Submitted URL: https://doxo.cmail20.com/t/d-l-cuibkl-ttwuuhukh-r/
Effective URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_Reminde...
Submission Tags: phishing malicious Search All
Submission: On January 14 via api from US

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 53 HTTP transactions. The main IP is 3.208.76.160, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.doxo.com.
TLS certificate: Issued by Amazon on November 21st 2020. Valid for: a year.
This is the only time www.doxo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
23 d3uk0evc20lbwv.cloudfront.net www.doxo.com
d3uk0evc20lbwv.cloudfront.net
8 api.mapbox.com d3uk0evc20lbwv.cloudfront.net
6 www.doxo.com d3uk0evc20lbwv.cloudfront.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
d3uk0evc20lbwv.cloudfront.net
www.doxo.com
3 heapanalytics.com www.doxo.com
2 www.facebook.com connect.facebook.net
2 connect.facebook.net www.doxo.com
connect.facebook.net
1 www.google.de www.doxo.com
1 www.google.com www.doxo.com
1 stats.g.doubleclick.net d3uk0evc20lbwv.cloudfront.net
1 cdn.heapanalytics.com www.doxo.com
1 www.googletagmanager.com www.doxo.com
1 doxo.cmail20.com 1 redirects
53 13
Subject Issuer Validity Valid
www.doxo.com
Amazon
2020-11-21 -
2021-12-20
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2020-05-26 -
2021-04-21
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
cdn.heapanalytics.com
Amazon
2020-09-24 -
2021-10-26
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
heapanalytics.com
Amazon
2020-12-24 -
2022-01-22
a year crt.sh
www.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
www.google.de
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
api.mapbox.com
Amazon
2020-03-05 -
2021-04-05
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-12-22 -
2021-03-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Frame ID: F52776BF4BE0CDA0904D6540B3007354
Requests: 53 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://doxo.cmail20.com/t/d-l-cuibkl-ttwuuhukh-r/ HTTP 302
    https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_Non... Page URL

Page Statistics

53
Requests

100 %
HTTPS

54 %
IPv6

12
Domains

13
Subdomains

13
IPs

4
Countries

1050 kB
Transfer

2508 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://doxo.cmail20.com/t/d-l-cuibkl-ttwuuhukh-r/ HTTP 302
    https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set ou-medicine
www.doxo.com/info/
Redirect Chain
  • https://doxo.cmail20.com/t/d-l-cuibkl-ttwuuhukh-r/
  • https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersP...
43 KB
9 KB
Document
General
Full URL
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.76.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
1970573f5c631efca167d82128ae31fdd410717f07f55c62f110d55df8b11181
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
www.doxo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept-Ranges
none
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 14 Jan 2021 18:11:36 GMT
ETag
"ad6b-Mq7+w9en3iCCJQ+ja1qtlYidlec"
Set-Cookie
campaign_code=email; Domain=doxo.com; Path=/; HttpOnly; Secure
Strict-Transport-Security
max-age=31536000
Vary
User-Agent, Accept-Encoding
X-Powered-By
Express
Content-Length
8932
Connection
keep-alive

Redirect headers

Date
Thu, 14 Jan 2021 18:11:35 GMT
Content-Type
text/html; charset=utf-8
Content-Length
489
Connection
keep-alive
Server
_waflopenresty/1.11.2.2
Cache-Control
private
P3P
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Location
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
X-Robots-Tag
noindex, nofollow
X-Frame-Options
SAMEORIGIN
934a247da0f9d05bc7ba.js
d3uk0evc20lbwv.cloudfront.net/_nuxt/
4 KB
2 KB
Script
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/934a247da0f9d05bc7ba.js
Requested by
Host: www.doxo.com
URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
630098e11d818fc8c62bc6c207db5ecd407525aa534343fa733551a1934bf3af

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 23:47:33 GMT
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 23:26:24 GMT
age
584643
x-powered-by
Express
etag
W/"1199-176df2c31c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
30ckbk0bhFqULFqwpXWu5A3KIXCQTYm4r7_mEUUHLtkuhuX1PpjLYw==
commons.app.124a916797ec96eb77db.js
d3uk0evc20lbwv.cloudfront.net/_nuxt/
191 KB
66 KB
Script
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/commons.app.124a916797ec96eb77db.js
Requested by
Host: www.doxo.com
URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
2fe095831307ee756169a2e4e59f8d41c08a3e24e999a1589a5c218d27c9d5a9

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 23:47:33 GMT
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 23:20:54 GMT
age
584643
x-powered-by
Express
etag
W/"2fce7-176df272a35"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
Jd-nZD4dGWIFgLbYjs5UoDIZhtnx8QxqkKFDbCvdrqN-bB6kvmpFnA==
vendors.app.6b0c3d00d91a144f59b7.css
d3uk0evc20lbwv.cloudfront.net/_nuxt/
88 KB
12 KB
Stylesheet
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.app.6b0c3d00d91a144f59b7.css
Requested by
Host: www.doxo.com
URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
05afc5a8627730109e05adfbd45e8b91890ffbedc2bd459c52b9f7aa228bf5c4

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 23:47:33 GMT
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 23:26:24 GMT
age
584643
x-powered-by
Express
etag
W/"15e8d-176df2c31c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
1aOTxky38WnlRuik4bnJmHK7tfU8GwHbEhduQ5r_rtiv1fWP_t3z6g==
vendors.app.9eb25f5ebea001fb217c.js
d3uk0evc20lbwv.cloudfront.net/_nuxt/
219 KB
61 KB
Script
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.app.9eb25f5ebea001fb217c.js
Requested by
Host: www.doxo.com
URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
255ce5dc1ee1915012643ea1ddeaf53aac3951d186c70d07e5b69cf60ec44124

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 23:47:33 GMT
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 23:26:24 GMT
age
584643
x-powered-by
Express
etag
W/"36cef-176df2c31c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
K9krYSg1PsTmVGBY0mnCdIq4DC5o5VPxdabnyIlWnieuxpCr-n6g-w==
app.4dba2c55f37e88df978d.css
d3uk0evc20lbwv.cloudfront.net/_nuxt/
125 KB
21 KB
Stylesheet
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/app.4dba2c55f37e88df978d.css
Requested by
Host: www.doxo.com
URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
c97b016a1a5ddf0ab85b0158a1e7d827145df42a2d72eb31cf8784d11deb254d

