www.triahealth.com Open in urlscan Pro
64.126.115.53  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://r.sbemail.triahealth.com/tr/cl/-qeoqXJK0wNANz_K45aSF7VKx_uMAR-Y1qu1WN9xiTx0qnoFYDbnRh_ZGry-RqYYQjTsTJ-MjuKo96rsardgkOyRPZFIXFibVGNqcSL4mWnZJ41SgzmigMy4pJD020WVfeIBqtik4jbUgHSbB60o2HaMiiozFPmYjLBrb8iVuoo1aGhrB-AcAyGaTGaCkkflIPtwZ6sPASP0pC2XD2hxc9f1i4Dl7_yGNMAA4137WqYy6Qu523KtAmo_9nJvrw2FLk_nt5iJxxACl90o4En9bSgkgJ7G05BbyBLMZ7MUzzgNAZGo0LvD8GBmGfFaadclgjN8eGIcU3jIn5xqbaW0CVM97HBjzgZl3uF0_3XdDQ Page URL
2. https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3004892&time=1643293943838&url=https%3A%2F%2Fwww.triahealth.com%2Fenroll%3Futm_source%3Dsendinblue%26utm_campaign%3DPA_Trigger_First_Distribution%26utm_medium%3Demail HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3004892%26time%3D1643293943838%26url%3Dhttps%253A%252F%252Fwww.triahealth.com%252Fenroll%253Futm_source%253Dsendinblue%2526utm_campaign%253DPA_Trigger_First_Distribution%2526utm_medium%253Demail%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3004892&time=1643293943838&url=https%3A%2F%2Fwww.triahealth.com%2Fenroll%3Futm_source%3Dsendinblue%26utm_campaign%3DPA_Trigger_First_Distribution%26utm_medium%3Demail&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3004892&time=1643293943838&url=https%3A%2F%2Fwww.triahealth.com%2Fenroll%3Futm_source%3Dsendinblue%26utm_campaign%3DPA_Trigger_First_Distribution%26utm_medium%3Demail&liSync=true&e_ipv6=AQJhmcDH-MRJnQAAAX6b86ps5EmKQLjkT29FTxi6hoSBKWE4By3FYlL-ibf3cWe1dt-Ecn0

Request Chain 49

• https://insight.adsrvr.org/tags/ric3145/jdn9ba7/iframe HTTP 303
• https://d1eoo1tco6rr5e.cloudfront.net/ric3145/jdn9ba7/iframe

Request Chain 50

• https://insight.adsrvr.org/tags/ric3145/69f0ob9/iframe HTTP 303
• https://d1eoo1tco6rr5e.cloudfront.net/ric3145/69f0ob9/iframe

