Submitted URL: https://hs-5737674.t.hubspotstarter-i9.net/e2t/c/*W1v3RK08vTc8bW4DJ_DY2MVXtd0/*Vz-znN79pgvnW5HQnKC2bm-gQ0/5/f18dQhb0S5fj8XJ9fqN7NTYndHyjJqV...
Effective URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT6...
Submission: On January 16 via manual from US

Summary

This website contacted 17 IPs in 4 countries across 16 domains to perform 80 HTTP transactions. The main IP is 192.124.249.18, located in United States and belongs to SUCURI-SEC - Sucuri, US. The main domain is pegasusmedical.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 15th 2019. Valid for: a year.
This is the only time pegasusmedical.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 192.124.249.18 30148 (SUCURI-SEC)
7 23.111.9.35 33438 (HIGHWINDS2)
8 2a00:1450:400... 15169 (GOOGLE)
35 2a02:fe80:101... 30148 (SUCURI-SEC)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.112.217 54113 (FASTLY)
1 143.204.101.8 16509 (AMAZON-02)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a04:4e42:3::621 54113 (FASTLY)
3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
80 17
Domain Requested by
35 secureservercdn.net pegasusmedical.net
use.fontawesome.com
secureservercdn.net
8 fonts.googleapis.com pegasusmedical.net
embed.tawk.to
js.hsforms.net
7 use.fontawesome.com pegasusmedical.net
use.fontawesome.com
3 track.hubspot.com
3 vs34.tawk.to embed.tawk.to
3 www.google.com js.hsforms.net
www.gstatic.com
3 cdn.jsdelivr.net embed.tawk.to
pegasusmedical.net
3 pegasusmedical.net 1 redirects hs-5737674.t.hubspotstarter-i9.net
pegasusmedical.net
2 va.tawk.to embed.tawk.to
2 fonts.gstatic.com pegasusmedical.net
2 js.hsforms.net pegasusmedical.net
js.hsforms.net
2 hs-5737674.t.hubspotstarter-i9.net 1 redirects
1 static-v.tawk.to embed.tawk.to
1 app.hubspot.com js.hsforms.net
1 www.gstatic.com www.google.com
1 js.hs-analytics.net js.hs-scripts.com
1 embed.tawk.to pegasusmedical.net
1 cdn.flipsnack.com pegasusmedical.net
1 player.vimeo.com pegasusmedical.net
1 forms.hsforms.com js.hsforms.net
1 js.hs-scripts.com pegasusmedical.net
80 21

This site contains no links.

Subject Issuer Validity Valid
hubspotstarter-i9.net
CloudFlare Inc ECC CA-2
2019-03-12 -
2020-03-12
a year crt.sh
pegasusmedical.net
Go Daddy Secure Certificate Authority - G2
2019-08-15 -
2020-08-15
a year crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA
2019-10-28 -
2020-12-23
a year crt.sh
*.storage.googleapis.com
GTS CA 1O1
2019-12-20 -
2020-03-13
3 months crt.sh
secureservercdn.net
Let's Encrypt Authority X3
2019-12-03 -
2020-03-02
3 months crt.sh
ssl766686.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-12-06 -
2020-06-13
6 months crt.sh
ssl817718.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-08-13 -
2020-02-19
6 months crt.sh
*.google.com
GTS CA 1O1
2019-12-10 -
2020-03-03
3 months crt.sh
ssl431287.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2020-01-01 -
2020-07-09
6 months crt.sh
*.vimeo.com
DigiCert SHA2 Secure Server CA
2018-08-24 -
2020-04-02
2 years crt.sh
cdn.flipsnack.com
Amazon
2019-04-13 -
2020-05-13
a year crt.sh
ssl902639.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-15 -
2020-05-23
6 months crt.sh
ssl803670.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-06 -
2020-05-14
6 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-05-29 -
2020-04-23
a year crt.sh
www.google.com
GTS CA 1O1
2019-12-20 -
2020-03-13
3 months crt.sh
hubspot.com
CloudFlare Inc ECC CA-2
2019-12-04 -
2020-10-09
10 months crt.sh

This page contains 11 frames:

Primary Page: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Frame ID: 9991061514AAE87172D5DF232ED3D1FD
Requests: 64 HTTP requests in this frame

Frame: https://player.vimeo.com/video/362796067?dnt=1&app_id=122963
Frame ID: BFEC0488D3186F1B337174C0BFA2F749
Requests: 1 HTTP requests in this frame

Frame: https://cdn.flipsnack.com/widget/v2/widget.html?hash=fdt8raljd
Frame ID: F76CDEB2AA4D64B36F85F623D033D65B
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 546B50CC89012184CDB6C3113364AF2A
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 0C25935A067CCC9608FF77348F13A467
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 81F46D4FFE79E88A9FD854178055B2D6
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 03D7CFE2D0D236F1C8347887AEB9D838
Requests: 4 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/shell.js
Frame ID: DC5DD3F10E0ADCF792776CFA09F29A3D
Requests: 3 HTTP requests in this frame

Frame: https://app.hubspot.com/forms-next-v2-captcha
Frame ID: E8C4E6AE8F15B8B6E1F094C100002E1F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&co=aHR0cHM6Ly9wZWdhc3VzbWVkaWNhbC5uZXQ6NDQz&hl=en&v=A1Aard-wURuGsXRGA7JMOqVO&size=invisible&badge=inline&cb=z6vkvm6c3tt4
Frame ID: 53D487557CDFD7EEDC17EA1A3FFEE7D2
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=A1Aard-wURuGsXRGA7JMOqVO&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&cb=b648w7axy6nk
Frame ID: F39BB5F637D2F8589AD3F810870ACDA3
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://hs-5737674.t.hubspotstarter-i9.net/e2t/c/*W1v3RK08vTc8bW4DJ_DY2MVXtd0/*Vz-znN79pgvnW5HQnKC2bm-gQ0/5/f18dQhb0S5f... Page URL
  2. http://hs-5737674.t.hubspotstarter-i9.net/events/public/v1/track/c/*W1v3RK08vTc8bW4DJ_DY2MVXtd0/*Vz-znN79pgvnW5HQnKC2b... HTTP 307
    http://pegasusmedical.net/ez-swipe-campaign/?utm_source=hs_email&utm_medium=email&utm_content=82036952... HTTP 301
    https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • script /\/\/embed\.tawk\.to/i