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 22:56:19 GMT
content-encoding
gzip
last-modified
Thu, 03 Dec 2020 22:51:03 GMT
age
3611717
x-powered-by
Express
etag
W/"1f44c-1762acd3ffb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
wBRsKgq-BMpJbdjK4B2irXYpIQY-R1WpOA9ZN84BbOdrKaZIIL-pYw==
app.44e27d2fa725149686d3.js
d3uk0evc20lbwv.cloudfront.net/_nuxt/
83 KB
26 KB
Script
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/app.44e27d2fa725149686d3.js
Requested by
Host: www.doxo.com
URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
1c0708ccfb2a477070b85fed5135a0e59e5b9c97a112c78e65a64f7930a839b6

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 23:47:33 GMT
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 23:30:43 GMT
age
584643
x-powered-by
Express
etag
W/"14d17-176df302738"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
r2FwbKtjWtqmpUyirzkGX6DQsDyIDz4SWAxt1YWk_G7WCiOx-QA_dg==
_namespace.c7661451a7c6fc3af846.css
d3uk0evc20lbwv.cloudfront.net/_nuxt/pages/info/
3 KB
1 KB
Stylesheet
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/pages/info/_namespace.c7661451a7c6fc3af846.css
Requested by
Host: www.doxo.com
URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
6ed99c1586947323dffba7de363a6ca3e51db2029352dbbc8b0a4a324c091631

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 22:56:20 GMT
content-encoding
gzip
etag
W/"c35-1762ad0a4a1"
last-modified
Thu, 03 Dec 2020 22:54:45 GMT
age
3611716
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
1092
x-amz-cf-id
dpBcITc9zxJFpShDmzoGSaopzKR4tHNo8uP8GRNPst4lb60h5kltgg==
_namespace.59e6ed88db7f9de4e03b.js
d3uk0evc20lbwv.cloudfront.net/_nuxt/pages/info/
57 KB
14 KB
Script
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/pages/info/_namespace.59e6ed88db7f9de4e03b.js
Requested by
Host: www.doxo.com
URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
72f417a5b653eae9322130732062c8653d687dedeb4467a0ee885a1d5d1890a5

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 23:47:33 GMT
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 23:26:24 GMT
age
584643
x-powered-by
Express
etag
W/"e31e-176df2c31e6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
qddvBphRP26KreJfizqEm1FYvq7tu4zZDCC1nC68e0BjkUE7eryMQg==
gtm.js
www.googletagmanager.com/
143 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MN22SCS&l=dataLayer
Requested by
Host: www.doxo.com
URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d37cf9fe128e0291bd20ca13400c06023737a8d9c6895870976ddb6de04e2474
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 18:11:36 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44137
x-xss-protection
0
expires
Thu, 14 Jan 2021 18:11:36 GMT
9f38fb8.svg
d3uk0evc20lbwv.cloudfront.net/_nuxt/img/
3 KB
1 KB
Image
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/img/9f38fb8.svg
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/app.4dba2c55f37e88df978d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
48fe57197c6406500d119038763401e4be7600fef6dc1a724b82b8aba1c51862

Request headers

Referer
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/app.4dba2c55f37e88df978d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 10:10:25 GMT
content-encoding
gzip
etag
W/"a6a-1758b88721b"
last-modified
Tue, 03 Nov 2020 00:36:16 GMT
age
4348871
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
1083
x-amz-cf-id
PvW-N1EjDlbiq7JiZFkryNWfUu7J8f-tmwSv1WjZxE6RChyvA7OlQA==
a5d5a6d.svg
d3uk0evc20lbwv.cloudfront.net/_nuxt/img/
6 KB
2 KB
Image
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/img/a5d5a6d.svg
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/app.4dba2c55f37e88df978d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
8a71453aefa4e599f95edd9bb58da2d8f674b96fe5535cd31e7dc4d1fff32c59

Request headers

Referer
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/app.4dba2c55f37e88df978d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 21 Nov 2020 08:50:45 GMT
content-encoding
gzip
etag
W/"1771-1758b8bbf7c"
last-modified
Tue, 03 Nov 2020 00:39:52 GMT
age
4699251
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
1690
x-amz-cf-id
ei77SKRkNG7OjB-Wr1Y127-vK3xrzbbaigLzi0ec1aB7LekIf4Cw2w==
703cf8f.woff2
d3uk0evc20lbwv.cloudfront.net/_nuxt/fonts/
81 KB
81 KB
Font
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/fonts/703cf8f.woff2
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/app.4dba2c55f37e88df978d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
bf72a72b82528382a139fe56546c4494dd64e82706c2cbef91739445ca6a3fbb