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	-qeoqXJK0wNANz_K45aSF7VKx_uMAR-Y1qu1WN9xiTx0qnoFYDbnRh_ZGry-RqYYQjTsTJ-MjuKo96rsardgkOyRPZFIXFibVGNqcSL4mWnZJ41SgzmigMy4pJD020WVfeIBqtik4jbUgHSbB60o2HaMiiozFPmYjLBrb8iVuoo1aGhrB-AcAyGaTGaCkkflIPtwZ... Show response r.sbemail.triahealth.com/tr/cl/	926 B 1 KB	161ms 26ms	Document text/html	185.107.232.127 SENDINBLUE-ASN
General Check archive.org Show headers Download Go to Full URL https://r.sbemail.triahealth.com/tr/cl/-qeoqXJK0wNANz_K45aSF7VKx_uMAR-Y1qu1WN9xiTx0qnoFYDbnRh_ZGry-RqYYQjTsTJ-MjuKo96rsardgkOyRPZFIXFibVGNqcSL4mWnZJ41SgzmigMy4pJD020WVfeIBqtik4jbUgHSbB60o2HaMiiozFPmYjLBrb8iVuoo1aGhrB-AcAyGaTGaCkkflIPtwZ6sPASP0pC2XD2hxc9f1i4Dl7_yGNMAA4137WqYy6Qu523KtAmo_9nJvrw2FLk_nt5iJxxACl90o4En9bSgkgJ7G05BbyBLMZ7MUzzgNAZGo0LvD8GBmGfFaadclgjN8eGIcU3jIn5xqbaW0CVM97HBjzgZl3uF0_3XdDQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.107.232.127 , France, ASN200484 (SENDINBLUE-ASN, FR), Reverse DNS Software / Resource Hash 5d72b5a81aef692c91f89a48f4921f65cb78672f5ef19922137014ae0048f5e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Response headers content-type text/html; charset=utf-8 date Thu, 27 Jan 2022 14:32:21 GMT x-content-type-options nosniff x-sib-server red2.dc2.51b.tech x-xss-protection 1 content-length 926
GET H2	200	cm.html Show response sibautomation.com/ Frame 004D	3 KB 2 KB	88ms 35ms	Document text/html	2606:4700::6812:1962 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sibautomation.com/cm.html?id=1928783 Requested by Host: r.sbemail.triahealth.com URL: https://r.sbemail.triahealth.com/tr/cl/-qeoqXJK0wNANz_K45aSF7VKx_uMAR-Y1qu1WN9xiTx0qnoFYDbnRh_ZGry-RqYYQjTsTJ-MjuKo96rsardgkOyRPZFIXFibVGNqcSL4mWnZJ41SgzmigMy4pJD020WVfeIBqtik4jbUgHSbB60o2HaMiiozFPmYjLBrb8iVuoo1aGhrB-AcAyGaTGaCkkflIPtwZ6sPASP0pC2XD2hxc9f1i4Dl7_yGNMAA4137WqYy6Qu523KtAmo_9nJvrw2FLk_nt5iJxxACl90o4En9bSgkgJ7G05BbyBLMZ7MUzzgNAZGo0LvD8GBmGfFaadclgjN8eGIcU3jIn5xqbaW0CVM97HBjzgZl3uF0_3XdDQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1962 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Sails <sailsjs.com> Resource Hash 6e0249aa129ceb115e2362f634785fded444f9868ec02c4dcc98fa7e05a5f361 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://r.sbemail.triahealth.com/ Response headers date Thu, 27 Jan 2022 14:32:21 GMT content-type text/html; charset=utf-8 vary Accept-Encoding cf-apo-via origin,host expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-powered-by Sails <sailsjs.com> access-control-allow-origin * x-sib-server SENDINBLUE-web2-3 x-content-type-options nosniff x-xss-protection 1 cf-cache-status HIT age 3065 last-modified Thu, 27 Jan 2022 13:41:16 GMT expires Thu, 27 Jan 2022 16:32:21 GMT cache-control public, max-age=7200 server cloudflare cf-ray 6d42b09f7f3f32ab-CDG content-encoding gzip
GET H2	200	v652eace1692a40cfa3763df669d7439c1639079717194 Show response static.cloudflareinsights.com/beacon.min.js/ Frame 004D	14 KB 5 KB	119ms 71ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Requested by Host: sibautomation.com URL: https://sibautomation.com/cm.html?id=1928783 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Request headers Referer https://sibautomation.com/ Origin https://sibautomation.com Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:21 GMT content-encoding gzip last-modified Thu, 09 Dec 2021 19:55:17 GMT server cloudflare etag W/2021.12.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 6d42b0a01cb8ee0f-CDG
GET H2	204	cm Show response in-automate.sendinblue.com/ Frame 004D	0 203 B	118ms 69ms	XHR text/plain	2606:4700::6811:90c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://in-automate.sendinblue.com/cm?uuid=bfb6e3fa-3560-43b5-a05a-ac24408e0116&key=htugqpbi6hs0avi9lmtge&trans=1&message_id=bf62e67f-fb72-4c34-942e-778b6a03c7bc Requested by Host: sibautomation.com URL: https://sibautomation.com/cm.html?id=1928783 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:90c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://sibautomation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:21 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-origin * cache-control no-cache cf-apo-via origin,host cf-ray 6d42b0a01dfe39f9-CDG
GET H/1.1	200 OK	Primary Request enroll Show response www.triahealth.com/	26 KB 8 KB	973ms 159ms	Document text/html	64.126.115.53 SUREWEST-KANSAS
General Check archive.org Show headers Download Go to Full URL https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Requested by Host: r.sbemail.triahealth.com URL: https://r.sbemail.triahealth.com/tr/cl/-qeoqXJK0wNANz_K45aSF7VKx_uMAR-Y1qu1WN9xiTx0qnoFYDbnRh_ZGry-RqYYQjTsTJ-MjuKo96rsardgkOyRPZFIXFibVGNqcSL4mWnZJ41SgzmigMy4pJD020WVfeIBqtik4jbUgHSbB60o2HaMiiozFPmYjLBrb8iVuoo1aGhrB-AcAyGaTGaCkkflIPtwZ6sPASP0pC2XD2hxc9f1i4Dl7_yGNMAA4137WqYy6Qu523KtAmo_9nJvrw2FLk_nt5iJxxACl90o4En9bSgkgJ7G05BbyBLMZ7MUzzgNAZGo0LvD8GBmGfFaadclgjN8eGIcU3jIn5xqbaW0CVM97HBjzgZl3uF0_3XdDQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 64.126.115.53 Olathe, United States, ASN18712 (SUREWEST-KANSAS, US), Reverse DNS 64-126-115-53.static.everestkc.net Software Microsoft-IIS/8.5 / Resource Hash f036fc8fc9de360a47df553c1d5e4638f36e62a6d731fc5f969b69a470130ad4 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://r.sbemail.triahealth.com/ Response headers Cache-Control public, no-store, max-age=0 Content-Type text/html; charset=utf-8 Content-Encoding gzip Expires Thu, 27 Jan 2022 14:32:18 GMT Last-Modified Thu, 27 Jan 2022 14:32:18 GMT Vary * Server Microsoft-IIS/8.5 X-AspNetMvc-Version 5.2 X-Frame-Options SAMEORIGIN X-AspNet-Version 4.0.30319 Date Thu, 27 Jan 2022 14:32:18 GMT Content-Length 7272
POST H2	200	rum sibautomation.com/cdn-cgi/ Frame 004D	0 58 B	22ms 22ms	XHR text/plain	2606:4700::6812:1962 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sibautomation.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1962 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://sibautomation.com/cm.html?id=1928783 Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 content-type application/json Response headers date Thu, 27 Jan 2022 14:32:21 GMT x-content-type-options nosniff server cloudflare cf-ray 6d42b0a099da32ab-CDG x-frame-options DENY
POST		rum sibautomation.com/cdn-cgi/ Frame 004D	0 0
GET H2	200	335298f183304dcd453b3215.js Show response cdn-cookieyes.com/client_data/	127 KB 40 KB	119ms 58ms	Script application/javascript	2606:4700:20::681a:146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-cookieyes.com/client_data/335298f183304dcd453b3215.js Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c044825d28704bf719808f069b77217d480f098ab27d88b4d9533b6118cbb37 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:22 GMT content-encoding br cf-cache-status HIT last-modified Mon, 24 Jan 2022 20:30:18 GMT server cloudflare age 236496 etag W/"1faa4-5d659d645d4c1-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FB%2BdjBMp07hV7ctK9IcT8wXVfcJBOkliZojzmDr8XmELKo4WbEFJqtvvFXJuaB3iglO5lpjtquC5BVaO0b66N0xzxKGelt9i2P1C5sMkH%2FM6Q39deQYmgDtFELG6aN7cOskHC4GDO99MTQrEL%2BHv"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=0, s-maxage=604800, proxy-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6d42b0a71d45ee75-CDG
GET H2	200	f351a3b12b.js Show response kit.fontawesome.com/	11 KB 4 KB	129ms 84ms	Script text/javascript	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/f351a3b12b.js Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fee12dfe8cfe1cb0fa22a63f12927dc2c9d295f71e29162e10f66d771268089e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Referer https://www.triahealth.com/ Origin https://www.triahealth.com Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:22 GMT content-encoding gzip cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * access-control-max-age 3000 cache-control max-age=60, public, must-revalidate strict-transport-security max-age=31536000; preload cf-ray 6d42b0a70aa93b25-CDG access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id Fs4nInJCpr8kRIERZuqj
GET H/1.1	200 OK	jquery Show response www.triahealth.com/bundles/	342 KB 132 KB	142ms 142ms	Script text/javascript	64.126.115.53 SUREWEST-KANSAS
General Check archive.org Show headers Download Go to Full URL https://www.triahealth.com/bundles/jquery?v=feGGwe85cRHjCX0zvs2fJOEfDiUVpGGM4WFANCYtbsU1 Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 64.126.115.53 Olathe, United States, ASN18712 (SUREWEST-KANSAS, US), Reverse DNS 64-126-115-53.static.everestkc.net Software Microsoft-IIS/8.5 / Resource Hash 87c443a04522678e6aa3b89dc387c97a52f110074019394379717a9133a3fc4e Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 27 Jan 2022 14:32:18 GMT Content-Encoding gzip Last-Modified Thu, 27 Jan 2022 14:32:18 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 Vary User-Agent,Accept-Encoding Content-Type text/javascript; charset=utf-8 Cache-Control public Transfer-Encoding chunked Expires Fri, 27 Jan 2023 14:32:18 GMT
GET H/1.1	200 OK	settings.css www.triahealth.com/Scripts/rs-plugin/css/	36 KB 7 KB	502ms 251ms	Stylesheet text/css	64.126.115.53 SUREWEST-KANSAS