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

80
Requests

100 %
HTTPS

76 %
IPv6

16
Domains

21
Subdomains

17
IPs

4
Countries

2090 kB
Transfer

4020 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hs-5737674.t.hubspotstarter-i9.net/e2t/c/*W1v3RK08vTc8bW4DJ_DY2MVXtd0/*Vz-znN79pgvnW5HQnKC2bm-gQ0/5/f18dQhb0S5fj8XJ9fqN7NTYndHyjJqVQZ8Wg3Mqr7CN3hHh8mXL0jYMp3s9rqlt_kW54SnR332p-DpVKnFG830nqkJW6ghYqr1TKB7hN5nbq6BGXpVfW8Zg3Ym4bH_qwW2N33B53_t0gLW32Gf2Q4dy5FSW1kxCT64cMfVrW3Kqlz72KFZxKN3Z7ntXMNBCZVMMQxX80gSRfW97rB1b8xqZz6W8sdjGp2vZVgTW2DggNq27nGJxW1p1wky6Q8BfkW64Kqzc6T70p4W3lKcg_4SDxrnW5sGtfk4xtj9MW65Y-zD5xvsHWN3fN8YmdNYLdW98yFn06LKkZDVSC1bb8kXvBzVYgyNj6Tp195W5r1Nts7wTZy2W9jW8Z38csGDVVD2JF57jWY7ZN3jhJSBhJw6qW47YrBy1qxjJdN95S7zbsjV00W5XThPz1KLznlW7j5dZm56fn9fW7zG_sY66pp3YW7bxjW79k5_YSW3y19vM3wMXFCD1d5FyrjH0103 Page URL
  2. http://hs-5737674.t.hubspotstarter-i9.net/events/public/v1/track/c/*W1v3RK08vTc8bW4DJ_DY2MVXtd0/*Vz-znN79pgvnW5HQnKC2bm-gQ0/5/f18dQhb0S5fj8XJ9fqN7NTYndHyjJqVQZ8Wg3Mqr7CN3hHh8mXL0jYMp3s9rqlt_kW54SnR332p-DpVKnFG830nqkJW6ghYqr1TKB7hN5nbq6BGXpVfW8Zg3Ym4bH_qwW2N33B53_t0gLW32Gf2Q4dy5FSW1kxCT64cMfVrW3Kqlz72KFZxKN3Z7ntXMNBCZVMMQxX80gSRfW97rB1b8xqZz6W8sdjGp2vZVgTW2DggNq27nGJxW1p1wky6Q8BfkW64Kqzc6T70p4W3lKcg_4SDxrnW5sGtfk4xtj9MW65Y-zD5xvsHWN3fN8YmdNYLdW98yFn06LKkZDVSC1bb8kXvBzVYgyNj6Tp195W5r1Nts7wTZy2W9jW8Z38csGDVVD2JF57jWY7ZN3jhJSBhJw6qW47YrBy1qxjJdN95S7zbsjV00W5XThPz1KLznlW7j5dZm56fn9fW7zG_sY66pp3YW7bxjW79k5_YSW3y19vM3wMXFCD1d5FyrjH0103?_ud=c2a45c64-6ea3-47f1-a62b-14348a6737bf&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    http://pegasusmedical.net/ez-swipe-campaign/?utm_source=hs_email&utm_medium=email&utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952 HTTP 301
    https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
f18dQhb0S5fj8XJ9fqN7NTYndHyjJqVQZ8Wg3Mqr7CN3hHh8mXL0jYMp3s9rqlt_kW54SnR332p-DpVKnFG830nqkJW6ghYqr1TKB7hN5nbq6BGXpVfW8Zg3Ym4bH_qwW2N33B53_t0gLW32Gf2Q4dy5FSW1kxCT64cMfVrW3Kqlz72KFZxKN3Z7ntXMNBCZVMMQx...
hs-5737674.t.hubspotstarter-i9.net/e2t/c/*W1v3RK08vTc8bW4DJ_DY2MVXtd0/*Vz-znN79pgvnW5HQnKC2bm-gQ0/5/
9 KB
3 KB
Document
General
Full URL
https://hs-5737674.t.hubspotstarter-i9.net/e2t/c/*W1v3RK08vTc8bW4DJ_DY2MVXtd0/*Vz-znN79pgvnW5HQnKC2bm-gQ0/5/f18dQhb0S5fj8XJ9fqN7NTYndHyjJqVQZ8Wg3Mqr7CN3hHh8mXL0jYMp3s9rqlt_kW54SnR332p-DpVKnFG830nqkJW6ghYqr1TKB7hN5nbq6BGXpVfW8Zg3Ym4bH_qwW2N33B53_t0gLW32Gf2Q4dy5FSW1kxCT64cMfVrW3Kqlz72KFZxKN3Z7ntXMNBCZVMMQxX80gSRfW97rB1b8xqZz6W8sdjGp2vZVgTW2DggNq27nGJxW1p1wky6Q8BfkW64Kqzc6T70p4W3lKcg_4SDxrnW5sGtfk4xtj9MW65Y-zD5xvsHWN3fN8YmdNYLdW98yFn06LKkZDVSC1bb8kXvBzVYgyNj6Tp195W5r1Nts7wTZy2W9jW8Z38csGDVVD2JF57jWY7ZN3jhJSBhJw6qW47YrBy1qxjJdN95S7zbsjV00W5XThPz1KLznlW7j5dZm56fn9fW7zG_sY66pp3YW7bxjW79k5_YSW3y19vM3wMXFCD1d5FyrjH0103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:183 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c64badcd6afa56e9c30bb814593d1bb3e8b49dc05de4fd0c57f01c2abdaba315

Request headers

:method
GET
:authority
hs-5737674.t.hubspotstarter-i9.net
:scheme
https
:path
/e2t/c/*W1v3RK08vTc8bW4DJ_DY2MVXtd0/*Vz-znN79pgvnW5HQnKC2bm-gQ0/5/f18dQhb0S5fj8XJ9fqN7NTYndHyjJqVQZ8Wg3Mqr7CN3hHh8mXL0jYMp3s9rqlt_kW54SnR332p-DpVKnFG830nqkJW6ghYqr1TKB7hN5nbq6BGXpVfW8Zg3Ym4bH_qwW2N33B53_t0gLW32Gf2Q4dy5FSW1kxCT64cMfVrW3Kqlz72KFZxKN3Z7ntXMNBCZVMMQxX80gSRfW97rB1b8xqZz6W8sdjGp2vZVgTW2DggNq27nGJxW1p1wky6Q8BfkW64Kqzc6T70p4W3lKcg_4SDxrnW5sGtfk4xtj9MW65Y-zD5xvsHWN3fN8YmdNYLdW98yFn06LKkZDVSC1bb8kXvBzVYgyNj6Tp195W5r1Nts7wTZy2W9jW8Z38csGDVVD2JF57jWY7ZN3jhJSBhJw6qW47YrBy1qxjJdN95S7zbsjV00W5XThPz1KLznlW7j5dZm56fn9fW7zG_sY66pp3YW7bxjW79k5_YSW3y19vM3wMXFCD1d5FyrjH0103
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Thu, 16 Jan 2020 18:26:40 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=d4f8a4f7b6f017c5cf79beee002184aef1579199200; expires=Sat, 15-Feb-20 18:26:40 GMT; path=/; domain=.hubspotstarter-i9.net; HttpOnly; SameSite=Lax
referrer-policy
no-referrer
vary
Accept-Encoding
access-control-allow-credentials
false
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
55622399fe6bbef6-FRA
content-encoding
gzip
Primary Request /
pegasusmedical.net/ez-swipe-campaign/
Redirect Chain
  • http://hs-5737674.t.hubspotstarter-i9.net/events/public/v1/track/c/*W1v3RK08vTc8bW4DJ_DY2MVXtd0/*Vz-znN79pgvnW5HQnKC2bm-gQ0/5/f18dQhb0S5fj8XJ9fqN7NTYndHyjJqVQZ8Wg3Mqr7CN3hHh8mXL0jYMp3s9rqlt_kW54SnR...
  • http://pegasusmedical.net/ez-swipe-campaign/?utm_source=hs_email&utm_medium=email&utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8...
  • https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
41 KB
11 KB
Document
General
Full URL
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Requested by
Host: hs-5737674.t.hubspotstarter-i9.net
URL: https://hs-5737674.t.hubspotstarter-i9.net/e2t/c/*W1v3RK08vTc8bW4DJ_DY2MVXtd0/*Vz-znN79pgvnW5HQnKC2bm-gQ0/5/f18dQhb0S5fj8XJ9fqN7NTYndHyjJqVQZ8Wg3Mqr7CN3hHh8mXL0jYMp3s9rqlt_kW54SnR332p-DpVKnFG830nqkJW6ghYqr1TKB7hN5nbq6BGXpVfW8Zg3Ym4bH_qwW2N33B53_t0gLW32Gf2Q4dy5FSW1kxCT64cMfVrW3Kqlz72KFZxKN3Z7ntXMNBCZVMMQxX80gSRfW97rB1b8xqZz6W8sdjGp2vZVgTW2DggNq27nGJxW1p1wky6Q8BfkW64Kqzc6T70p4W3lKcg_4SDxrnW5sGtfk4xtj9MW65Y-zD5xvsHWN3fN8YmdNYLdW98yFn06LKkZDVSC1bb8kXvBzVYgyNj6Tp195W5r1Nts7wTZy2W9jW8Z38csGDVVD2JF57jWY7ZN3jhJSBhJw6qW47YrBy1qxjJdN95S7zbsjV00W5XThPz1KLznlW7j5dZm56fn9fW7zG_sY66pp3YW7bxjW79k5_YSW3y19vM3wMXFCD1d5FyrjH0103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.18 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10018.sucuri.net
Software
nginx /
Resource Hash
9e56e9da28569baf9a2d9466c69c24dc41affec201bfec90fff6fad642131b5d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