Request headers

Origin
https://www.doxo.com
Referer
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/app.4dba2c55f37e88df978d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 02:01:20 GMT
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
etag
W/"1423c-1762ad3925d"
last-modified
Thu, 03 Dec 2020 22:57:57 GMT
age
2736616
x-powered-by
Express
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
https://www.doxo.com
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
82492
x-amz-cf-id
5xwDKweSt-k5L9U20UTxoaYYixAQe0gnCWJRELWpftUu1sK2H74A_Q==
_namespace.e234557b834107e8647d.js
d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.app-primary-nav.pages/info/
0
6 KB
Other
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.app-primary-nav.pages/info/_namespace.e234557b834107e8647d.js
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/934a247da0f9d05bc7ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 23:51:57 GMT
content-encoding
gzip
etag
W/"4912-176df272a35"
last-modified
Thu, 07 Jan 2021 23:20:54 GMT
age
584381
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
5317
x-amz-cf-id
r9bi9MKCdtneU0PYntdECx4IPGEPIzi3B8JmS41nWcrkU1k8JVz0BQ==
vendors.app-primary-nav.5a6a64deb9591adf40c2.js
d3uk0evc20lbwv.cloudfront.net/_nuxt/
0
6 KB
Other
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.app-primary-nav.5a6a64deb9591adf40c2.js
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/934a247da0f9d05bc7ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 23:53:53 GMT
content-encoding
gzip
etag
W/"4c0a-176df2c31c6"
last-modified
Thu, 07 Jan 2021 23:26:24 GMT
age
584265
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
5950
x-amz-cf-id
UIymXHuMX9OQ-ZXy1SBmtzeSuk13vj90J_x7AP5KDQT-UtVvoaWHpw==
app-primary-nav.a818630061f6720ff047.js
d3uk0evc20lbwv.cloudfront.net/_nuxt/
0
6 KB
Other
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/app-primary-nav.a818630061f6720ff047.js
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/934a247da0f9d05bc7ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 23:53:53 GMT
content-encoding
gzip
etag
W/"6735-176df302738"
last-modified
Thu, 07 Jan 2021 23:30:43 GMT
age
584265
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
6183
x-amz-cf-id
-oXcN2zbz2_3WUc00u9MFDoO3HJz7DQzyEqNMGB1cNNv-X0Y1eK30g==
app-auth-dialog.0952b67fe4a219ba727f.js
d3uk0evc20lbwv.cloudfront.net/_nuxt/
0
4 KB
Other
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/app-auth-dialog.0952b67fe4a219ba727f.js
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/934a247da0f9d05bc7ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 01:51:37 GMT
content-encoding
gzip
etag
W/"2a37-176df2c31b6"
last-modified
Thu, 07 Jan 2021 23:26:24 GMT
age
577201
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
3892
x-amz-cf-id
CSdEfOsJm3rz_vHc6ruA33V3qz0INSjTHy0BKfzeLg-ds6UnSzyxtQ==
app-user-nav.875712c168140c093c19.js
d3uk0evc20lbwv.cloudfront.net/_nuxt/
0
5 KB
Other
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/app-user-nav.875712c168140c093c19.js
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/934a247da0f9d05bc7ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 01:51:33 GMT
content-encoding
gzip
etag
W/"379f-176df272a35"
last-modified
Thu, 07 Jan 2021 23:20:54 GMT
age
577205
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
4638
x-amz-cf-id
fED7I1eibVcFw3Ql92tSKFvSkinRXo6qcRRpvlIkpOmRHCLbnkFUSQ==
pending-folder-dialog.5c0f5192b3e4c8247d96.js
d3uk0evc20lbwv.cloudfront.net/_nuxt/
0
7 KB
Other
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/pending-folder-dialog.5c0f5192b3e4c8247d96.js
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/934a247da0f9d05bc7ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 01:51:36 GMT
content-encoding
gzip
etag
W/"61f1-176df2c31c2"
last-modified
Thu, 07 Jan 2021 23:26:24 GMT
age
577202
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
7041
x-amz-cf-id
yZap1XOiHeJjiDCR0lMQGQzEpGbIjXDAZ7X1sH72g5uRHZqpsR_bHQ==
_namespace.e234557b834107e8647d.js
d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.app-primary-nav.pages/info/
18 KB
6 KB
Script
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.app-primary-nav.pages/info/_namespace.e234557b834107e8647d.js
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/934a247da0f9d05bc7ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
1148dcc88c19b2ec9bba3f089ab4eeca3860a9c7d7842643fdd036c2b1cc1339

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 23:51:57 GMT
content-encoding
gzip
etag
W/"4912-176df272a35"
last-modified
Thu, 07 Jan 2021 23:20:54 GMT
age
584381
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
5317
x-amz-cf-id
joyjKpXiWL9cHTBhH-lbahQM4E0Wu4eatG0tlrdKfhPMAWBVw0ZlDQ==
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN22SCS&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3126
date
Thu, 14 Jan 2021 17:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Thu, 14 Jan 2021 19:19:32 GMT
heap-3839637385.js
cdn.heapanalytics.com/js/
103 KB
40 KB
Script
General
Full URL
https://cdn.heapanalytics.com/js/heap-3839637385.js
Requested by
Host: www.doxo.com
URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-29.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
3585bb2b17a07d506215acfa4044ebe8ca71125895f4812a6434647a0ebb4f86

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 18:11:38 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"19c94-mupNNbHAzZ6GM9GFBp+/uw"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-id
6wavDbQx0mRp-PCAuxACBcL83igUuogYVMz09OQlT-izlToRbD8kzA==
vendors.provider-stats.f8c3e3617efcbb7b4ebf.css
d3uk0evc20lbwv.cloudfront.net/_nuxt/
1 KB
852 B
Stylesheet
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.provider-stats.f8c3e3617efcbb7b4ebf.css
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/934a247da0f9d05bc7ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
525c412087273097b92176841cb1e6b45cca6afcd87d8510e8a40ff767a19b61

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 04:20:09 GMT
content-encoding
gzip
etag
W/"498-1762acd4003"
last-modified
Thu, 03 Dec 2020 22:51:03 GMT
age
1777889
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
457
x-amz-cf-id
vFSXqopGekh8kpAiajyd9yG-cjs70gcTv4z35zyFCcpF7OUZZD-qtA==
vendors.provider-stats.274dbbdafa5797915d44.js
d3uk0evc20lbwv.cloudfront.net/_nuxt/
592 KB
173 KB
Script
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.provider-stats.274dbbdafa5797915d44.js
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/934a247da0f9d05bc7ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
aa1da1ab8527b1c33b4bb3bb360d5a2376709afbdc696f3d2c90bf05639dd3e5

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 23:52:14 GMT
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 23:30:43 GMT
age
584364
x-powered-by
Express
etag
W/"93f2f-176df30273c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
KePXLREPIIH3I7s5xVTcBAFGjw9RSq04zySMnhmAti5IWk5ik76IwA==
provider-stats.2f4947ae1911323b4b83.css
d3uk0evc20lbwv.cloudfront.net/_nuxt/
20 KB
6 KB
Stylesheet
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/provider-stats.2f4947ae1911323b4b83.css
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/934a247da0f9d05bc7ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
55d0b5759323dce3381b93c6ce384456beb517e662e124afaae613ab1c0df88e

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 05:01:04 GMT
content-encoding
gzip
etag
W/"4ff4-1762ad39261"
last-modified
Thu, 03 Dec 2020 22:57:57 GMT
age
2207434
x-powered-by
Express
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
5479
x-amz-cf-id
zVuQVlm-Aw9VVAX06LxI9PrlT3XlqpH9R56r1W1KgruQOgCKDgbh1g==
provider-stats.9de46b7021392e9f6652.js
d3uk0evc20lbwv.cloudfront.net/_nuxt/
38 KB
11 KB
Script
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/provider-stats.9de46b7021392e9f6652.js
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/934a247da0f9d05bc7ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
8eb3ab35835199664db4884a8a8b61f1af153d243e03acefb981660a93cbb3e9

