108.138.199.128
108.138.199.23
143.204.215.81
143.204.215.90
18.239.94.75
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c07::9c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.216.15.3
34.237.81.101
54.162.21.79
115f2d938a1c9e14ce9b33b6ed1949ec9b320ca3a2ee16a11a6552f402a6a0a1
1931c9c68e4ee2b57831a0acc8bea584ff3aa124a1d6cbebc5a8bfe82cc1e742
22a8fb45667300981bc526d92ca904acb4c0f4df3f051bfd6322e939aa3cd298
2b1755b39d90066875b1e5e0e630b15c5bf2be1df8df56cab502b152d4a13024
340efa2e771bc1cac70b983fc11812119dab1f0b3f8c2881b650b719456b4559
6568e47320c6b0094abbc3fda6b91a24fb4bde8dcb99c57a54144024db330c17
6784ed00382120dd4fe67bad54889549a2b7ee60ac93e499aade3b9e7e889dec
70358b772fc9a444816f49f054eb8e785c265815592c3bb474e63eb6bf850be6
711133465f578ed4d99d39f33c209f605721ca7d3820e03d8fe4d30389b48eb1
78727aaa6a455ee033f419aa8afb18ad43ffbfcfbb9af2c5b0eef88ba4687127
7a3461d6811635bb8776d1eb866ab851494bcc637ef88245520e60fd9a0f443c
7e6e81ba5e3dd25d4c11650b5f48b7825329fead68fd3722df39c052ec2c329b
7ffe0dd284ef77a1231bed65c510e6c26d7d996e627ed3c337b5243631d8ecda
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8f85cdf3499d284b8a072fdf645d8314e4ff7e444856f0c43d9ca27bfb007b0a
8ff85710d83fb8cb1002caa44a704f79ade7bff703ed19947162ff6c5a7a02e3
90fee200d8050c6cd429e464aecfa253a861cd57989317c1695b8392abc2c7f0
99ae6778f0a0ab1910e291f7350059a68a4f96868fd90d5a710a76aeee9d0e2c
9abcc3cc4b635f1952f38f4bc9cd9826f4db9851fcacd0cd1d9a3498024fed0b
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a7380240cdf94821e705e1f9981c42153c811dfc42d432773e34ca47a7ab17c2
a80a5d8265d67ca82f6b810460cb1ad44da0d4dc4bf47baaafc32944bdd2dd94
a8f8b68989323bf156a93db16977d6993b962001498ffeb5f2ba5c318b4d45ff
aa752b197f35b3efaf4ffa99b6c15dda2cbe5f7aaae7e7dc0d0113836c7b1cc2
ae47d6624547fdd4803b72250f4375abb3a231f9882c40a96813dcceedf919a4
b3a73f5d9d3a4076a1b70133ab6082251172fe50d75312035b5ec67b6eb328ca
b84f4d06c43851c56e137b9c22dc926d164a954b31c04331ddfd14ce1cb753c2
ba4cbf8261dfa658ba159829680ae6aa6899a5025f7d87370e95b5ff02b686c9
d243481a66bdffbe09bc2f74f8f1b57714dcd20963e8703c1372716d3fe689a5
d6ba97b38dc44f2e623e9e25e891f7b8842cd1978e15a718a36d5aed85e8415d
dd4a31ea9b971ccb1397d6a1c9abc09d5401857bfef896fabc21e3bbb9b53cc2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfed00cb8d701c7f7b1bef592dab5d5b162c483dac49c5e67c7c3ca619cd602d
e38893f736c632afc1cbb2cf70591b45640ab44073479df143f10b47c2a0fcdd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e3834599cdc286a843a1fc23186718a852ec7be48f4803635c9610632476ad
e7bc7e5a0a378464cf46f2838feb9c0f2a6cfca623083948c8cb2167b9a2dbd2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5652ce54c5c5c825d9d0d503dc0153eba073e3dba6843279b0870ba1e1ddd66
f941d71b8716616e309cff6b005ab11484865c2de6157632880d3d88bbf1089f