:method
GET
:authority
pegasusmedical.net
:scheme
https
:path
/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
server
nginx
date
Thu, 16 Jan 2020 18:26:41 GMT
content-type
text/html; charset=UTF-8
content-length
10384
x-sucuri-id
19018
x-xss-protection
1; mode=block 1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
x-cacheable
YES:Forced
accept-ranges
bytes
age
0
vary
Accept-Encoding, User-Agent
x-cache
uncached
x-cache-hit
MISS
x-backend
all_requests
x-sucuri-cache
MISS

Redirect headers

Server
Sucuri/Cloudproxy
Date
Thu, 16 Jan 2020 18:26:41 GMT
Content-Type
text/html; charset=iso-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
X-Sucuri-ID
19018
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
Location
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
X-Cacheable
NO:HTTPS Redirect
Content-Encoding
gzip
Age
0
Vary
User-Agent
X-Cache
uncached
X-Cache-Hit
MISS
X-Backend
all_requests
X-Sucuri-Cache
MISS
all.css
use.fontawesome.com/releases/v5.7.2/css/
53 KB
13 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Origin
https://pegasusmedical.net

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 16:48:32 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"7b1d7f457d056ace7b230b587b9f3753"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
css
fonts.googleapis.com/
827 B
462 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway&display=swap
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d5acdc2cbc7cc6aa9f514c1203f62f6f76d48d53b2c61becc7939082331385b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 16 Jan 2020 18:26:41 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 16 Jan 2020 18:26:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 16 Jan 2020 18:26:41 GMT
css
fonts.googleapis.com/
2 KB
528 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Ubuntu&display=swap
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
767f465ce2cd75969f101b1333638f68a9c9399a6804cbcfb051ff3c66c3e09b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 16 Jan 2020 18:26:41 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 16 Jan 2020 18:26:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 16 Jan 2020 18:26:41 GMT
c9598fd26c.js
use.fontawesome.com/
9 KB
4 KB
Script
General
Full URL
https://use.fontawesome.com/c9598fd26c.js
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
10c339550d586fdc27b323069f9dfbdc9d4b2ff97d04b4748edf8ecf8fd5586b

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:42 GMT
content-encoding
gzip
last-modified
Mon, 25 Feb 2019 07:31:21 GMT
server
NetDNA-cache/2.2
x-amz-request-id
D04DCE6D3480F5EC
etag
W/"5602f43ad5ff5b639bb6ceb9fdcf647b"
x-cache
MISS
content-type
text/javascript
status
200
cache-control
max-age=0, private, must-revalidate
x-amz-id-2
TN4t+l2IZlQXulhq7xxVvo/GA5FVSVBlQM3raDLkfPEdA/GK03eWpiDCe6iQR8vMWkuKGKmNdOc=
cf7_style.css
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/cf7-icons-and-labels/css/
2 KB
1004 B
Stylesheet
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/cf7-icons-and-labels/css/cf7_style.css?ver=5.3.2&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
2119db473349eab97db595ff394b61b77b46a7cf2b509ace51309a9d84f44b26
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2123
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
620
x-xss-protection
1; mode=block
last-modified
Tue, 12 Mar 2019 07:52:54 GMT
server
nginx
cache-control
max-age=315360000
etag
"801-583e0fa038180-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
styles.css
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/contact-form-7/includes/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2123
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
649
x-xss-protection
1; mode=block
last-modified
Thu, 16 Jan 2020 11:33:04 GMT
server
nginx
cache-control
max-age=315360000
etag
"66d-59c4030380e70-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
settings.css
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/revslider/public/assets/css/
33 KB
8 KB
Stylesheet
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.0.4&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
5c0db6629949af3bf28c7a60f38eff1fd1a47a49ef8b2f26e83b66a2a31396c1
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2122
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
7290
x-xss-protection
1; mode=block
last-modified
Tue, 19 Feb 2019 14:47:12 GMT
server
nginx
cache-control
max-age=315360000
etag
"82d6-5824050ff9c00-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.min.css
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.3&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
8cdc53975174314cc55ef7ca7ee80afbf80e724452e4b0fc7e4bea1e43ad4f59
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2122
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
6970
x-xss-protection
1; mode=block
last-modified
Fri, 21 Jun 2019 07:17:18 GMT
server
nginx
cache-control
max-age=315360000
etag
"7793-58bd040ab9b80-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/
16 KB
1020 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
a011e7e4611f55d0d73749411e3ebb107fc759a9a42a7f63a2820fd10a9fabcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 16 Jan 2020 18:26:41 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 16 Jan 2020 18:26:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 16 Jan 2020 18:26:41 GMT
genericons.css
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/themes/twentysixteen/genericons/
28 KB
16 KB
Stylesheet
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/themes/twentysixteen/genericons/genericons.css?ver=3.4.1&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2122
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
16441
x-xss-protection
1; mode=block
last-modified
Tue, 30 May 2017 21:21:43 GMT
server
nginx
cache-control
max-age=315360000
etag
"6e6a-550c463e027c0-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/themes/twentysixteen/
70 KB
14 KB
Stylesheet
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/themes/twentysixteen/style.css?ver=5.3.2&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
093fe32275a2f13a08e2930ed01db207a289ea933e649d813d8a29572902aad8
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2122
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
13548
x-xss-protection
1; mode=block
last-modified
Sat, 23 Feb 2019 14:20:45 GMT
server
nginx
cache-control
max-age=315360000
etag
"1176c-5829069c56940-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
blocks.css
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/themes/twentysixteen/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/themes/twentysixteen/css/blocks.css?ver=20181230&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
2b682eafdbb1105c7e0292965160ed0e2a446a30ac0d49049297f29e8c48a278
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2121
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
1818
x-xss-protection
1; mode=block
last-modified
Mon, 07 Jan 2019 16:18:45 GMT
server
nginx
cache-control
max-age=315360000
etag
"213b-57ee0953b0340-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
js_composer.min.css
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/js_composer/assets/css/
0
0
Stylesheet
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.3&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