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 23:52:14 GMT
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 23:26:24 GMT
age
584364
x-powered-by
Express
etag
W/"9960-176df2c31c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
GNAeexNertA9T7lKUTUrK17S4FuUlRQFPw_D4EgyxMp7zL7XrRT-Yw==
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
986 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 17:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1525
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Thu, 14 Jan 2021 18:46:13 GMT
collect
www.google-analytics.com/j/
2 B
64 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=706496550&t=pageview&_s=1&dl=https%3A%2F%2Fwww.doxo.com%2Finfo%2Fou-medicine%3Fcampaign_code%3Demail%26utm_medium%3Demail%26utm_campaign%3DDAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%26utm_content%3DDAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%2520CID_b39c98760552241458c2dc3b95421c62%26utm_source%3Dcampaign%2520monitor%26utm_term%3Dpaying%2520your%2520ProviderName%2520fallback%2520bill&ul=en-us&de=UTF-8&dt=OU%20Medicine%20%7C%20Pay%20Your%20Bill%20Online%20%7C%20doxo.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAAC~&jid=168241447&gjid=1278034904&cid=78312622.1610647899&tid=UA-9243928-1&_gid=1039673566.1610647899&_r=1&gtm=2wgbu0MN22SCS&cd13=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&z=854543828
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.app.9eb25f5ebea001fb217c.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 18:11:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.doxo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
63 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=706496550&t=pageview&_s=1&dl=https%3A%2F%2Fwww.doxo.com%2Finfo%2Fou-medicine%3Fcampaign_code%3Demail%26utm_medium%3Demail%26utm_campaign%3DDAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%26utm_content%3DDAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%2520CID_b39c98760552241458c2dc3b95421c62%26utm_source%3Dcampaign%2520monitor%26utm_term%3Dpaying%2520your%2520ProviderName%2520fallback%2520bill&dp=%2Finfo%2Fou-medicine&ul=en-us&de=UTF-8&dt=(not%20set)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEAjAAAAAC~&jid=&gjid=&cid=78312622.1610647899&tid=UA-9243928-1&_gid=1039673566.1610647899&gtm=2wgbu0MN22SCS&cd13=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&z=1941255877
Requested by
Host: www.doxo.com
URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jan 2021 23:03:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68879
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
444 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-9243928-1&cid=78312622.1610647899&jid=168241447&gjid=1278034904&_gid=1039673566.1610647899&_u=aGBAAEAiAAAAAC~&z=282194350
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.app.9eb25f5ebea001fb217c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 14 Jan 2021 18:11:38 GMT
content-type
text/plain
access-control-allow-origin
https://www.doxo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
h
heapanalytics.com/
37 B
212 B
Image
General
Full URL
https://heapanalytics.com/h?a=3839637385&u=7943442985743026&v=8916727774149024&s=5347646012429163&b=web&tv=4.0&z=0&h=%2Finfo%2Fou-medicine&q=%3Fcampaign_code%3Demail%26utm_medium%3Demail%26utm_campaign%3DDAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%26utm_content%3DDAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%2520CID_b39c98760552241458c2dc3b95421c62%26utm_source%3Dcampaign%2520monitor%26utm_term%3Dpaying%2520your%2520ProviderName%2520fallback%2520bill&d=www.doxo.com&t=OU%20Medicine%20%7C%20Pay%20Your%20Bill%20Online%20%7C%20doxo.com&us=campaign%20monitor&um=email&ut=paying%20your%20ProviderName%20fallback%20bill&uc=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&ua=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&ts=1610647898774&st=1610647898777
Requested by
Host: www.doxo.com
URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.197.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-197-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 18:11:39 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-length
37
content-type
image/gif
telemetry
heapanalytics.com/api/
37 B
213 B
Image
General
Full URL
https://heapanalytics.com/api/telemetry?a=3839637385&te=type&te=data&te=cm&te=Obviously%20wrong%20identify%20call%20made&st=1610647898779&hv=4.13.2
Requested by
Host: www.doxo.com
URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.197.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-197-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 18:11:39 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-length
37
content-type
image/gif
map_bounds
www.doxo.com/client_api/providers/333481/
65 B
2 KB
XHR
General
Full URL
https://www.doxo.com/client_api/providers/333481/map_bounds
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.app.9eb25f5ebea001fb217c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.76.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
04883a8067b4e5958500e6038d45d7b186363d661e895f430fe7a46a01c4d953
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com; font-src data: fonts.gstatic.com/ 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; form-action 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com; frame-ancestors 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; frame-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com *.criteo.com; img-src data: https: www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; object-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; script-src 'unsafe-eval' 'unsafe-inline' www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; style-src 'unsafe-inline' fonts.googleapis.com/ tagmanager.google.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; base-uri 'self'; connect-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com; font-src data: fonts.gstatic.com/ 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; form-action 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com; frame-ancestors 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; frame-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com *.criteo.com; img-src data: https: www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; object-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; script-src 'unsafe-eval' 'unsafe-inline' www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; style-src 'unsafe-inline' fonts.googleapis.com/ tagmanager.google.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Status
200 OK
Connection
keep-alive
Content-Length
65
X-XSS-Protection
1; mode=block
X-Request-Id
0678ff0e-aeaa-4afc-8a71-563e73ef3262
X-Runtime
0.046683
Server
Apache
X-Frame-Options
sameorigin
Date
Thu, 14 Jan 2021 18:11:40 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=631138519
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
ETag
W/"ff69c866891582b4dfa22cb0f3549a6a"
ga-audiences
www.google.com/ads/
42 B
505 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-9243928-1&cid=78312622.1610647899&jid=168241447&_u=aGBAAEAiAAAAAC~&z=2093009727
Requested by
Host: www.doxo.com
URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 18:11:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
505 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-9243928-1&cid=78312622.1610647899&jid=168241447&_u=aGBAAEAiAAAAAC~&z=2093009727
Requested by
Host: www.doxo.com
URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 18:11:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
telemetry
heapanalytics.com/api/
37 B
212 B
Image
General
Full URL
https://heapanalytics.com/api/telemetry?a=3839637385&te=type&te=data&te=cm&te=addUserProperties%20-%20no%20valid%20props&st=1610647898780&hv=4.13.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.197.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-197-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 18:11:39 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-length
37
content-type
image/gif
700%20NE%2013th%20St%20%26%20Lincoln%20Blvd%20%2C%20Oklahoma%20City%2C%20OK%2C%2073104.json
api.mapbox.com/geocoding/v5/mapbox.places/
0
0
Other
General
Full URL
https://api.mapbox.com/geocoding/v5/mapbox.places/700%20NE%2013th%20St%20%26%20Lincoln%20Blvd%20%2C%20Oklahoma%20City%2C%20OK%2C%2073104.json?access_token=pk.eyJ1IjoiZG94byIsImEiOiJRbGgxRWVnIn0.xj__D3rzvhWs8JGfrElnxg&autocomplete=false&country=us&types=address
Protocol
HTTP/1.1
Server
13.35.254.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-140.fra6.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-requested-with
Origin
https://www.doxo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Length
0
Connection
keep-alive
Date
Thu, 14 Jan 2021 18:11:40 GMT
X-Powered-By
Express
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Vary
Access-Control-Request-Headers
Access-Control-Allow-Headers
x-requested-with
Access-Control-Expose-Headers
x-rate-limit-interval,x-rate-limit-limit,x-rate-limit-remaining,x-rate-limit-reset
X-Cache
Miss from cloudfront
Via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
3JWNvF22RycNMliHcp8A4HOX7t_VP17gWXSd5R1rqbxcS9dkwWchDA==
403
api.mapbox.com/styles/v1/mapbox/light-v9/tiles/10/234/
62 KB
62 KB
Image
General
Full URL
https://api.mapbox.com/styles/v1/mapbox/light-v9/tiles/10/234/403?access_token=pk.eyJ1IjoiZG94byIsImEiOiJRbGgxRWVnIn0.xj__D3rzvhWs8JGfrElnxg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.254.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-140.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
56f4f4549e3c4c384271594ad45f67363a215a2aabc490ab4c5b649ff4b4cf47