General Check archive.org Show headers Download Go to Full URL https://www.triahealth.com/Scripts/rs-plugin/css/settings.css Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 64.126.115.53 Olathe, United States, ASN18712 (SUREWEST-KANSAS, US), Reverse DNS 64-126-115-53.static.everestkc.net Software Microsoft-IIS/8.5 / Resource Hash 43a9acb8ad64545c59ae2237aa3f9455384d7624af7ab59f48ffaf3cc57044f9 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 27 Jan 2022 14:32:18 GMT Content-Encoding gzip Last-Modified Wed, 28 Jul 2021 18:45:27 GMT Server Microsoft-IIS/8.5 ETag "d8d4e3bbe083d71:0" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 Accept-Ranges bytes Content-Length 7260
GET H/1.1	200 OK	css www.triahealth.com/Content/	353 KB 86 KB	637ms 387ms	Stylesheet text/css	64.126.115.53 SUREWEST-KANSAS
General Check archive.org Show headers Download Go to Full URL https://www.triahealth.com/Content/css?v=L9xkGmXVyGHDDfHXfrDWrBCi2zI0Qri5yV0qkipWv6s1 Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 64.126.115.53 Olathe, United States, ASN18712 (SUREWEST-KANSAS, US), Reverse DNS 64-126-115-53.static.everestkc.net Software Microsoft-IIS/8.5 / Resource Hash 8cc416562a709e6e91bfb9b28849ea4bfc1afab911eb378a8a743b917e457eaf Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 27 Jan 2022 14:32:18 GMT Content-Encoding gzip Last-Modified Thu, 27 Jan 2022 14:32:18 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 Vary User-Agent,Accept-Encoding Content-Type text/css; charset=utf-8 Cache-Control public Transfer-Encoding chunked Expires Fri, 27 Jan 2023 14:32:18 GMT
GET H/1.1	200 OK	tria-form.css www.triahealth.com/Content/	12 KB 4 KB	394ms 140ms	Stylesheet text/css	64.126.115.53 SUREWEST-KANSAS
General Check archive.org Show headers Download Go to Full URL https://www.triahealth.com/Content/tria-form.css Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 64.126.115.53 Olathe, United States, ASN18712 (SUREWEST-KANSAS, US), Reverse DNS 64-126-115-53.static.everestkc.net Software Microsoft-IIS/8.5 / Resource Hash dc5f83ff415824f19a8596eb4344a3dda80d3ba8a2aa9b8e6ea76249010c4042 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 27 Jan 2022 14:32:18 GMT Content-Encoding gzip Last-Modified Wed, 28 Jul 2021 18:45:25 GMT Server Microsoft-IIS/8.5 ETag "3efdc2bae083d71:0" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 Accept-Ranges bytes Content-Length 3498
GET H2	200	Bootstrap.js Show response nexus.ensighten.com/choozle/11567/	28 KB 9 KB	104ms 44ms	Script application/javascript	18.195.42.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nexus.ensighten.com/choozle/11567/Bootstrap.js Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-42-228.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 891ca1508f682323238af5773172dc56d03a99e09ef8fe9ae201a491d2445d57 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:22 GMT content-encoding gzip last-modified Fri, 02 Oct 2020 16:06:05 GMT server nginx etag W/"5f774fed-7076" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=300
GET H/1.1	200 OK	logo_tria.png www.triahealth.com/Content/images/tria/	3 KB 3 KB	135ms 134ms	Image image/png	64.126.115.53 SUREWEST-KANSAS
General Check archive.org Show headers Download Go to Show image Full URL https://www.triahealth.com/Content/images/tria/logo_tria.png Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 64.126.115.53 Olathe, United States, ASN18712 (SUREWEST-KANSAS, US), Reverse DNS 64-126-115-53.static.everestkc.net Software Microsoft-IIS/8.5 / Resource Hash 77b7046cd7966144182512981149d346bd29c95fb894733ccb20e978c0cc260a Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 27 Jan 2022 14:32:19 GMT Last-Modified Wed, 28 Jul 2021 18:45:25 GMT Server Microsoft-IIS/8.5 ETag "7d8541bae083d71:0" Content-Type image/png Cache-Control max-age=2592000 Accept-Ranges bytes Content-Length 2932
GET H/1.1	200 OK	jquery.themepunch.plugins.min.js Show response www.triahealth.com/Scripts/	63 KB 29 KB	136ms 136ms	Script application/javascript	64.126.115.53 SUREWEST-KANSAS
General Check archive.org Show headers Download Go to Full URL https://www.triahealth.com/Scripts/jquery.themepunch.plugins.min.js Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 64.126.115.53 Olathe, United States, ASN18712 (SUREWEST-KANSAS, US), Reverse DNS 64-126-115-53.static.everestkc.net Software Microsoft-IIS/8.5 / Resource Hash 08979f27ac8c3dcf7765aa830ee19d4f54ac85c95015ae993d8f0dd4491659db Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 27 Jan 2022 14:32:18 GMT Content-Encoding gzip Last-Modified Wed, 28 Jul 2021 18:45:27 GMT Server Microsoft-IIS/8.5 ETag "ce929abbe083d71:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000 Accept-Ranges bytes Content-Length 29249
GET H/1.1	200 OK	jquery.themepunch.revolution.min.js Show response www.triahealth.com/Scripts/	70 KB 21 KB	136ms 136ms	Script application/javascript	64.126.115.53 SUREWEST-KANSAS
General Check archive.org Show headers Download Go to Full URL https://www.triahealth.com/Scripts/jquery.themepunch.revolution.min.js Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 64.126.115.53 Olathe, United States, ASN18712 (SUREWEST-KANSAS, US), Reverse DNS 64-126-115-53.static.everestkc.net Software Microsoft-IIS/8.5 / Resource Hash f470b6606559448e5a7e038076d0e17ab5ad60769e8cbdd94502047bc7cf268e Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 27 Jan 2022 14:32:18 GMT Content-Encoding gzip Last-Modified Wed, 28 Jul 2021 18:45:27 GMT Server Microsoft-IIS/8.5 ETag "ab18a0bbe083d71:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000 Accept-Ranges bytes Content-Length 21593
GET H/1.1	200 OK	jquery.themepunch.showbizpro.min.js Show response www.triahealth.com/Scripts/	85 KB 37 KB	138ms 137ms	Script application/javascript	64.126.115.53 SUREWEST-KANSAS
General Check archive.org Show headers Download Go to Full URL https://www.triahealth.com/Scripts/jquery.themepunch.showbizpro.min.js Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 64.126.115.53 Olathe, United States, ASN18712 (SUREWEST-KANSAS, US), Reverse DNS 64-126-115-53.static.everestkc.net Software Microsoft-IIS/8.5 / Resource Hash 9afce03ea3cdad2dea10bdccd7a08c382dc7a59dd82ed75783deabe72f1859a4 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 27 Jan 2022 14:32:18 GMT Content-Encoding gzip Last-Modified Wed, 28 Jul 2021 18:45:27 GMT Server Microsoft-IIS/8.5 ETag "d4c8a2bbe083d71:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000 Accept-Ranges bytes Content-Length 37093
GET H2	200	widget.js Show response medchatapp.com/widget/	83 KB 29 KB	1523ms 1220ms	Script application/x-javascript	13.89.105.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://medchatapp.com/widget/widget.js?api-key=w__f-xs-dkafmqBnQKRUOA Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 56fc2778a79d27be9f83100117a3842919c8001c70b1bee5a6509ded1ffa6ce1 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Thu, 27 Jan 2022 14:32:25 GMT content-encoding gzip etag "05465475ded81:0" last-modified Fri, 21 Jan 2022 00:24:40 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control no-cache, no-store, must-revalidate accept-ranges bytes access-control-allow-headers Content-Type content-length 28864 expires -1
GET H/1.1	200 OK	allotherscripts Show response www.triahealth.com/bundles/	332 KB 127 KB	137ms 137ms	Script text/javascript	64.126.115.53 SUREWEST-KANSAS
General Check archive.org Show headers Download Go to Full URL https://www.triahealth.com/bundles/allotherscripts?v=seggDNswOuw8SUVV_54bgmUixWaeW81NpmiYqwnyk901 Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 64.126.115.53 Olathe, United States, ASN18712 (SUREWEST-KANSAS, US), Reverse DNS 64-126-115-53.static.everestkc.net Software Microsoft-IIS/8.5 / Resource Hash 38c405718a1733c3c3e1f0d1e61bcb8d34f704b5de2c7d6cddce290529bc768e Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 27 Jan 2022 14:32:19 GMT Content-Encoding gzip Last-Modified Thu, 27 Jan 2022 14:32:19 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 Vary User-Agent,Accept-Encoding Content-Type text/javascript; charset=utf-8 Cache-Control public Transfer-Encoding chunked Expires Fri, 27 Jan 2023 14:32:19 GMT
GET H2	200	994bcee43407d3fe5d3c0ad689f5f182d53f3857.js Show response my.hellobar.com/	2 KB 1 KB	357ms 301ms	Script text/javascript	2606:4700:10::ac43:2be9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.hellobar.com/994bcee43407d3fe5d3c0ad689f5f182d53f3857.js Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 33280be750491831bc445f625d0f48adfdb64d95f18abeae93764712ec72cee1 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:24 GMT content-encoding br cf-cache-status MISS last-modified Wed, 26 Jan 2022 21:14:19 GMT server cloudflare x-amz-request-id B0RJ3XK3CFX75AGW etag W/"5ed9264246d43945793bb25ecc9369d6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10 cf-ray 6d42b0acbe7d3a7b-CDG x-amz-id-2 xMhkvqb5HP727dI7X0DkQFM/hkUcyxbnPWxdGvseHlVLBcpfNrSYzl9LAUglQdDmNb4hiCqcIOM=
POST H2	200	log Show response active.cookieyes.com/api/335298f183304dcd453b3215/	2 B 175 B	85ms 35ms	Fetch text/plain	46.101.13.61 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://active.cookieyes.com/api/335298f183304dcd453b3215/log Requested by Host: cdn-cookieyes.com URL: https://cdn-cookieyes.com/client_data/335298f183304dcd453b3215.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.101.13.61 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 529751.cloudwaysapps.com Software nginx / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:23 GMT server nginx age 0 etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" x-cache MISS content-type text/plain; charset=utf-8 access-control-allow-origin * accept-ranges bytes content-length 2