custom.css
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/js_composer/
3 KB
2 KB
Stylesheet
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/js_composer/custom.css?ver=6.0.3&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
4e1b3528e126d9bc1943fac6361042e4f85677b26fbf805665bea702f6578dac
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2121
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
1225
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jul 2019 07:35:19 GMT
server
nginx
cache-control
max-age=315360000
etag
"d88-58cadc95bcb58-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-includes/js/jquery/
95 KB
33 KB
Script
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2120
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
33776
x-xss-protection
1; mode=block
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
nginx
cache-control
max-age=315360000
etag
"17a69-5890dc7401880-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2124
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
4014
x-xss-protection
1; mode=block
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
nginx
cache-control
max-age=315360000
etag
"2748-5333ff613c400-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.themepunch.tools.min.js
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/revslider/public/assets/js/
99 KB
35 KB
Script
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.0.4&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
98623530a25d81d9c3faf11e788353781b73a45a5cd00c786dca10889f942150
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
1439
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
34909
x-xss-protection
1; mode=block
last-modified
Tue, 19 Feb 2019 14:47:12 GMT
server
nginx
cache-control
max-age=315360000
etag
"18dd7-5824050ff9c00-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.themepunch.revolution.min.js
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/revslider/public/assets/js/
42 KB
13 KB
Script
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.0.4&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
f54182b6eb69d3b0a4d751fa3b724babdba0b4fb9d86ebba0566d79628c01e57
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2110
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
12656
x-xss-protection
1; mode=block
last-modified
Tue, 19 Feb 2019 14:47:12 GMT
server
nginx
cache-control
max-age=315360000
etag
"a63d-5824050ff9c00-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
EZ-Swipe_logo_FINAL.png
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/04/
14 KB
15 KB
Image
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/04/EZ-Swipe_logo_FINAL.png
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
1761b46cb1bcb4cfb4c627392d4658d0ef4e58bc68f73afaa4011da4c7b880ea
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:51 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
201701
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
14662
x-xss-protection
1; mode=block
last-modified
Fri, 19 Apr 2019 14:57:20 GMT
server
nginx
cache-control
max-age=315360000
etag
"3946-586e355e01400"
strict-transport-security
max-age=300
content-type
image/png
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ezswipe-in-on-order-1.png
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/
214 KB
215 KB
Image
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/ezswipe-in-on-order-1.png
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
85d5902aa4552391d6dde945cf635b96fd3d816eab5e39e5cf1b5dadff037668
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
201685
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
219306
x-xss-protection
1; mode=block
last-modified
Thu, 26 Sep 2019 07:37:05 GMT
server
nginx
cache-control
max-age=315360000
etag
"358aa-5936fd6159068"
strict-transport-security
max-age=300
content-type
image/png
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
shell.js
js.hsforms.net/forms/
420 KB
116 KB
Script
General
Full URL
https://js.hsforms.net/forms/shell.js
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b949 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca83bf6c4611e07ea8b93893694e16957cd66082de76afb1ee564fba6f055750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
via
1.1 47c0295005ec7d8570406951491004c3.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
389
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-amz-version-id
gCHbnfLfRD6TgIiY4HAm19.GmuNmLHpw
last-modified
Wed, 08 Jan 2020 02:12:01 GMT
server
cloudflare
etag
W/"01f4b8448e5b99e492b97afdd1268a74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-amz-cf-pop
IAD89-C3
cf-ray
556223a33bfbc2a4-FRA
x-amz-cf-id
G2bKIY-0AcK0UgU1jF2JGU80nHkuwmzwJ-EVj5638FBxG3Qt95X86w==
EZ-swipe-index_05.png
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/
277 KB
278 KB
Image
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/EZ-swipe-index_05.png
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
73c88e990f7951c4d6538b8a50e0acd779cddf8bc585052cf8bd0d3a770211e0
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
201682
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
283728
x-xss-protection
1; mode=block
last-modified
Thu, 26 Sep 2019 07:11:17 GMT
server
nginx
cache-control
max-age=315360000
etag
"45450-5936f79cfa716"
strict-transport-security
max-age=300
content-type
image/png
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ez-swipe-01.jpg
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/
59 KB
60 KB
Image
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/ez-swipe-01.jpg
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
37e2cc2fc92e7d15c207169b00e664ac6a32f0d5ed15ff6cb5038aadfed3b2a5
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:47 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
201676
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
60742
x-xss-protection
1; mode=block
last-modified
Thu, 26 Sep 2019 07:11:20 GMT
server
nginx
cache-control
max-age=315360000
etag
"ed46-5936f79f15cda"
strict-transport-security
max-age=300
content-type
image/jpeg
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ez-swipe-02.jpg
pegasusmedical.net/wp-content/uploads/2019/09/
58 KB
59 KB
Image
General
Full URL
https://pegasusmedical.net/wp-content/uploads/2019/09/ez-swipe-02.jpg
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.18 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10018.sucuri.net
Software
nginx /
Resource Hash
f98e89b29a0d780c525c447314205b62a291416ba004485591d57da672eef518
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:47 GMT
x-content-type-options
nosniff, nosniff
x-cacheable
YES
x-backend
all_requests
age
6546
x-cache
cached
status
200
x-sucuri-cache
MISS
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-length
59332
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Thu, 26 Sep 2019 08:38:11 GMT
server
nginx
cache-control
max-age=315360000
etag
"e7c4-59370b08c0c70"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-cache-hit
HIT
x-sucuri-id
19018
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ez-swipe-03.png
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/
118 KB
118 KB
Image
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/ez-swipe-03.png
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
f3d8cc9601bcfd016bf471f13c7a50e823ed10fa4a99dbf23516b82719c91545
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:47 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
201684
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
120351
x-xss-protection
1; mode=block
last-modified
Thu, 26 Sep 2019 07:11:09 GMT
server
nginx
cache-control
max-age=315360000
etag
"1d61f-5936f794c2096"
strict-transport-security
max-age=300
content-type
image/png
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ez-swipe-04.jpg
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/
55 KB
55 KB
Image
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/ez-swipe-04.jpg
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
7bbae6fa292c467a01860c011519ac4fa119b4e4ea3cc56e864415e813fb7a72
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:47 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
201683
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
55815
x-xss-protection
1; mode=block
last-modified
Thu, 26 Sep 2019 07:11:10 GMT
server
nginx
cache-control
max-age=315360000
etag
"da07-5936f79606c9a"
strict-transport-security
max-age=300
content-type
image/jpeg
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ez-swipe-05.jpg
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/
62 KB
63 KB
Image
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/ez-swipe-05.jpg
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
0340afc9e03e861bf1ace48fe900054ca7df17a00cc9a7e8e4cded4bc560eb81
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:47 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
201682
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
63635
x-xss-protection
1; mode=block
last-modified
Thu, 26 Sep 2019 07:11:11 GMT
server
nginx
cache-control
max-age=315360000
etag
"f893-5936f796e8ae9"
strict-transport-security
max-age=300
content-type
image/jpeg
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_white.png
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/02/
8 KB
8 KB
Image
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/02/logo_white.png
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
d1bc6824ff3dcc4ccc747abb0ecae27105a15f9006fedfad3bd27912a94ee562
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:52 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
201681
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
8048
x-xss-protection
1; mode=block
last-modified
Sat, 23 Feb 2019 14:21:33 GMT
server
nginx
cache-control
max-age=315360000
etag
"1f70-582906ca1d540"
strict-transport-security
max-age=300
content-type
image/png
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
2deb5ba708.js
use.fontawesome.com/
9 KB
4 KB
Script
General
Full URL
https://use.fontawesome.com/2deb5ba708.js?ver=5.3.2
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
67a51ecd944eb630e4073a73c5142afd6d70e8634dd52d903fc58b28cb02e4d9