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 18:11:40 GMT
Via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
X-Rate-Limit-Limit
6000
X-Amz-Cf-Pop
FRA6-C1
X-Powered-By
Express
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Rate-Limit-Interval
60
Cache-Control
max-age=43200,s-maxage=43200
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
63139
ETag
"ea9e1da236be4fd04815d27be8f4b30403db3357faa60424517e5ac28030da78"
X-Amz-Cf-Id
-JT3stVpsVfyAdVwqR9pynsDiwRnuo4RGunt2A_SrOSybT8jo6Cz9g==
404
api.mapbox.com/styles/v1/mapbox/light-v9/tiles/10/234/
61 KB
62 KB
Image
General
Full URL
https://api.mapbox.com/styles/v1/mapbox/light-v9/tiles/10/234/404?access_token=pk.eyJ1IjoiZG94byIsImEiOiJRbGgxRWVnIn0.xj__D3rzvhWs8JGfrElnxg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.254.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-140.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
1f222499a99f904678ac2a63d59307e1308c958cb1ef63397b74468c4d0095da

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 18:11:40 GMT
Via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
X-Rate-Limit-Limit
6000
X-Amz-Cf-Pop
FRA6-C1
X-Powered-By
Express
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Rate-Limit-Interval
60
Cache-Control
max-age=43200,s-maxage=43200
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
62494
ETag
"cb8e151604b92b698f46013e0c949f1118b89610dd183c8292b206cdb79a064e"
X-Amz-Cf-Id
PacU_8bWsDkp7AXZQ1Yb8L-SxWG9r_0cLXF7dSpzbEMUkCLnuRx5_w==
403
api.mapbox.com/styles/v1/mapbox/light-v9/tiles/10/233/
35 KB
36 KB
Image
General
Full URL
https://api.mapbox.com/styles/v1/mapbox/light-v9/tiles/10/233/403?access_token=pk.eyJ1IjoiZG94byIsImEiOiJRbGgxRWVnIn0.xj__D3rzvhWs8JGfrElnxg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.254.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-140.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
e7bc4c077d4603d47a55e1d523ac05c5fbcd31147af69c4c8a0deac1bb29e141

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 18:11:41 GMT
Via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
X-Rate-Limit-Limit
6000
X-Amz-Cf-Pop
FRA6-C1
X-Powered-By
Express
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Rate-Limit-Interval
60
Cache-Control
max-age=43200,s-maxage=43200
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
36294
ETag
"361d14941bcfe41785cb335816f434a8d0668e136acc0b3bd1e63f7a4ae2401e"
X-Amz-Cf-Id
Gh2Z93jML5jBk9EeMk5BftuUzdKFkrdObItkKalSDkcpRi5mhfrD-w==
403
api.mapbox.com/styles/v1/mapbox/light-v9/tiles/10/235/
52 KB
52 KB
Image
General
Full URL
https://api.mapbox.com/styles/v1/mapbox/light-v9/tiles/10/235/403?access_token=pk.eyJ1IjoiZG94byIsImEiOiJRbGgxRWVnIn0.xj__D3rzvhWs8JGfrElnxg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.254.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-140.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
a7795946499fbf22b829772b2500b0db4d4c145f8f73131b23f8d40e36805d26

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 18:11:41 GMT
Via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
X-Rate-Limit-Limit
6000
X-Amz-Cf-Pop
FRA6-C1
X-Powered-By
Express
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Rate-Limit-Interval
60
Cache-Control
max-age=43200,s-maxage=43200
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
52985
ETag
"45efc16d9dcfbd281210588431b3c0a68f1764d26e377997bb71334bd128a52c"
X-Amz-Cf-Id
qleZ5XnEJZiZgsqLYnillUuSQb27sS4awZZKKlNqndhL5HgpK8n4Ag==
404
api.mapbox.com/styles/v1/mapbox/light-v9/tiles/10/233/
30 KB
31 KB
Image
General
Full URL
https://api.mapbox.com/styles/v1/mapbox/light-v9/tiles/10/233/404?access_token=pk.eyJ1IjoiZG94byIsImEiOiJRbGgxRWVnIn0.xj__D3rzvhWs8JGfrElnxg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.254.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-140.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
e5b1a9a2b767c5c7c530c3a44e80e0d9f5f5de55bfe2643936b60fcb860714e5