GET H2	200	pro.min.css Show response ka-p.fontawesome.com/releases/v5.15.4/css/	315 KB 53 KB	140ms 102ms	Fetch text/css	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=f351a3b12b Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/f351a3b12b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:23 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag "610ae215-d3b2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 6d42b0a7dca23b25-CDG content-length 54194
GET H2	200	pro-v4-shims.min.css Show response ka-p.fontawesome.com/releases/v5.15.4/css/	26 KB 4 KB	88ms 51ms	Fetch text/css	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=f351a3b12b Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/f351a3b12b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:23 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare age 236497 etag "610ae215-1062" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 6d42b0a7dca73b25-CDG content-length 4194
GET H2	200	pro-v4-font-face.min.css Show response ka-p.fontawesome.com/releases/v5.15.4/css/	27 KB 3 KB	129ms 93ms	Fetch text/css	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=f351a3b12b Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/f351a3b12b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:23 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag "610ae215-a2b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 6d42b0a7dcad3b25-CDG content-length 2603
GET H2	200	css fonts.googleapis.com/	12 KB 1 KB	94ms 33ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Raleway:400,100,200,300,500,600,700,800 Requested by Host: www.triahealth.com URL: https://www.triahealth.com/Scripts/rs-plugin/css/settings.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3c76beb0d8a22e2d5a9b02362711d6128d94336d5e8561b33f16d0cc80fe3e8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 27 Jan 2022 14:29:24 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 27 Jan 2022 14:32:23 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 27 Jan 2022 14:32:23 GMT
GET H2	200	sa.js Show response sibautomation.com/	8 KB 3 KB	72ms 71ms	Script text/javascript	2606:4700::6812:1962 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sibautomation.com/sa.js?key=htugqpbi6hs0avi9lmtge Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1962 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Sails <sailsjs.com> Resource Hash 06518418d470e00cb1dabcf94c90deefb2fcb18ed06014a33154dab27ff3087e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:23 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS x-powered-by Sails <sailsjs.com> x-xss-protection 1 x-sib-server SENDINBLUE-web1-2 cf-bgj minify server cloudflare etag W/"2956-vXBLapFSAvYmyhH7OQnJ1KH7Pcw" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 cf-polished origSize=10582 cf-ray 6d42b0ac6ff232ab-CDG expires Thu, 27 Jan 2022 18:32:23 GMT
GET H/1.1	200 OK	insight.min.js Show response snap.licdn.com/li.lms-analytics/	5 KB 2 KB	104ms 26ms	Script application/x-javascript	2a02:26f0:f7::5c7b:e053 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f7::5c7b:e053 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 27 Jan 2022 14:32:23 GMT Content-Encoding gzip Last-Modified Wed, 29 Sep 2021 19:17:49 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=81501 Connection keep-alive Accept-Ranges bytes Content-Length 2036
GET H2	200	gtm.js Show response www.googletagmanager.com/	106 KB 41 KB	165ms 66ms	Script application/javascript	2a00:1450:401b:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-M7KQNX9 Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:401b:808::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b983a4f0bf5a63730b9a605497c6e69580f468b1ce27a6cf75d1866fb97be246 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:23 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41148 x-xss-protection 0 last-modified Thu, 27 Jan 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 27 Jan 2022 14:32:23 GMT
GET H/1.1	200 OK	fontello.woff www.triahealth.com/Content/fonts/	11 KB 11 KB	257ms 256ms	Font font/x-woff	64.126.115.53 SUREWEST-KANSAS
General Check archive.org Show headers Download Go to Full URL https://www.triahealth.com/Content/fonts/fontello.woff Requested by Host: www.triahealth.com URL: https://www.triahealth.com/Content/css?v=L9xkGmXVyGHDDfHXfrDWrBCi2zI0Qri5yV0qkipWv6s1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 64.126.115.53 Olathe, United States, ASN18712 (SUREWEST-KANSAS, US), Reverse DNS 64-126-115-53.static.everestkc.net Software Microsoft-IIS/8.5 / Resource Hash fa2df4ecafe8d43a9e9f5b22493e6b55223d3e40d282db18c4a150825d6dddaa Request headers Referer https://www.triahealth.com/Content/css?v=L9xkGmXVyGHDDfHXfrDWrBCi2zI0Qri5yV0qkipWv6s1 Origin https://www.triahealth.com Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 27 Jan 2022 14:32:19 GMT Last-Modified Wed, 28 Jul 2021 18:45:23 GMT Server Microsoft-IIS/8.5 ETag "be2460b9e083d71:0" Content-Type font/x-woff Cache-Control max-age=2592000 Accept-Ranges bytes Content-Length 11068
GET H/1.1	404 Not Found	fa-brands-400.woff2 www.triahealth.com/Content/webfonts/	0 0	154ms 132ms	Font text/html	64.126.115.53 SUREWEST-KANSAS
General Check archive.org Show headers Download Go to Full URL https://www.triahealth.com/Content/webfonts/fa-brands-400.woff2 Requested by Host: www.triahealth.com URL: https://www.triahealth.com/Content/css?v=L9xkGmXVyGHDDfHXfrDWrBCi2zI0Qri5yV0qkipWv6s1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 64.126.115.53 Olathe, United States, ASN18712 (SUREWEST-KANSAS, US), Reverse DNS 64-126-115-53.static.everestkc.net Software Microsoft-IIS/8.5 / Resource Hash Request headers Referer https://www.triahealth.com/Content/css?v=L9xkGmXVyGHDDfHXfrDWrBCi2zI0Qri5yV0qkipWv6s1 Origin https://www.triahealth.com Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 27 Jan 2022 14:32:19 GMT Cache-Control max-age=2592000 Server Microsoft-IIS/8.5 Content-Length 1245 Content-Type text/html
GET H2	200	1Ptug8zYS_SKggPNyC0ITw.woff2 fonts.gstatic.com/s/raleway/v22/	46 KB 47 KB	85ms 25ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Raleway:400,100,200,300,500,600,700,800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.triahealth.com Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 25 Jan 2022 20:12:54 GMT x-content-type-options nosniff age 152369 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47312 x-xss-protection 0 last-modified Tue, 29 Jun 2021 19:40:30 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 25 Jan 2023 20:12:54 GMT
GET H/1.1	200 OK	fontawesome-webfont.woff www.triahealth.com/Content/fonts/	96 KB 96 KB	349ms 249ms	Font font/x-woff	64.126.115.53 SUREWEST-KANSAS
General Check archive.org Show headers Download Go to Full URL https://www.triahealth.com/Content/fonts/fontawesome-webfont.woff Requested by Host: www.triahealth.com URL: https://www.triahealth.com/Content/css?v=L9xkGmXVyGHDDfHXfrDWrBCi2zI0Qri5yV0qkipWv6s1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 64.126.115.53 Olathe, United States, ASN18712 (SUREWEST-KANSAS, US), Reverse DNS 64-126-115-53.static.everestkc.net Software Microsoft-IIS/8.5 / Resource Hash ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07 Request headers Referer https://www.triahealth.com/Content/css?v=L9xkGmXVyGHDDfHXfrDWrBCi2zI0Qri5yV0qkipWv6s1 Origin https://www.triahealth.com Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 27 Jan 2022 14:32:19 GMT Last-Modified Wed, 28 Jul 2021 18:45:23 GMT Server Microsoft-IIS/8.5 ETag "fb8b59b9e083d71:0" Content-Type font/x-woff Cache-Control max-age=2592000 Accept-Ranges bytes Content-Length 98024
GET H2	200	serverComponent.php Show response nexus.ensighten.com/choozle/11567/	401 B 543 B	55ms 55ms	Script text/javascript	18.195.42.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nexus.ensighten.com/choozle/11567/serverComponent.php?r=6553225.622351513&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/11567/code/&publishedOn=Fri%20Oct%2002%2016:00:52%20GMT%202020&ClientID=923&PageID=https%3A%2F%2Fwww.triahealth.com%2Fenroll%3Futm_source%3Dsendinblue%26utm_campaign%3DPA_Trigger_First_Distribution%26utm_medium%3Demail Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/choozle/11567/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-42-228.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash ee670a29eab312210f07afb0822f21423b45c64588f86799cf37ae83c3f9840d Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:23 GMT cache-control no-cache, no-store server nginx content-type text/javascript content-length 401 expires Thu, 27 Jan 2022 14:32:22 GMT