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
last-modified
Sat, 20 May 2017 17:32:09 GMT
server
NetDNA-cache/2.2
x-amz-request-id
3EC788FEF80E5D56
etag
W/"87829fc5fa1feef15a134c36987a2745"
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=0, private, must-revalidate
x-amz-id-2
kpiGo9vG4g3YIxW25fntB1YTwv10I3/HvWUZhmrplm9aczsxrBZq2iDOTEK6nLEgd/8fSeGAn+c=
cf7_script.js
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/cf7-icons-and-labels/js/
4 KB
1 KB
Script
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/cf7-icons-and-labels/js/cf7_script.js?ver=5.3.2&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
91da8476978e60bec49cae99c09205e5be2d6ff9de9ed420f72d89ec9e7b9ab3
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2109
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
1099
x-xss-protection
1; mode=block
last-modified
Tue, 12 Mar 2019 07:52:54 GMT
server
nginx
cache-control
max-age=315360000
etag
"102b-583e0fa038180-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.js
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/contact-form-7/includes/js/
14 KB
4 KB
Script
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2108
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
3993
x-xss-protection
1; mode=block
last-modified
Thu, 16 Jan 2020 11:33:04 GMT
server
nginx
cache-control
max-age=315360000
etag
"3868-59c4030356e94-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
skip-link-focus-fix.js
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/themes/twentysixteen/js/
1 KB
982 B
Script
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20160816&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2108
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
588
x-xss-protection
1; mode=block
last-modified
Tue, 30 May 2017 21:21:43 GMT
server
nginx
cache-control
max-age=315360000
etag
"423-550c463e027c0-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
functions.js
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/themes/twentysixteen/js/
7 KB
2 KB
Script
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/themes/twentysixteen/js/functions.js?ver=20181230&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
8780a1296b2198218955f78f1121bf0577804e60dc207a2ba75d6400d4f836a4
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2107
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
2089
x-xss-protection
1; mode=block
last-modified
Wed, 21 Nov 2018 01:05:50 GMT
server
nginx
cache-control
max-age=315360000
etag
"1cad-57b2259d83780-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-includes/js/wp-embed.min.js?ver=5.3.2&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2107
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
740
x-xss-protection
1; mode=block
last-modified
Sat, 05 Oct 2019 19:49:10 GMT
server
nginx
cache-control
max-age=315360000
etag
"577-5942f1cbbd980-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
js_composer_front.min.js
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/js_composer/assets/js/dist/
20 KB
6 KB
Script
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.3&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2106
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
5818
x-xss-protection
1; mode=block
last-modified
Fri, 21 Jun 2019 07:17:15 GMT
server
nginx
cache-control
max-age=315360000
etag
"5079-58bd0407dd4c0-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
5737674.js
js.hs-scripts.com/
441 B
817 B
Script
General
Full URL
https://js.hs-scripts.com/5737674.js
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b92f18f9d8e47a1492c142bf71ff12d4c578af1cc7cf77acb043d0e573ba2a7c

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:51 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
status
200
access-control-max-age
3600
content-length
311
server
cloudflare
x-trace
2BF80F5337C3495CB4CE00F0DEDB8474D3838ACCCC000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://pegasusmedical.net
cache-control
public, max-age=60
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
556223e1c904d6e1-FRA
expires
Thu, 16 Jan 2020 18:27:51 GMT
c9598fd26c.css
use.fontawesome.com/
1 KB
688 B
Stylesheet
General
Full URL
https://use.fontawesome.com/c9598fd26c.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/c9598fd26c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0d79496cc65afa5c84932f9a0d8da2e8153bde1f46ccc11a91bd46be6132ee56

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:42 GMT
content-encoding
gzip
last-modified
Mon, 25 Feb 2019 07:31:21 GMT
server
NetDNA-cache/2.2
x-amz-request-id
A7A5A9037FF6F154
etag
W/"3450f3895fe49fe371074259395c599f"
x-cache
MISS
content-type
text/css
status
200
cache-control
max-age=0, private, must-revalidate
x-amz-id-2
Zl/IHDdHSUsMOgwvAAX/4gSzFZT6Qjxo7SiNjrdNRnumrqQdRkVsK479cNDDkUOdtJNROwSZmBA=
wp-emoji-release.min.js
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2&time=1579196725
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
2120
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
4626
x-xss-protection
1; mode=block
last-modified
Tue, 05 Nov 2019 22:16:02 GMT
server
nginx
cache-control
max-age=315360000
etag
"362a-596a0c70cec80-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontawesome-webfont.woff2
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/
75 KB
76 KB
Font
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/c9598fd26c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.3&time=1579196725
Origin
https://pegasusmedical.net

Response headers

date
Thu, 16 Jan 2020 18:26:42 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
238032
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
77160
x-xss-protection
1; mode=block
last-modified
Fri, 21 Jun 2019 07:17:18 GMT
server
nginx
cache-control
max-age=315360000
etag
"12d68-58bd040ab9b80"
strict-transport-security
max-age=300
content-type
font/woff2
access-control-allow-origin
*
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/
30 KB
8 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:26:42 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2016 17:21:58 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
Gotham-Black.woff
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/themes/twentysixteen/fonts/
23 KB
24 KB
Font
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/themes/twentysixteen/fonts/Gotham-Black.woff
Requested by
Host: secureservercdn.net
URL: https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.0.4&time=1579196725
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
2d295222f579413780610932d4550bc979937e133c124fff59b4b60da23d7a54
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/themes/twentysixteen/style.css?ver=5.3.2&time=1579196725
Origin
https://pegasusmedical.net