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 18:11:41 GMT
Via
1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
X-Rate-Limit-Limit
6000
X-Amz-Cf-Pop
FRA6-C1
X-Powered-By
Express
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Rate-Limit-Interval
60
Cache-Control
max-age=43200,s-maxage=43200
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
30794
ETag
"d3558fdadf6961bde368e3d698e0a648a8fa486c68f72f0f063f8dacec35597c"
X-Amz-Cf-Id
DAHmzscK3kv_1WWsPvoIniNqaBoScnaXnxwcPMdnj4EYswpvj7QcDA==
404
api.mapbox.com/styles/v1/mapbox/light-v9/tiles/10/235/
51 KB
51 KB
Image
General
Full URL
https://api.mapbox.com/styles/v1/mapbox/light-v9/tiles/10/235/404?access_token=pk.eyJ1IjoiZG94byIsImEiOiJRbGgxRWVnIn0.xj__D3rzvhWs8JGfrElnxg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.254.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-140.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
c0ca1a60c1b9c6e32e0a8d7dd24b8e3c6706dac320e5bb8b754720020c7165b7

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 18:11:41 GMT
Via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
X-Rate-Limit-Limit
6000
X-Amz-Cf-Pop
FRA6-C1
X-Powered-By
Express
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Rate-Limit-Interval
60
Cache-Control
max-age=43200,s-maxage=43200
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
51817
ETag
"bd0f5f5d13f318a75ca6873914d96283ac8bf40cce44b249330a8c84b64ebe29"
X-Amz-Cf-Id
ZDYOl-2Ic5UhByimcGllg-iAQvM62BDfYdDkLUI-VGOc8LJJzmJzfA==
-98_07014465332033,35_459551379037606,-97_23518371582031,35_68295607559029
www.doxo.com/client_api/providers/333481/users_heatmap/
197 B
2 KB
XHR
General
Full URL
https://www.doxo.com/client_api/providers/333481/users_heatmap/-98_07014465332033,35_459551379037606,-97_23518371582031,35_68295607559029
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.app.9eb25f5ebea001fb217c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.76.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
62c693946957242709cf48237c0331baaf176ed58275fa1c5a3205be4db1278e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com; font-src data: fonts.gstatic.com/ 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; form-action 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com; frame-ancestors 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; frame-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com *.criteo.com; img-src data: https: www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; object-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; script-src 'unsafe-eval' 'unsafe-inline' www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; style-src 'unsafe-inline' fonts.googleapis.com/ tagmanager.google.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
X-XSRF-TOKEN
sNXUxt1C5doQNCYgFEgOhlzxnMzBG5wVLOifTXu07L3vHMiaEd2DvuYOuXzjnU6PF+9yi84E35PYd5zDWQqMtg==
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; base-uri 'self'; connect-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com; font-src data: fonts.gstatic.com/ 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; form-action 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com; frame-ancestors 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; frame-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com *.criteo.com; img-src data: https: www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; object-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; script-src 'unsafe-eval' 'unsafe-inline' www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; style-src 'unsafe-inline' fonts.googleapis.com/ tagmanager.google.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Status
200 OK
Connection
keep-alive
Content-Length
197
X-XSS-Protection
1; mode=block
X-Request-Id
aa621182-6e2a-4046-b949-465b389fa195
X-Runtime
0.030580
Server
Apache
X-Frame-Options
sameorigin
Date
Thu, 14 Jan 2021 18:11:40 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=631138519
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
ETag
W/"fe830e4300176f111a51294b463ccfec"
700%20NE%2013th%20St%20%26%20Lincoln%20Blvd%20%2C%20Oklahoma%20City%2C%20OK%2C%2073104.json
api.mapbox.com/geocoding/v5/mapbox.places/
4 KB
2 KB
XHR
General
Full URL
https://api.mapbox.com/geocoding/v5/mapbox.places/700%20NE%2013th%20St%20%26%20Lincoln%20Blvd%20%2C%20Oklahoma%20City%2C%20OK%2C%2073104.json?access_token=pk.eyJ1IjoiZG94byIsImEiOiJRbGgxRWVnIn0.xj__D3rzvhWs8JGfrElnxg&autocomplete=false&country=us&types=address
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.app.9eb25f5ebea001fb217c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.254.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-140.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
48cf1d849522b9adefaab9721d6ffa6f230de09e96969771d6f37d9bbf83523e