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3004892&time=1643293943838&url=https%3A%2F%2Fwww.triahealth.com%2Fenroll%3Futm_source%3Dsendinblue%26utm_campaign%3DPA_Trigger_First_Distribution%... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3004892%26time%3D1643293943838%26url%3Dhttps%253A%252F%252Fwww.triahealth.com%252... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3004892&time=1643293943838&url=https%3A%2F%2Fwww.triahealth.com%2Fenroll%3Futm_source%3Dsendinblue%26utm_campaign%3DPA_Trigger_First_Distribution%... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3004892&time=1643293943838&url=https%3A%2F%2Fwww.triahealth.com%2Fenroll%3Futm_source%3Dsendinblue%26utm_campaign%3DPA_Trigger_First_Distribution...	0 156 B	443ms 232ms	Image application/javascript	108.174.10.14 LINKEDIN
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3004892&time=1643293943838&url=https%3A%2F%2Fwww.triahealth.com%2Fenroll%3Futm_source%3Dsendinblue%26utm_campaign%3DPA_Trigger_First_Distribution%26utm_medium%3Demail&liSync=true&e_ipv6=AQJhmcDH-MRJnQAAAX6b86ps5EmKQLjkT29FTxi6hoSBKWE4By3FYlL-ibf3cWe1dt-Ecn0 Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol H2 Server 108.174.10.14 , United States, ASN14413 (LINKEDIN, US), Reverse DNS 108-174-10-14.fwd.linkedin.com Software Play / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:24 GMT server Play linkedin-action 1 x-li-fabric prod-ltx1 x-li-proto http/2 x-li-pop prod-lva1 content-type application/javascript content-length 0 x-li-uuid ZrP/3yInzhbgfQOwPCsAAA== Redirect headers date Thu, 27 Jan 2022 14:32:24 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 9444D97435234535982FF2B4EBBD9C0D Ref B: VIEEDGE3114 Ref C: 2022-01-27T14:32:24Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3004892&time=1643293943838&url=https%3A%2F%2Fwww.triahealth.com%2Fenroll%3Futm_source%3Dsendinblue%26utm_campaign%3DPA_Trigger_First_Distribution%26utm_medium%3Demail&liSync=true&e_ipv6=AQJhmcDH-MRJnQAAAX6b86ps5EmKQLjkT29FTxi6hoSBKWE4By3FYlL-ibf3cWe1dt-Ecn0 x-li-proto http/2 content-length 0 x-li-uuid AAXWkS/Rgfe2ugR6rtVe0w==
GET H2	200	cm.html Show response sibautomation.com/ Frame CD83	3 KB 2 KB	104ms 104ms	Document text/html	2606:4700::6812:1962 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sibautomation.com/cm.html?key=htugqpbi6hs0avi9lmtge Requested by Host: sibautomation.com URL: https://sibautomation.com/sa.js?key=htugqpbi6hs0avi9lmtge Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1962 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Sails <sailsjs.com> Resource Hash 514cce75fb998ac6e2c297803ca65544997e0842e92eef0e27ced52e9b392b44 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ Response headers date Thu, 27 Jan 2022 14:32:23 GMT content-type text/html; charset=utf-8 vary Accept-Encoding cf-apo-via origin,host expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-powered-by Sails <sailsjs.com> access-control-allow-origin * x-sib-server SENDINBLUE-web2-3 x-content-type-options nosniff x-xss-protection 1 cf-cache-status MISS last-modified Thu, 27 Jan 2022 14:32:23 GMT expires Thu, 27 Jan 2022 16:32:23 GMT cache-control public, max-age=7200 server cloudflare cf-ray 6d42b0ad199f32ab-CDG content-encoding gzip
GET H2	200	eef21c05463774e99af356f04d895f7c.js Show response nexus.ensighten.com/choozle/11567/code/	1 KB 604 B	24ms 23ms	Script application/javascript	18.195.42.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nexus.ensighten.com/choozle/11567/code/eef21c05463774e99af356f04d895f7c.js?conditionId0=4884899&conditionId1=4890897 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/choozle/11567/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-42-228.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash c9011d2c2783702e4bc9b2c6dcc7365b827ea4139ddd303e8e6727afc4ff0918 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:23 GMT content-encoding gzip last-modified Tue, 29 Sep 2020 21:02:49 GMT server nginx etag W/"5f73a0f9-543" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=315360000
GET H2	200	77819ac0b9d2bc1d24f7cfdd783cc0d1.js Show response nexus.ensighten.com/choozle/11567/code/	1 KB 513 B	24ms 24ms	Script application/javascript	18.195.42.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nexus.ensighten.com/choozle/11567/code/77819ac0b9d2bc1d24f7cfdd783cc0d1.js?conditionId0=421905 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/choozle/11567/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-42-228.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash cfe6b3f2587a9ea5f31db67a0a0fb19a8279d43e35a04332678b7749eb041ad0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:23 GMT content-encoding gzip last-modified Tue, 29 Sep 2020 21:02:49 GMT server nginx etag W/"5f73a0f9-535" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=315360000
GET H/1.1	200 OK	fa-brands-400.woff www.triahealth.com/Content/webfonts/	83 KB 83 KB	135ms 135ms	Font font/x-woff	64.126.115.53 SUREWEST-KANSAS
General Check archive.org Show headers Download Go to Full URL https://www.triahealth.com/Content/webfonts/fa-brands-400.woff Requested by Host: www.triahealth.com URL: https://www.triahealth.com/Content/css?v=L9xkGmXVyGHDDfHXfrDWrBCi2zI0Qri5yV0qkipWv6s1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 64.126.115.53 Olathe, United States, ASN18712 (SUREWEST-KANSAS, US), Reverse DNS 64-126-115-53.static.everestkc.net Software Microsoft-IIS/8.5 / Resource Hash 6433a2058272d5e27287fbe3b6b36a333c7baafc25010e556b49d622e96e3b3a Request headers Referer https://www.triahealth.com/Content/css?v=L9xkGmXVyGHDDfHXfrDWrBCi2zI0Qri5yV0qkipWv6s1 Origin https://www.triahealth.com Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Thu, 27 Jan 2022 14:32:19 GMT Last-Modified Wed, 28 Jul 2021 18:45:26 GMT Server Microsoft-IIS/8.5 ETag "9193d8bae083d71:0" Content-Type font/x-woff Cache-Control max-age=2592000 Accept-Ranges bytes Content-Length 84564
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 27 KB	78ms 24ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: r.sbemail.triahealth.com URL: https://r.sbemail.triahealth.com/tr/cl/-qeoqXJK0wNANz_K45aSF7VKx_uMAR-Y1qu1WN9xiTx0qnoFYDbnRh_ZGry-RqYYQjTsTJ-MjuKo96rsardgkOyRPZFIXFibVGNqcSL4mWnZJ41SgzmigMy4pJD020WVfeIBqtik4jbUgHSbB60o2HaMiiozFPmYjLBrb8iVuoo1aGhrB-AcAyGaTGaCkkflIPtwZ6sPASP0pC2XD2hxc9f1i4Dl7_yGNMAA4137WqYy6Qu523KtAmo_9nJvrw2FLk_nt5iJxxACl90o4En9bSgkgJ7G05BbyBLMZ7MUzzgNAZGo0LvD8GBmGfFaadclgjN8eGIcU3jIn5xqbaW0CVM97HBjzgZl3uF0_3XdDQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 26237 x-xss-protection 0 pragma public x-fb-debug wSo2uus0hq0/tiVcc70dqsm4ICGuPD+nsxSkIX9q0KkebhkHYIUik85o+xYZj89oGOAOEYXUWYlv/gGHjaLDAA== x-fb-trip-id 917726464 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Thu, 27 Jan 2022 14:32:24 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	cm.html sibautomation.com/ Frame ECB6	0 0	35ms 35ms	Document text/html	2606:4700::6812:1962 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sibautomation.com/cm.html?key=htugqpbi6hs0avi9lmtge Requested by Host: sibautomation.com URL: https://sibautomation.com/sa.js?key=htugqpbi6hs0avi9lmtge Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1962 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Sails <sailsjs.com> Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ Response headers date Thu, 27 Jan 2022 14:32:23 GMT content-type text/html; charset=utf-8 vary Accept-Encoding cf-apo-via origin,host expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-powered-by Sails <sailsjs.com> access-control-allow-origin * x-sib-server SENDINBLUE-web2-3 x-content-type-options nosniff x-xss-protection 1 cf-cache-status HIT age 0 last-modified Thu, 27 Jan 2022 14:32:23 GMT expires Thu, 27 Jan 2022 16:32:23 GMT cache-control public, max-age=7200 server cloudflare cf-ray 6d42b0addb1732ab-CDG content-encoding gzip
GET		v652eace1692a40cfa3763df669d7439c1639079717194 static.cloudflareinsights.com/beacon.min.js/ Frame CD83	0 0
GET		cm in-automate.sendinblue.com/ Frame CD83	0 0
GET H2	200	cm.html Show response sibautomation.com/ Frame 9802	3 KB 2 KB	27ms 27ms	Document text/html	2606:4700::6812:1962 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sibautomation.com/cm.html?key=htugqpbi6hs0avi9lmtge Requested by Host: www.triahealth.com URL: https://www.triahealth.com/bundles/jquery?v=feGGwe85cRHjCX0zvs2fJOEfDiUVpGGM4WFANCYtbsU1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1962 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Sails <sailsjs.com> Resource Hash 514cce75fb998ac6e2c297803ca65544997e0842e92eef0e27ced52e9b392b44 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ Response headers date Thu, 27 Jan 2022 14:32:24 GMT content-type text/html; charset=utf-8 vary Accept-Encoding cf-apo-via origin,host expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-powered-by Sails <sailsjs.com> access-control-allow-origin * x-sib-server SENDINBLUE-web2-3 x-content-type-options nosniff x-xss-protection 1 cf-cache-status HIT age 1 last-modified Thu, 27 Jan 2022 14:32:23 GMT expires Thu, 27 Jan 2022 16:32:24 GMT cache-control public, max-age=7200 server cloudflare cf-ray 6d42b0ae5c2432ab-CDG content-encoding gzip