Response headers

date
Thu, 16 Jan 2020 18:27:01 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
238041
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
23732
x-xss-protection
1; mode=block
last-modified
Wed, 23 Jan 2019 11:25:16 GMT
server
nginx
cache-control
max-age=315360000
etag
"5cb4-5801e591cff00"
strict-transport-security
max-age=300
content-type
font/woff
access-control-allow-origin
*
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ez-swipe-phone.png
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/
2 KB
2 KB
Image
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/ez-swipe-phone.png
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
3cb4c2092414f20e48acd8ea90790e99464b82e0d13ac0287832330a86ed22da
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:27:01 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
201705
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
1956
x-xss-protection
1; mode=block
last-modified
Thu, 26 Sep 2019 10:46:29 GMT
server
nginx
cache-control
max-age=315360000
etag
"7a4-593727b69212a"
strict-transport-security
max-age=300
content-type
image/png
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
EZ-swipe-index_02.png
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/
124 KB
125 KB
Image
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/EZ-swipe-index_02.png?id=1332
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
1add8dd86b460f80f1270626785c08bbebd9414cd449733a150547c2a68d1b4d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:27:01 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
201703
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
127347
x-xss-protection
1; mode=block
last-modified
Thu, 26 Sep 2019 07:11:13 GMT
server
nginx
cache-control
max-age=315360000
etag
"1f173-5936f798851b5"
strict-transport-security
max-age=300
content-type
image/png
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
form-header-bg.png
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/04/
5 KB
6 KB
Image
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/04/form-header-bg.png
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
40f2c09588f43af65b7174e925a71314af1be77532703e548d302af40b5f7b82
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:27:01 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
225406
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
5448
x-xss-protection
1; mode=block
last-modified
Wed, 17 Apr 2019 03:47:15 GMT
server
nginx
cache-control
max-age=315360000
etag
"1548-586b1bdc9b6c0"
strict-transport-security
max-age=300
content-type
image/png
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Raleway&display=swap
Origin
https://pegasusmedical.net

Response headers

date
Fri, 20 Dec 2019 05:17:46 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:04 GMT
server
sffe
age
2380155
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13428
x-xss-protection
0
expires
Sat, 19 Dec 2020 05:17:46 GMT
5086fb23-8e90-4b86-9ecf-ae0b9821d4b3
forms.hsforms.com/embed/v3/form/5737674/
10 KB
3 KB
Script
General
Full URL
https://forms.hsforms.com/embed/v3/form/5737674/5086fb23-8e90-4b86-9ecf-ae0b9821d4b3?callback=hs_reqwest_0&hutk=
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
87f3cbc50c0eaf780733e936bd0de9883018fed4142cd0fded39563c85bab1a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-trace
2BCD95C06620BC96DFAEE6D281B21869D743B3DA00000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
content-disposition
attachment; filename=no-rfd.txt
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
556224208c10bed3-FRA
362796067
player.vimeo.com/video/ Frame BFEC
0
0
Document
General
Full URL
https://player.vimeo.com/video/362796067?dnt=1&app_id=122963
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952

Response headers

Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Thu, 16 Jan 2020 18:28:34 GMT
Via
1.1 varnish 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-a-7
X-Vimeo-DC
ge
Content-Length
9985
Accept-Ranges
bytes
Date
Thu, 16 Jan 2020 18:27:01 GMT
Age
0
Connection
keep-alive
X-Served-By
cache-hhn4078-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1579199222.836630,VS0,VE96
Vary
Accept-Encoding
widget.html
cdn.flipsnack.com/widget/v2/ Frame F76C
0
0
Document
General
Full URL
https://cdn.flipsnack.com/widget/v2/widget.html?hash=fdt8raljd
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.8 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-8.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
cdn.flipsnack.com
:scheme
https
:path
/widget/v2/widget.html?hash=fdt8raljd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952

Response headers

status
200
content-type
text/html
content-length
3548
date
Thu, 16 Jan 2020 18:27:03 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, PUT, POST
access-control-allow-headers
*
last-modified
Tue, 14 Jan 2020 14:35:29 GMT
etag
"5af310ac290038511cdf57f593de2683"
cache-control
no-cache, no-store
x-amz-version-id
ZIYzbgF8eMP3oPPAuDhO6Tc8dZDbzTLD
accept-ranges
bytes
server
AmazonS3
x-cache
Miss from cloudfront
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
-WnurjnbYJ8ouJ4oEyMCGxLskuk9qlxizdbVr9fgbKBz3PxNZZyTDw==
timeline-dot.png
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/
4 KB
5 KB
Image
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/timeline-dot.png
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
10eff5b3cdc93e9ecf312cb2de0e2127411181fad72fbc74527488f5f917c175
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:27:06 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
192372
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
4513
x-xss-protection
1; mode=block
last-modified
Thu, 26 Sep 2019 10:10:49 GMT
server
nginx
cache-control
max-age=315360000
etag
"11a1-59371fbd84841"
strict-transport-security
max-age=300
content-type
image/png
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer-blk-bg.png
secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/
152 KB
152 KB
Image
General
Full URL
https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-content/uploads/2019/09/footer-blk-bg.png?id=1372
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
89f0d69b447160014b6666f9ccae01580a2bc20e968cecd71e809a53e8a0f090
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:27:01 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
201684
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
155364
x-xss-protection
1; mode=block
last-modified
Thu, 26 Sep 2019 10:10:44 GMT
server
nginx
cache-control
max-age=315360000
etag
"25ee4-59371fb8c08bf"
strict-transport-security
max-age=300
content-type
image/png
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
default
embed.tawk.to/5dc340ca154bf74666b7e057/
502 KB
110 KB
Script
General
Full URL
https://embed.tawk.to/5dc340ca154bf74666b7e057/default
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f1aa5a10ea3d62b73bc533b480c8f889dd560d1c2d905bdefef5988a6e70391
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Origin
https://pegasusmedical.net

Response headers

date
Thu, 16 Jan 2020 18:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
9
etag
W/"fulls6816"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=14400, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
55622420ac2fc2ef-FRA
access-control-allow-origin
*
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/2deb5ba708.js?ver=5.3.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://use.fontawesome.com/c9598fd26c.css
Origin
https://pegasusmedical.net

Response headers

date
Thu, 16 Jan 2020 18:27:01 GMT
last-modified
Mon, 17 Jul 2017 16:24:59 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
77160
2deb5ba708.css
use.fontawesome.com/
1 KB
682 B
Stylesheet
General
Full URL
https://use.fontawesome.com/2deb5ba708.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/2deb5ba708.js?ver=5.3.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0550e4fee4126a10c8f98a6ecec6b36604065ac324bf25f9fafe58893a734218

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:27:01 GMT
content-encoding
gzip
last-modified
Sat, 20 May 2017 17:32:09 GMT
server
NetDNA-cache/2.2
x-amz-request-id
2F76D937BE1B648A
etag
W/"7526ae10b325b4045eba73c1c46779be"
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=0, private, must-revalidate
x-amz-id-2
/MaBquYHu/e8bbXBNdnHfv5lDO1e9C9Imdpya55J9PC1hjh89JIx51MAdUX0WX31mbYznOoGA/A=
5737674.js
js.hs-analytics.net/analytics/1579199100000/
74 KB
25 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1579199100000/5737674.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5737674.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f951afc759dfae0200d0e26610d57495b680210b2a71f512a7d306cc1299cbf