Request headers

Accept
application/json
Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 18:11:41 GMT
Content-Encoding
gzip
X-Rate-Limit-Limit
600
X-Amz-Cf-Pop
FRA6-C1
X-Powered-By
Express
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Wed, 13 Jan 2021 15:25:36 GMT
ETag
"8eabc0e50362e2bbb4b0f03d8992152d"
Vary
Accept-Encoding
Content-Type
application/vnd.geo+json; charset=utf-8
Via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
X-Rate-Limit-Interval
60
Access-Control-Expose-Headers
x-rate-limit-interval,x-rate-limit-limit,x-rate-limit-remaining,x-rate-limit-reset
Cache-Control
max-age=604800
X-Rate-Limit-Reset
1610647960
X-Amz-Cf-Id
2Xi2lzlKfHrI1_3ysOUnjZ8ohIUAQzByOO04j1FT837QrzFVoV1n-Q==
browser
www.doxo.com/client_api/geos/-98_07014465332033,35_459551379037606,-97_23518371582031,35_68295607559029/
1 KB
3 KB
XHR
General
Full URL
https://www.doxo.com/client_api/geos/-98_07014465332033,35_459551379037606,-97_23518371582031,35_68295607559029/browser
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.app.9eb25f5ebea001fb217c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.76.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
f6ca86685767846e18813bc4a76e86d751a651de4dd730c22fa3b31a92855690
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com; font-src data: fonts.gstatic.com/ 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; form-action 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com; frame-ancestors 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; frame-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com *.criteo.com; img-src data: https: www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; object-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; script-src 'unsafe-eval' 'unsafe-inline' www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; style-src 'unsafe-inline' fonts.googleapis.com/ tagmanager.google.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
X-XSRF-TOKEN
sNXUxt1C5doQNCYgFEgOhlzxnMzBG5wVLOifTXu07L3vHMiaEd2DvuYOuXzjnU6PF+9yi84E35PYd5zDWQqMtg==
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; base-uri 'self'; connect-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com; font-src data: fonts.gstatic.com/ 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; form-action 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com; frame-ancestors 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; frame-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com *.criteo.com; img-src data: https: www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; object-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; script-src 'unsafe-eval' 'unsafe-inline' www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; style-src 'unsafe-inline' fonts.googleapis.com/ tagmanager.google.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Status
200 OK
Connection
keep-alive
Content-Length
1048
X-XSS-Protection
1; mode=block
X-Request-Id
59c2263e-c912-492b-97d6-846442093b7e
X-Runtime
0.038765
Server
Apache
X-Frame-Options
sameorigin
Date
Thu, 14 Jan 2021 18:11:40 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=631138519
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
ETag
W/"7bf76bd53b07951d2614a6a85f26bd68"
333481
www.doxo.com/services/trends/follows/
14 KB
16 KB
XHR
General
Full URL
https://www.doxo.com/services/trends/follows/333481
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.app.9eb25f5ebea001fb217c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.76.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
597601e6d4ef4bbcc2d84ca0a7f2462161000834417ff614052d8b8457bf5703
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com; font-src data: fonts.gstatic.com/ 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; form-action 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com; frame-ancestors 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; frame-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com *.criteo.com; img-src data: https: www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; object-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; script-src 'unsafe-eval' 'unsafe-inline' www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; style-src 'unsafe-inline' fonts.googleapis.com/ tagmanager.google.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
X-XSRF-TOKEN
sNXUxt1C5doQNCYgFEgOhlzxnMzBG5wVLOifTXu07L3vHMiaEd2DvuYOuXzjnU6PF+9yi84E35PYd5zDWQqMtg==
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; base-uri 'self'; connect-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com; font-src data: fonts.gstatic.com/ 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; form-action 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com; frame-ancestors 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; frame-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com *.criteo.com; img-src data: https: www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; object-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; script-src 'unsafe-eval' 'unsafe-inline' www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; style-src 'unsafe-inline' fonts.googleapis.com/ tagmanager.google.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Status
200 OK
Connection
keep-alive
Content-Length
14575
X-XSS-Protection
1; mode=block
X-Request-Id
2c366677-b4e5-4e59-b154-e7c2386e46a1
X-Runtime
0.119887
Server
Apache
X-Frame-Options
sameorigin
Date
Thu, 14 Jan 2021 18:11:40 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=631138519
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
ETag
W/"5b4929e89cb5a40f52a5af3044e98bdf"
payment_stats
www.doxo.com/client_api/providers/333481/
60 B
2 KB
XHR
General
Full URL
https://www.doxo.com/client_api/providers/333481/payment_stats
Requested by
Host: d3uk0evc20lbwv.cloudfront.net
URL: https://d3uk0evc20lbwv.cloudfront.net/_nuxt/vendors.app.9eb25f5ebea001fb217c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.76.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
8dc7fdcb74d16a7c31bcc16e2d1824e8f924bccfd27f3d204c786327c0e49713
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com; font-src data: fonts.gstatic.com/ 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; form-action 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com; frame-ancestors 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; frame-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com *.criteo.com; img-src data: https: www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; object-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; script-src 'unsafe-eval' 'unsafe-inline' www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; style-src 'unsafe-inline' fonts.googleapis.com/ tagmanager.google.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
X-XSRF-TOKEN
sNXUxt1C5doQNCYgFEgOhlzxnMzBG5wVLOifTXu07L3vHMiaEd2DvuYOuXzjnU6PF+9yi84E35PYd5zDWQqMtg==
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; base-uri 'self'; connect-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com; font-src data: fonts.gstatic.com/ 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; form-action 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com; frame-ancestors 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; frame-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net www.facebook.com *.criteo.com; img-src data: https: www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; object-src 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; script-src 'unsafe-eval' 'unsafe-inline' www.google-analytics.com www.googletagmanager.com tagmanager.google.com api.mapbox.com bat.bing.com connect.facebook.net www.facebook.com s.yimg.com sp.analytics.yahoo.com dmc1acwvwny3.cloudfront.net static.criteo.net *.criteo.com *.fullstory.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net; style-src 'unsafe-inline' fonts.googleapis.com/ tagmanager.google.com 'self' *.doxo.com d2hj3iamqbctsc.cloudfront.net
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Status
200 OK
Connection
keep-alive
Content-Length
60
X-XSS-Protection
1; mode=block
X-Request-Id
6b61b7b4-5bee-4b18-81db-9b664cb81c7c
X-Runtime
0.033891
Server
Apache
X-Frame-Options
sameorigin
Date
Thu, 14 Jan 2021 18:11:40 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=631138519
Content-Type
application/json; charset=utf-8
Pragma
no-cache
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
90 KB
24 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.doxo.com
URL: https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T+CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23366
x-fb-rlafr
0
pragma
public
x-fb-debug
eSPOQJxU1ovjJVAmAdNm+cJd7bavYlW5kRWru6oqLs4FLeSfeTWoEGxP9TBrC812gfwIBuNbRJp9nTryuR3O+w==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Thu, 14 Jan 2021 18:11:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
150715232192596
connect.facebook.net/signals/config/
241 KB
70 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/150715232192596?v=2.9.32&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f0d8305c7c3d341a45cd2dc725f7bc4fe82fc30fdde79238c4e320aabc462472
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
DItnqX7pH6OzfBB/gx0NmxiLQQFufR4lyFw4RKCMq9BJrAsuMBlKWv1Yf+odGbmc0C8g9+fMma8n8CmNR41LvQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 14 Jan 2021 18:11:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
1091989419
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
410 B
Image
General
Full URL
https://www.facebook.com/tr/?id=150715232192596&ev=PageView&dl=https%3A%2F%2Fwww.doxo.com%2Finfo%2Fou-medicine%3Fcampaign_code%3Demail%26utm_medium%3Demail%26utm_campaign%3DDAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%26utm_content%3DDAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%2520CID_b39c98760552241458c2dc3b95421c62%26utm_source%3Dcampaign%2520monitor%26utm_term%3Dpaying%2520your%2520ProviderName%2520fallback%2520bill&rl=&if=false&ts=1610647900521&sw=1600&sh=1200&v=2.9.32&r=stable&ec=0&o=30&fbp=fb.1.1610647900516.1947156402&it=1610647900384&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 18:11:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 14 Jan 2021 18:11:40 GMT
/
www.facebook.com/tr/
0
105 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryPMDBFHKK9Enesgpm

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 14 Jan 2021 18:11:41 GMT
content-type
text/plain
access-control-allow-origin
https://www.doxo.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
2273e3d.png
d3uk0evc20lbwv.cloudfront.net/_nuxt/img/
1 KB
2 KB
Image
General
Full URL
https://d3uk0evc20lbwv.cloudfront.net/_nuxt/img/2273e3d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437