GET H2	200	cm.html Show response sibautomation.com/ Frame E0F2	3 KB 2 KB	28ms 28ms	Document text/html	2606:4700::6812:1962 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sibautomation.com/cm.html?key=htugqpbi6hs0avi9lmtge Requested by Host: www.triahealth.com URL: https://www.triahealth.com/bundles/jquery?v=feGGwe85cRHjCX0zvs2fJOEfDiUVpGGM4WFANCYtbsU1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1962 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Sails <sailsjs.com> Resource Hash 514cce75fb998ac6e2c297803ca65544997e0842e92eef0e27ced52e9b392b44 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ Response headers date Thu, 27 Jan 2022 14:32:24 GMT content-type text/html; charset=utf-8 vary Accept-Encoding cf-apo-via origin,host expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-powered-by Sails <sailsjs.com> access-control-allow-origin * x-sib-server SENDINBLUE-web2-3 x-content-type-options nosniff x-xss-protection 1 cf-cache-status HIT age 1 last-modified Thu, 27 Jan 2022 14:32:23 GMT expires Thu, 27 Jan 2022 16:32:24 GMT cache-control public, max-age=7200 server cloudflare cf-ray 6d42b0ae5c2632ab-CDG content-encoding gzip
GET H2	200	1533379090062939 Show response connect.facebook.net/signals/config/	305 KB 87 KB	149ms 148ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1533379090062939?v=2.9.51&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash bf891cd7f20f4b58cb319f72389c7d201bddc730ff546ee0bfcf91323f195fda Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug 0/P+318/E2bTXnhFCdauVn1HXnf9ZTBqf/br+OQlbh2sz12jp+SFH+oVd7fJSDKwoMCEBuQSCf+oU1R6gq7MGg== x-fb-trip-id 917726464 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Thu, 27 Jan 2022 14:32:24 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	v652eace1692a40cfa3763df669d7439c1639079717194 Show response static.cloudflareinsights.com/beacon.min.js/ Frame 9802	14 KB 5 KB	88ms 87ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Requested by Host: sibautomation.com URL: https://sibautomation.com/cm.html?key=htugqpbi6hs0avi9lmtge Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Request headers Referer https://sibautomation.com/ Origin https://sibautomation.com Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:24 GMT content-encoding gzip last-modified Thu, 09 Dec 2021 19:55:17 GMT server cloudflare etag W/2021.12.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 6d42b0aea828ee0f-CDG
GET H2	200	v652eace1692a40cfa3763df669d7439c1639079717194 Show response static.cloudflareinsights.com/beacon.min.js/ Frame E0F2	14 KB 5 KB	70ms 70ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Requested by Host: sibautomation.com URL: https://sibautomation.com/cm.html?key=htugqpbi6hs0avi9lmtge Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Request headers Referer https://sibautomation.com/ Origin https://sibautomation.com Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:24 GMT content-encoding gzip last-modified Thu, 09 Dec 2021 19:55:17 GMT server cloudflare etag W/2021.12.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 6d42b0aea82bee0f-CDG
GET H2	204	cm Show response in-automate.sendinblue.com/ Frame 9802	0 68 B	63ms 63ms	XHR text/plain	2606:4700::6811:90c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://in-automate.sendinblue.com/cm?uuid=bfb6e3fa-3560-43b5-a05a-ac24408e0116&key=htugqpbi6hs0avi9lmtge&cuid=35100306-ae53-436d-8aea-380d2475a7f2 Requested by Host: sibautomation.com URL: https://sibautomation.com/cm.html?key=htugqpbi6hs0avi9lmtge Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:90c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://sibautomation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:24 GMT x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-origin * cache-control no-cache cf-apo-via origin,host cf-ray 6d42b0aeaf1539f9-CDG x-xss-protection 1 x-sib-server SENDINBLUE-srv-pr-rancher-worker-10
GET H2	200	modules.js Show response my.hellobar.com/	251 KB 73 KB	46ms 46ms	Script text/javascript	2606:4700:10::ac43:2be9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.hellobar.com/modules.js Requested by Host: my.hellobar.com URL: https://my.hellobar.com/994bcee43407d3fe5d3c0ad689f5f182d53f3857.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c1f7185d8bbe632d4d50c3636c1995131ed4a7fce9075870d0365aeabc238e2 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:24 GMT content-encoding br cf-cache-status HIT age 5060 cf-polished origSize=257701 x-amz-request-id 9ECQM7B6ZAP970ZA x-amz-id-2 Qx9q22uZ9haPJjenWMwuwP4RC+2tBT/3/vhA8EYcNHTk4zuE8nmwAlMi89tec8p+/Y8GTcrP84E= last-modified Sat, 22 Jan 2022 17:06:52 GMT server cloudflare etag W/"528f8fc510b37ae1e74264ecd209615b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control max-age=14400 cf-ray 6d42b0aeab193a7b-CDG cf-bgj minify
GET H/1.1	200 OK	iframe Show response d1eoo1tco6rr5e.cloudfront.net/ric3145/jdn9ba7/ Frame 5148 Redirect Chain https://insight.adsrvr.org/tags/ric3145/jdn9ba7/iframe https://d1eoo1tco6rr5e.cloudfront.net/ric3145/jdn9ba7/iframe	138 B 668 B	89ms 29ms	Document text/html	108.157.1.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1eoo1tco6rr5e.cloudfront.net/ric3145/jdn9ba7/iframe Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/choozle/11567/code/eef21c05463774e99af356f04d895f7c.js?conditionId0=4884899&conditionId1=4890897 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.157.1.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 23dc662ea0f1f1c431ba997ab2f39026dd91c5d924ff84f8ed1456b1513c2241 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ Response headers Content-Type text/html Content-Length 138 Connection keep-alive Date Wed, 26 Jan 2022 21:29:07 GMT Last-Modified Fri, 01 Oct 2021 23:55:28 GMT ETag "c44225f6ee0459f587c88d9e6bfb417c" x-amz-server-side-encryption AES256 Cache-Control max-age=86400 Accept-Ranges bytes Server AmazonS3 X-Cache Hit from cloudfront Via 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront) X-Amz-Cf-Pop DUS51-P2 X-Amz-Cf-Id iK2uR5hMxsG7BHBmJbp7jPijE--llKwvmAknqRg1cNxDT4wdQrpI0g== Age 61398 Redirect headers date Thu, 27 Jan 2022 14:32:24 GMT content-type text/html; charset=UTF-8 content-length 183 location https://d1eoo1tco6rr5e.cloudfront.net/ric3145/jdn9ba7/iframe server Microsoft-IIS/10.0 x-powered-by ASP.NET
GET H/1.1	200 OK	iframe Show response d1eoo1tco6rr5e.cloudfront.net/ric3145/69f0ob9/ Frame AF7D Redirect Chain https://insight.adsrvr.org/tags/ric3145/69f0ob9/iframe https://d1eoo1tco6rr5e.cloudfront.net/ric3145/69f0ob9/iframe	138 B 668 B	89ms 29ms	Document text/html	108.157.1.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1eoo1tco6rr5e.cloudfront.net/ric3145/69f0ob9/iframe Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/choozle/11567/code/eef21c05463774e99af356f04d895f7c.js?conditionId0=4884899&conditionId1=4890897 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.157.1.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 69f33a4b54d1589f1c2f543c05efe552da1a99eeb7b195d8e12b50666c4b74b6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ Response headers Content-Type text/html Content-Length 138 Connection keep-alive Date Wed, 26 Jan 2022 21:41:04 GMT Last-Modified Fri, 01 Oct 2021 23:55:28 GMT ETag "2dae7635106f856e58d485b81dbb1ed0" x-amz-server-side-encryption AES256 Cache-Control max-age=86400 Accept-Ranges bytes Server AmazonS3 X-Cache Hit from cloudfront Via 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront) X-Amz-Cf-Pop DUS51-P2 X-Amz-Cf-Id p_Suj0wTa9vVupne0mdtwj9UCb3U-NHFYzlnB-n36Lb8X0iAueItRw== Age 60681 Redirect headers date Thu, 27 Jan 2022 14:32:24 GMT content-type text/html; charset=UTF-8 content-length 183 location https://d1eoo1tco6rr5e.cloudfront.net/ric3145/69f0ob9/iframe server Microsoft-IIS/10.0 x-powered-by ASP.NET
POST H2	200	rum Show response sibautomation.com/cdn-cgi/ Frame E0F2	0 41 B	23ms 23ms	XHR text/plain	2606:4700::6812:1962 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sibautomation.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1962 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://sibautomation.com/cm.html?key=htugqpbi6hs0avi9lmtge Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 content-type application/json Response headers date Thu, 27 Jan 2022 14:32:24 GMT x-content-type-options nosniff server cloudflare cf-ray 6d42b0af4e3832ab-CDG x-frame-options DENY
POST H2	200	rum Show response sibautomation.com/cdn-cgi/ Frame 9802	0 41 B	23ms 23ms	XHR text/plain	2606:4700::6812:1962 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sibautomation.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1962 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://sibautomation.com/cm.html?key=htugqpbi6hs0avi9lmtge Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 content-type application/json Response headers date Thu, 27 Jan 2022 14:32:24 GMT x-content-type-options nosniff server cloudflare cf-ray 6d42b0af4e3d32ab-CDG x-frame-options DENY
GET H3	200	267894821765550 Show response connect.facebook.net/signals/config/	305 KB 87 KB	178ms 178ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/267894821765550?v=2.9.51&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a88306a04e194a6f306e8c8892e6795f95fe1387d4e768066d1e56d0d3f9b6e7 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug VDhb9LfbFv8W4y5kTauUjLLANIMaRgU0gnup+mgNSfjXptn2HA0yFLi44vgbiXy6pN2EntVN8BsmdSCBdxMIgQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Thu, 27 Jan 2022 14:32:24 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 409 B	72ms 24ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1533379090062939&ev=PageView&dl=https%3A%2F%2Fwww.triahealth.com%2Fenroll%3Futm_source%3Dsendinblue%26utm_campaign%3DPA_Trigger_First_Distribution%26utm_medium%3Demail&rl=https%3A%2F%2Fr.sbemail.triahealth.com%2F&if=false&ts=1643293944290&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=30&fbp=fb.1.1643293944289.193383332&it=1643293944093&coo=false&exp=p0&rqm=GET Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:24 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 content-length 44 expires Thu, 27 Jan 2022 14:32:24 GMT