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:27:01 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3
status
200
x-amz-request-id
7D4EC8C908DD1FBF
x-amz-id-2
KV6OIYixIh/9NYJhn7hHcQta69NFXmwyjdtGVW/NH4pLIBPmOf4q1kDZpurOephoqxe+znumgWc=
last-modified
Thu, 02 Jan 2020 15:54:39 GMT
server
cloudflare
etag
W/"63b6c99a02da42bf07356f8b60be4936"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-ray
55622420babe9730-FRA
expires
Thu, 16 Jan 2020 18:31:58 GMT
css
fonts.googleapis.com/ Frame 546B
8 KB
721 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5dc340ca154bf74666b7e057/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 16 Jan 2020 18:27:01 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 16 Jan 2020 18:27:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 16 Jan 2020 18:27:01 GMT
css
fonts.googleapis.com/ Frame 0C25
8 KB
675 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5dc340ca154bf74666b7e057/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 16 Jan 2020 18:27:01 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 16 Jan 2020 18:27:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 16 Jan 2020 18:27:01 GMT
css
fonts.googleapis.com/ Frame 81F4
8 KB
675 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5dc340ca154bf74666b7e057/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 16 Jan 2020 18:27:01 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 16 Jan 2020 18:27:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 16 Jan 2020 18:27:01 GMT
css
fonts.googleapis.com/ Frame 03D7
8 KB
675 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5dc340ca154bf74666b7e057/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 16 Jan 2020 18:27:01 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 16 Jan 2020 18:27:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 16 Jan 2020 18:27:01 GMT
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 03D7
192 B
273 B
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5dc340ca154bf74666b7e057/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Thu, 16 Jan 2020 18:27:01 GMT
content-length
152
x-served-by
cache-ams21031-AMS, cache-fra19156-FRA
etag
W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 03D7
295 KB
53 KB
Script
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5dc340ca154bf74666b7e057/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Thu, 16 Jan 2020 18:27:01 GMT
content-length
53890
x-served-by
cache-ams21033-AMS, cache-fra19156-FRA
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
1579199221950
va.tawk.to/register/
708 B
1 KB
XHR
General
Full URL
https://va.tawk.to/register/1579199221950
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5dc340ca154bf74666b7e057/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6af11911622b8ccf7a7d095685360f6d16f3dde97a360de681e2848cf35729a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Origin
https://pegasusmedical.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 16 Jan 2020 18:27:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status
200
vary
Accept-Encoding
x-served-by
visitor-application-preemptive-nlzt
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://pegasusmedical.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
556224215e38d6d5-FRA
access-control-allow-headers
origin, content-type
api.js
www.google.com/recaptcha/
797 B
640 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::75 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
b32f68a50991e4305b24df038e3ca16c9a32ffe1cc0b60e7cfa34096d48d35a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
492
x-xss-protection
1; mode=block
expires
Thu, 16 Jan 2020 18:27:01 GMT
shell.js
js.hsforms.net/forms/ Frame DC5D
420 KB
116 KB
Script
General
Full URL
https://js.hsforms.net/forms/shell.js
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b949 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca83bf6c4611e07ea8b93893694e16957cd66082de76afb1ee564fba6f055750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:27:02 GMT
via
1.1 47c0295005ec7d8570406951491004c3.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
409
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-amz-version-id
gCHbnfLfRD6TgIiY4HAm19.GmuNmLHpw
last-modified
Wed, 08 Jan 2020 02:12:01 GMT
server
cloudflare
etag
W/"01f4b8448e5b99e492b97afdd1268a74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-amz-cf-pop
IAD89-C3
cf-ray
556224216ed7c2a4-FRA
x-amz-cf-id
G2bKIY-0AcK0UgU1jF2JGU80nHkuwmzwJ-EVj5638FBxG3Qt95X86w==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/A1Aard-wURuGsXRGA7JMOqVO/
255 KB
91 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/A1Aard-wURuGsXRGA7JMOqVO/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7048656614a2cfe865336abb6d6223fb523c5882b9f992ee112fad38ab5b8291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 17:16:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Jan 2020 05:04:49 GMT
server
sffe
age
263440
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
93232
x-xss-protection
0
expires
Tue, 12 Jan 2021 17:16:22 GMT
css
fonts.googleapis.com/ Frame DC5D
783 B
451 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3147026ff99804131affcb3cadbdfd49c0a07583682aefcc1198f57e2614d5b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 16 Jan 2020 18:27:02 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 16 Jan 2020 18:27:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 16 Jan 2020 18:27:02 GMT
forms-next-v2-captcha
app.hubspot.com/ Frame E8C4
0
0
Document
General
Full URL
https://app.hubspot.com/forms-next-v2-captcha
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fd05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
app.hubspot.com
:scheme
https
:path
/forms-next-v2-captcha
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Thu, 16 Jan 2020 18:27:02 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=da6578bd42434742fc5dcea9334a96eda1579199222; expires=Sat, 15-Feb-20 18:27:02 GMT; path=/; domain=.hubspot.com; HttpOnly; SameSite=Lax
x-amz-replication-status
COMPLETED
last-modified
Fri, 26 Jan 2018 04:28:10 GMT
x-amz-version-id
z9bLV8d4.yruStD_kdZCmLp6b0cakt0u
etag
W/"a5022c82eff235a78f2a19b2077c892f"
x-cache
Hit from cloudfront
via
1.1 97971aa6c140e2dfc8adaee6c929eedc.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
x-amz-cf-id
dWotjYjRPk-Yit_Tp30C0-heS6jK3NHNrblvYr4UjOJ-7vnPFneWTw==
age
245
access-control-allow-credentials
false
cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
556224222fbdc28b-FRA
content-encoding
br
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v14/ Frame DC5D
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Raleway
Origin
https://pegasusmedical.net

Response headers

date
Fri, 20 Dec 2019 05:17:46 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:04 GMT
server
sffe
age
2380156
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13428
x-xss-protection
0
expires
Sat, 19 Dec 2020 05:17:46 GMT
anchor
www.google.com/recaptcha/api2/ Frame 53D4
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&co=aHR0cHM6Ly9wZWdhc3VzbWVkaWNhbC5uZXQ6NDQz&hl=en&v=A1Aard-wURuGsXRGA7JMOqVO&size=invisible&badge=inline&cb=z6vkvm6c3tt4
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/A1Aard-wURuGsXRGA7JMOqVO/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::75 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3KqQkbBoIoQ4hePvsPLUhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&co=aHR0cHM6Ly9wZWdhc3VzbWVkaWNhbC5uZXQ6NDQz&hl=en&v=A1Aard-wURuGsXRGA7JMOqVO&size=invisible&badge=inline&cb=z6vkvm6c3tt4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 16 Jan 2020 18:27:02 GMT
content-security-policy
script-src 'report-sample' 'nonce-3KqQkbBoIoQ4hePvsPLUhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9203
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
tawk-widget.woff2
static-v.tawk.to/a-v3/fonts/ Frame 81F4
3 KB
3 KB
Font
General
Full URL
https://static-v.tawk.to/a-v3/fonts/tawk-widget.woff2?yh9epr
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5dc340ca154bf74666b7e057/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c75617f26fef298699c4bc09793ce8dfc1ab9ee265cd6a5275d528c259e229
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Origin
https://pegasusmedical.net