Request headers

Referer
https://www.doxo.com/info/ou-medicine?campaign_code=email&utm_medium=email&utm_campaign=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T&utm_content=DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62&utm_source=campaign%20monitor&utm_term=paying%20your%20ProviderName%20fallback%20bill
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 04:09:07 GMT
via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
last-modified
Tue, 03 Nov 2020 00:32:55 GMT
age
4024954
x-powered-by
Express
etag
W/"5ba-1758b855fbe"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
1466
x-amz-cf-id
PUgQvWWUNnSAD6_EjtLhOCmcjY9YGL9AmBpenbXZ2cSp7Caf_elmFw==
truncated
/
618 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| google_tag_manager object| dataLayer object| __NUXT__ object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| google_tag_data string| GoogleAnalyticsObject function| ga object| heap object| $nuxt object| gaplugins object| gaGlobal object| gaData object| L object| _leaflet_events function| fbq function| _fbq object| __on

5 Cookies

Domain/Path Name / Value
.doxo.com/ Name: _hp2_ses_props.3839637385
Value: %7B%22us%22%3A%22campaign%20monitor%22%2C%22um%22%3A%22email%22%2C%22ut%22%3A%22paying%20your%20ProviderName%20fallback%20bill%22%2C%22uc%22%3A%22DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%20CID_b39c98760552241458c2dc3b95421c62%22%2C%22ua%22%3A%22DAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%22%2C%22ts%22%3A1610647898774%2C%22d%22%3A%22www.doxo.com%22%2C%22h%22%3A%22%2Finfo%2Fou-medicine%22%2C%22q%22%3A%22%3Fcampaign_code%3Demail%26utm_medium%3Demail%26utm_campaign%3DDAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%26utm_content%3DDAILY_NonActivated_1m_RemindersPayButton_PaymentOptions_Images_T%2520CID_b39c98760552241458c2dc3b95421c62%26utm_source%3Dcampaign%2520monitor%26utm_term%3Dpaying%2520your%2520ProviderName%2520fallback%2520bill%22%7D
.doxo.com/ Name: _hp2_id.3839637385
Value: %7B%22userId%22%3A%227943442985743026%22%2C%22pageviewId%22%3A%228916727774149024%22%2C%22sessionId%22%3A%225347646012429163%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.doxo.com/ Name: _gat_UA-9243928-1
Value: 1
.doxo.com/ Name: _gid
Value: GA1.2.1039673566.1610647899
.doxo.com/ Name: _ga
Value: GA1.2.78312622.1610647899

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mapbox.com
cdn.heapanalytics.com
connect.facebook.net
d3uk0evc20lbwv.cloudfront.net
doxo.cmail20.com
heapanalytics.com
stats.g.doubleclick.net
www.doxo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.35.254.140
143.204.214.104
143.204.215.29
18.196.132.139
2a00:1450:4001:800::2003
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:817::2004
2a00:1450:400c:c0c::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.208.76.160
3.209.197.155
04883a8067b4e5958500e6038d45d7b186363d661e895f430fe7a46a01c4d953
05afc5a8627730109e05adfbd45e8b91890ffbedc2bd459c52b9f7aa228bf5c4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1148dcc88c19b2ec9bba3f089ab4eeca3860a9c7d7842643fdd036c2b1cc1339
1970573f5c631efca167d82128ae31fdd410717f07f55c62f110d55df8b11181
1c0708ccfb2a477070b85fed5135a0e59e5b9c97a112c78e65a64f7930a839b6
1f222499a99f904678ac2a63d59307e1308c958cb1ef63397b74468c4d0095da
255ce5dc1ee1915012643ea1ddeaf53aac3951d186c70d07e5b69cf60ec44124
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
2fe095831307ee756169a2e4e59f8d41c08a3e24e999a1589a5c218d27c9d5a9
3585bb2b17a07d506215acfa4044ebe8ca71125895f4812a6434647a0ebb4f86
48cf1d849522b9adefaab9721d6ffa6f230de09e96969771d6f37d9bbf83523e
48fe57197c6406500d119038763401e4be7600fef6dc1a724b82b8aba1c51862
525c412087273097b92176841cb1e6b45cca6afcd87d8510e8a40ff767a19b61
55d0b5759323dce3381b93c6ce384456beb517e662e124afaae613ab1c0df88e
56f4f4549e3c4c384271594ad45f67363a215a2aabc490ab4c5b649ff4b4cf47
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
597601e6d4ef4bbcc2d84ca0a7f2462161000834417ff614052d8b8457bf5703
62c693946957242709cf48237c0331baaf176ed58275fa1c5a3205be4db1278e
630098e11d818fc8c62bc6c207db5ecd407525aa534343fa733551a1934bf3af
6ed99c1586947323dffba7de363a6ca3e51db2029352dbbc8b0a4a324c091631
72f417a5b653eae9322130732062c8653d687dedeb4467a0ee885a1d5d1890a5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a71453aefa4e599f95edd9bb58da2d8f674b96fe5535cd31e7dc4d1fff32c59
8dc7fdcb74d16a7c31bcc16e2d1824e8f924bccfd27f3d204c786327c0e49713
8eb3ab35835199664db4884a8a8b61f1af153d243e03acefb981660a93cbb3e9
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
a7795946499fbf22b829772b2500b0db4d4c145f8f73131b23f8d40e36805d26
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
aa1da1ab8527b1c33b4bb3bb360d5a2376709afbdc696f3d2c90bf05639dd3e5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf72a72b82528382a139fe56546c4494dd64e82706c2cbef91739445ca6a3fbb
c0ca1a60c1b9c6e32e0a8d7dd24b8e3c6706dac320e5bb8b754720020c7165b7
c97b016a1a5ddf0ab85b0158a1e7d827145df42a2d72eb31cf8784d11deb254d
d37cf9fe128e0291bd20ca13400c06023737a8d9c6895870976ddb6de04e2474
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e5b1a9a2b767c5c7c530c3a44e80e0d9f5f5de55bfe2643936b60fcb860714e5
e7bc4c077d4603d47a55e1d523ac05c5fbcd31147af69c4c8a0deac1bb29e141
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d8305c7c3d341a45cd2dc725f7bc4fe82fc30fdde79238c4e320aabc462472
f6ca86685767846e18813bc4a76e86d751a651de4dd730c22fa3b31a92855690