GET H2	204	p Show response in-automate.sendinblue.com/	0 36 B	58ms 58ms	XHR text/plain	2606:4700::6811:90c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://in-automate.sendinblue.com/p?key=htugqpbi6hs0avi9lmtge&cuid=35100306-ae53-436d-8aea-380d2475a7f2&ma_url=https%3A%2F%2Fwww.triahealth.com%2Fenroll%3Futm_source%3Dsendinblue%26utm_campaign%3DPA_Trigger_First_Distribution%26utm_medium%3Demail&sib_type=page&ma_title=Enroll%20%7C%20Tria%20Health&sib_name=Enroll%20%7C%20Tria%20Health&ma_referrer=https%3A%2F%2Fr.sbemail.triahealth.com%2F&ma_path=%2Fenroll Requested by Host: sibautomation.com URL: https://sibautomation.com/sa.js?key=htugqpbi6hs0avi9lmtge Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:90c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:24 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-origin * cache-control no-cache cf-apo-via origin,host cf-ray 6d42b0b07b4c39f9-CDG
GET H2	200	/ insight.adsrvr.org/track/pxl/ Frame 5148	70 B 260 B	35ms 35ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=ric3145&ct=0:jdn9ba7&fmt=3 Requested by Host: d1eoo1tco6rr5e.cloudfront.net URL: https://d1eoo1tco6rr5e.cloudfront.net/ric3145/jdn9ba7/iframe Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://d1eoo1tco6rr5e.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Thu, 27 Jan 2022 14:32:24 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	/ insight.adsrvr.org/track/pxl/ Frame AF7D	70 B 260 B	65ms 65ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/pxl/?adv=ric3145&ct=0:69f0ob9&fmt=3 Requested by Host: d1eoo1tco6rr5e.cloudfront.net URL: https://d1eoo1tco6rr5e.cloudfront.net/ric3145/69f0ob9/iframe Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://d1eoo1tco6rr5e.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Thu, 27 Jan 2022 14:32:24 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	48ms 23ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=267894821765550&ev=PageView&dl=https%3A%2F%2Fwww.triahealth.com%2Fenroll%3Futm_source%3Dsendinblue%26utm_campaign%3DPA_Trigger_First_Distribution%26utm_medium%3Demail&rl=https%3A%2F%2Fr.sbemail.triahealth.com%2F&if=false&ts=1643293944570&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=30&fbp=fb.1.1643293944289.193383332&it=1643293944093&coo=false&exp=p0&rqm=GET Requested by Host: www.triahealth.com URL: https://www.triahealth.com/enroll?utm_source=sendinblue&utm_campaign=PA_Trigger_First_Distribution&utm_medium=email Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:24 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Thu, 27 Jan 2022 14:32:24 GMT
GET H2	200	eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyJ9 Show response app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/	5 KB 1 KB	97ms 18ms	XHR application/json	151.101.194.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyJ9 Requested by Host: medchatapp.com URL: https://medchatapp.com/widget/widget.js?api-key=w__f-xs-dkafmqBnQKRUOA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash dd1fb9ec9c3f20e39d46aa55558dbcb9bb6393b02f3be053c0bc9278ef7d1d25 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:25 GMT content-encoding gzip vary Authorization, Accept-Encoding age 0 x-cache HIT content-length 721 x-served-by cache-cdg20722-CDG access-control-allow-origin * x-timer S1643293945.362604,VS0,VE0 etag "614dbb" access-control-max-age 3600 access-control-allow-methods OPTIONS, GET content-type application/json via 1.1 varnish cache-control max-age=0 accept-ranges bytes access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version x-cache-hits 2
GET H2	200	k1sZhnfv.json Show response cdn-cookieyes.com/client_data/335298f183304dcd453b3215/	10 KB 3 KB	80ms 34ms	Fetch application/json	2606:4700:20::681a:146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-cookieyes.com/client_data/335298f183304dcd453b3215/k1sZhnfv.json Requested by Host: cdn-cookieyes.com URL: https://cdn-cookieyes.com/client_data/335298f183304dcd453b3215.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35aea18ef61b91a751fd2af3cf27dee73665b86fd518e27d66676f297d54364d Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:25 GMT content-encoding br cf-cache-status HIT last-modified Mon, 24 Jan 2022 20:30:18 GMT server cloudflare age 150984 etag W/"29a8-5d659d64559c6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BsL2FJWTt6WMgIqPIArGF%2FsD4yeRUHVkioAk02S8qgX5HYV9qqYE5MJRJ9nGQB3YdDoCxogpTSzmiDNARD4JwyiPbCR57T9n09wwfN8D%2BjJwhQCTJkX4K0lcGbWgThPr7%2B6u226ZKLCOHk7uU6U"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * cache-control max-age=0, s-maxage=604800, proxy-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6d42b0b65e763b13-CDG
GET H2	200	result.php Show response geoip.cookieyes.com/geoip/checker/	93 B 240 B	80ms 25ms	Fetch text/html	46.101.13.61 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://geoip.cookieyes.com/geoip/checker/result.php Requested by Host: cdn-cookieyes.com URL: https://cdn-cookieyes.com/client_data/335298f183304dcd453b3215.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.101.13.61 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 529751.cloudwaysapps.com Software nginx / Resource Hash 3f8eafb8487d4271962c8ac362a5dec85ffbf561640ec7dec32c4676ac9f82ac Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers access-control-allow-origin * date Thu, 27 Jan 2022 14:32:25 GMT content-encoding gzip server nginx content-length 99 vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	close.svg cdn-cookieyes.com/assets/images/icons/	317 B 553 B	41ms 41ms	Image image/svg+xml	2606:4700:20::681a:146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-cookieyes.com/assets/images/icons/close.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 057121d759b2f06b7f958b628fe8f6da48dfde4ff2506d3c9736b01118ebba0e Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:25 GMT content-encoding br cf-cache-status HIT last-modified Tue, 16 Feb 2021 03:14:32 GMT server cloudflare age 6383 etag W/"13d-5bb6b80581a13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ip0T4npCYrsNKE2FS%2BADnnTszxW8M4mSqNRG0jJe5aZ4BXS7XNHneYzqm%2BLT1%2BybBBtzai44pRuXFo0ootMRdyjTiV3%2B%2BLyfd4skJ4qfqZTB4%2B%2BlQGV4zxgARY59V3szzL7Uqp9874803bOj5GNZ"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6d42b0b6999bee75-CDG
GET H2	200	widget.30aeff0dc52462a8477c.css medchatapp.com/widget/	2 KB 1 KB	161ms 160ms	Stylesheet text/css	13.89.105.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://medchatapp.com/widget/widget.30aeff0dc52462a8477c.css Requested by Host: medchatapp.com URL: https://medchatapp.com/widget/widget.js?api-key=w__f-xs-dkafmqBnQKRUOA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash c691a66130a4f88efe3660936e121c7c67580cb73ee9dd2047691ce43c40f380 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:25 GMT content-encoding gzip etag "05465475ded81:0" last-modified Fri, 21 Jan 2022 00:24:40 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type text/css access-control-allow-origin * accept-ranges bytes access-control-allow-headers Content-Type content-length 841
GET H2	200	/ Show response medchatapp.com/widget-launcher/ Frame 86DF	858 B 811 B	454ms 454ms	Document text/html	13.89.105.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://medchatapp.com/widget-launcher/ Requested by Host: medchatapp.com URL: https://medchatapp.com/widget/widget.js?api-key=w__f-xs-dkafmqBnQKRUOA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 1cfde31e609e34e2398078e1a0054e4094cefc6bc31d88b4e12d50397f4c9310 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ Response headers date Thu, 27 Jan 2022 14:32:25 GMT content-type text/html content-length 555 content-encoding gzip last-modified Fri, 21 Jan 2022 00:24:40 GMT accept-ranges bytes etag "05465475ded81:0" vary Accept-Encoding server Microsoft-IIS/10.0 x-powered-by ASP.NET access-control-allow-origin * access-control-allow-headers Content-Type
GET H2	200	w__f-xs-dkafmqBnQKRUOA Show response medchatapp.com/widget/ Frame 0554	967 B 922 B	156ms 155ms	Document text/html	13.89.105.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://medchatapp.com/widget/w__f-xs-dkafmqBnQKRUOA?&hasWrapper=true Requested by Host: medchatapp.com URL: https://medchatapp.com/widget/widget.js?api-key=w__f-xs-dkafmqBnQKRUOA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash dc29352b8fcfe8af930e99495e998017e9cff3848589fccd44faafefea51b2e2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ Response headers date Thu, 27 Jan 2022 14:32:25 GMT content-type text/html content-length 605 cache-control no-cache, no-store, must-revalidate pragma no-cache content-encoding gzip expires -1 last-modified Fri, 21 Jan 2022 00:24:40 GMT accept-ranges bytes etag "05465475ded81:0" vary Accept-Encoding server Microsoft-IIS/10.0 x-powered-by ASP.NET access-control-allow-origin * access-control-allow-headers Content-Type
GET H2	200	styles.61a7efa4a906063b07d0.css medchatapp.com/widget/ Frame 0554	137 KB 19 KB	286ms 285ms	Stylesheet text/css	13.89.105.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://medchatapp.com/widget/styles.61a7efa4a906063b07d0.css Requested by Host: medchatapp.com URL: https://medchatapp.com/widget/w__f-xs-dkafmqBnQKRUOA?&hasWrapper=true Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 96a5f5e58cf943a4b5e88cf28402fc821a62f1156882b2e3aaabd72887561f16 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://medchatapp.com/widget/w__f-xs-dkafmqBnQKRUOA?&hasWrapper=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:25 GMT content-encoding gzip etag "05465475ded81:0" last-modified Fri, 21 Jan 2022 00:24:40 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type text/css access-control-allow-origin * accept-ranges bytes access-control-allow-headers Content-Type content-length 19120
GET H2	200	runtime-es2015.b83208617f06eb251874.js Show response medchatapp.com/widget/ Frame 0554	2 KB 2 KB	156ms 155ms	Script application/x-javascript	13.89.105.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://medchatapp.com/widget/runtime-es2015.b83208617f06eb251874.js Requested by Host: medchatapp.com URL: https://medchatapp.com/widget/w__f-xs-dkafmqBnQKRUOA?&hasWrapper=true Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash bde4d9bc2cee48938239495228ef033113e14e081ae96ff4e3817af2d3292e2d Request headers Referer https://medchatapp.com/widget/w__f-xs-dkafmqBnQKRUOA?&hasWrapper=true Origin https://medchatapp.com Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:25 GMT content-encoding gzip etag "05465475ded81:0" last-modified Fri, 21 Jan 2022 00:24:40 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * accept-ranges bytes access-control-allow-headers Content-Type content-length 1524
GET H2	200	polyfills-es2015.af5bdcb7508888deef02.js Show response medchatapp.com/widget/ Frame 0554	94 KB 33 KB	158ms 157ms	Script application/x-javascript	13.89.105.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://medchatapp.com/widget/polyfills-es2015.af5bdcb7508888deef02.js Requested by Host: medchatapp.com URL: https://medchatapp.com/widget/w__f-xs-dkafmqBnQKRUOA?&hasWrapper=true Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 5a9b18cf4cdca8a2d21b3f3e46b3c0706acdd26d0a772f45a5aaf5c72ca025db Request headers Referer https://medchatapp.com/widget/w__f-xs-dkafmqBnQKRUOA?&hasWrapper=true Origin https://medchatapp.com Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:25 GMT content-encoding gzip etag "05465475ded81:0" last-modified Fri, 21 Jan 2022 00:24:40 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * accept-ranges bytes access-control-allow-headers Content-Type content-length 33062
GET H2	200	main-es2015.8296b39672b2555bef42.js medchatapp.com/widget/ Frame 0554	4 MB 963 KB	287ms 287ms	Script application/x-javascript	13.89.105.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://medchatapp.com/widget/main-es2015.8296b39672b2555bef42.js Requested by Host: medchatapp.com URL: https://medchatapp.com/widget/w__f-xs-dkafmqBnQKRUOA?&hasWrapper=true Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers Referer https://medchatapp.com/widget/w__f-xs-dkafmqBnQKRUOA?&hasWrapper=true Origin https://medchatapp.com Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:25 GMT content-encoding gzip etag "08196485ded81:0" last-modified Fri, 21 Jan 2022 00:24:42 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * accept-ranges bytes access-control-allow-headers Content-Type content-length 985014
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	23ms 23ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1533379090062939&ev=Microdata&dl=https%3A%2F%2Fwww.triahealth.com%2Fenroll%3Futm_source%3Dsendinblue%26utm_campaign%3DPA_Trigger_First_Distribution%26utm_medium%3Demail&rl=https%3A%2F%2Fr.sbemail.triahealth.com%2F&if=false&ts=1643293945793&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Enroll%20%7C%20Tria%20Health%22%2C%22meta%3Adescription%22%3A%22Tria%20Health%E2%80%99s%20Pharmacy%20Advocate%20Program%20connects%20you%20with%20a%20clinically-trained%20pharmacist%20who%20will%20provide%20confidential%20guidance%20to%20ensure%20your%20medications%20are%20safe%2C%20effective%20and%20affordable.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.51&r=stable&ec=1&o=30&fbp=fb.1.1643293944289.193383332&it=1643293944093&coo=false&es=automatic&tm=3&exp=p0&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:25 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Thu, 27 Jan 2022 14:32:25 GMT
GET		IBMPlexSans-Regular.woff shared-assets.medchatapp.com/fonts/ Frame 0554	0 0
GET H2	200	styles.345291db499d4cff7f3c.css medchatapp.com/widget-launcher/ Frame 86DF	135 KB 18 KB	241ms 240ms	Stylesheet text/css	13.89.105.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://medchatapp.com/widget-launcher/styles.345291db499d4cff7f3c.css Requested by Host: medchatapp.com URL: https://medchatapp.com/widget-launcher/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 4d78179094d1cfb9edc830997d1df790b579946e3507f3f49fc588746aa82b01 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://medchatapp.com/widget-launcher/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:25 GMT content-encoding gzip etag "05465475ded81:0" last-modified Fri, 21 Jan 2022 00:24:40 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type text/css access-control-allow-origin * accept-ranges bytes access-control-allow-headers Content-Type content-length 18659
GET H2	200	runtime-es2015.2bbbae0bdf290eb63962.js Show response medchatapp.com/widget-launcher/ Frame 86DF	1 KB 1 KB	240ms 240ms	Script application/x-javascript	13.89.105.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://medchatapp.com/widget-launcher/runtime-es2015.2bbbae0bdf290eb63962.js Requested by Host: medchatapp.com URL: https://medchatapp.com/widget-launcher/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8 Request headers Referer https://medchatapp.com/widget-launcher/ Origin https://medchatapp.com Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:25 GMT content-encoding gzip etag "05465475ded81:0" last-modified Fri, 21 Jan 2022 00:24:40 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * accept-ranges bytes access-control-allow-headers Content-Type content-length 940
GET H2	200	polyfills-es2015.98c8d458c369cfc66dc6.js Show response medchatapp.com/widget-launcher/ Frame 86DF	100 KB 35 KB	240ms 240ms	Script application/x-javascript	13.89.105.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://medchatapp.com/widget-launcher/polyfills-es2015.98c8d458c369cfc66dc6.js Requested by Host: medchatapp.com URL: https://medchatapp.com/widget-launcher/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 4356143566092b4117464be502d9c9358af65f6298db6690e5fadd55b1b6bc53 Request headers Referer https://medchatapp.com/widget-launcher/ Origin https://medchatapp.com Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:25 GMT content-encoding gzip etag "05465475ded81:0" last-modified Fri, 21 Jan 2022 00:24:40 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * accept-ranges bytes access-control-allow-headers Content-Type content-length 35341
GET		main-es2015.ffb82fd39080fe0c78d7.js medchatapp.com/widget-launcher/ Frame 86DF	0 0
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	26ms 26ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=267894821765550&ev=Microdata&dl=https%3A%2F%2Fwww.triahealth.com%2Fenroll%3Futm_source%3Dsendinblue%26utm_campaign%3DPA_Trigger_First_Distribution%26utm_medium%3Demail&rl=https%3A%2F%2Fr.sbemail.triahealth.com%2F&if=false&ts=1643293946072&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Enroll%20%7C%20Tria%20Health%22%2C%22meta%3Adescription%22%3A%22Tria%20Health%E2%80%99s%20Pharmacy%20Advocate%20Program%20connects%20you%20with%20a%20clinically-trained%20pharmacist%20who%20will%20provide%20confidential%20guidance%20to%20ensure%20your%20medications%20are%20safe%2C%20effective%20and%20affordable.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.51&r=stable&ec=1&o=30&fbp=fb.1.1643293944289.193383332&it=1643293944093&coo=false&es=automatic&tm=3&exp=p0&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www.triahealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:32:26 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Thu, 27 Jan 2022 14:32:26 GMT
GET		IBMPlexSans-Regular.woff shared-assets.medchatapp.com/fonts/ Frame 86DF	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

sibautomation.com

URL

https://sibautomation.com/cdn-cgi/rum?

Domain

static.cloudflareinsights.com

URL

https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Domain

in-automate.sendinblue.com

URL

https://in-automate.sendinblue.com/cm?uuid=bfb6e3fa-3560-43b5-a05a-ac24408e0116&key=htugqpbi6hs0avi9lmtge&cuid=35100306-ae53-436d-8aea-380d2475a7f2

Domain

shared-assets.medchatapp.com

URL

https://shared-assets.medchatapp.com/fonts/IBMPlexSans-Regular.woff

Domain

medchatapp.com

URL

https://medchatapp.com/widget-launcher/main-es2015.ffb82fd39080fe0c78d7.js

Domain

shared-assets.medchatapp.com

URL

https://shared-assets.medchatapp.com/fonts/IBMPlexSans-Regular.woff