Response headers

date
Thu, 16 Jan 2020 18:27:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
75293
status
200
strict-transport-security
max-age=0; includeSubDomains; preload
content-length
2744
pragma
public
last-modified
Mon, 15 Jul 2019 17:37:05 GMT
server
cloudflare
etag
"5d2cb9c1-ab8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
556224226a18c2ef-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
vs34.tawk.to/s/
101 B
280 B
XHR
General
Full URL
https://vs34.tawk.to/s/?k=5e20aaf6dc4a352013c72e49&u=oDyCFGYX3hrQPOkl5pvxCuR2oGBDMvgKqrKtBInY6t8RQGJFCAfD6Mwi%2BmhdOsM5&uv=2&a=5dc340ca154bf74666b7e057&cver=0&pop=false&w=2luvRa&jv=681&asver=46&ust=false&p=EZ-Swipe%20Landing%20-%20Pegasus%20Medical%20Concepts&r=&EIO=3&transport=polling&__t=M-lcz61
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5dc340ca154bf74666b7e057/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c05c48653b42f9fec84134c7b3961d4c2609a8a1f7d817d163b80bd625bac9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Origin
https://pegasusmedical.net

Response headers

date
Thu, 16 Jan 2020 18:27:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://pegasusmedical.net
access-control-allow-credentials
true
cf-ray
556224228a2cd6d5-FRA
content-length
101
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 03D7
413 B
582 B
Image
General
Full URL
https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7
Requested by
Host: pegasusmedical.net
URL: https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
etag
W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
image/png
status
200
access-control-expose-headers
*
cache-control
public, max-age=31536000
date
Thu, 16 Jan 2020 18:27:02 GMT
accept-ranges
bytes
timing-allow-origin
*
content-length
413
x-served-by
cache-ams21051-AMS, cache-fra19156-FRA
bframe
www.google.com/recaptcha/api2/ Frame F39B
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=A1Aard-wURuGsXRGA7JMOqVO&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&cb=b648w7axy6nk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/A1Aard-wURuGsXRGA7JMOqVO/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::75 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tIXh0xVy1HCWMvoBD1OZww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=A1Aard-wURuGsXRGA7JMOqVO&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&cb=b648w7axy6nk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 16 Jan 2020 18:27:02 GMT
content-security-policy
script-src 'report-sample' 'nonce-tIXh0xVy1HCWMvoBD1OZww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1162
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
/
vs34.tawk.to/s/
651 B
712 B
XHR
General
Full URL
https://vs34.tawk.to/s/?k=5e20aaf6dc4a352013c72e49&u=oDyCFGYX3hrQPOkl5pvxCuR2oGBDMvgKqrKtBInY6t8RQGJFCAfD6Mwi%2BmhdOsM5&uv=2&a=5dc340ca154bf74666b7e057&cver=0&pop=false&w=2luvRa&jv=681&asver=46&ust=false&p=EZ-Swipe%20Landing%20-%20Pegasus%20Medical%20Concepts&r=&EIO=3&transport=polling&__t=M-lczE9.0&sid=JhUUZav9UAFBStAuDVUT
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5dc340ca154bf74666b7e057/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0abc35367f1accfde8f43aed74a998a54197c60f5edbb1b297e3dd2599faa188
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Origin
https://pegasusmedical.net

Response headers

date
Thu, 16 Jan 2020 18:27:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://pegasusmedical.net
access-control-allow-credentials
true
cf-ray
55622425ad1bd6d5-FRA
content-length
651
v3
va.tawk.to/log-performance/
5 B
116 B
XHR
General
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5dc340ca154bf74666b7e057/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Origin
https://pegasusmedical.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 16 Jan 2020 18:27:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
vary
Accept-Encoding
x-served-by
visitor-application-preemptive-ddr0
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pegasusmedical.net
access-control-allow-credentials
true
cf-ray
556224267ffcd6d5-FRA
access-control-allow-headers
origin, content-type
/
vs34.tawk.to/s/
4 B
86 B
XHR
General
Full URL
https://vs34.tawk.to/s/?k=5e20aaf6dc4a352013c72e49&u=oDyCFGYX3hrQPOkl5pvxCuR2oGBDMvgKqrKtBInY6t8RQGJFCAfD6Mwi%2BmhdOsM5&uv=2&a=5dc340ca154bf74666b7e057&cver=0&pop=false&w=2luvRa&jv=681&asver=46&ust=false&p=EZ-Swipe%20Landing%20-%20Pegasus%20Medical%20Concepts&r=&EIO=3&transport=polling&__t=M-lczG6&sid=JhUUZav9UAFBStAuDVUT
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5dc340ca154bf74666b7e057/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
Origin
https://pegasusmedical.net

Response headers

date
Thu, 16 Jan 2020 18:27:03 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://pegasusmedical.net
access-control-allow-credentials
true
cf-ray
556224267808d6d5-FRA
content-length
4
__ptq.gif
track.hubspot.com/
45 B
232 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=643011938&v=1.1&a=5737674&rcu=https%3A%2F%2Fpegasusmedical.net%2Fez-swipe-campaign%2F&pu=https%3A%2F%2Fpegasusmedical.net%2Fez-swipe-campaign%2F%3Futm_content%3D82036952%26_hsenc%3Dp2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw%26_hsmi%3D82036952&t=EZ-Swipe+Landing+-+Pegasus+Medical+Concepts&cts=1579199226867&vi=cc89e8b9d5311500bed9527432340e85&nc=true&u=122421524.cc89e8b9d5311500bed9527432340e85.1579199226865.1579199226865.1579199226865.1&b=122421524.1.1579199226865
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fd05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:27:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
5562243ffc88c28b-FRA
content-type
image/gif
content-length
45
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
104 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=5086fb23-8e90-4b86-9ecf-ae0b9821d4b3&fci=6ddca98b-19f6-4eaa-9ea3-9c1f0426cc9c&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=643011938&v=1.1&a=5737674&rcu=https%3A%2F%2Fpegasusmedical.net%2Fez-swipe-campaign%2F&pu=https%3A%2F%2Fpegasusmedical.net%2Fez-swipe-campaign%2F%3Futm_content%3D82036952%26_hsenc%3Dp2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw%26_hsmi%3D82036952&t=EZ-Swipe+Landing+-+Pegasus+Medical+Concepts&cts=1579199226868&vi=cc89e8b9d5311500bed9527432340e85&nc=true&u=122421524.cc89e8b9d5311500bed9527432340e85.1579199226865.1579199226865.1579199226865.1&b=122421524.1.1579199226865
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fd05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:27:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
5562243ffc8bc28b-FRA
content-type
image/gif
content-length
45
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
104 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=17&fi=5086fb23-8e90-4b86-9ecf-ae0b9821d4b3&fci=6ddca98b-19f6-4eaa-9ea3-9c1f0426cc9c&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=643011938&v=1.1&a=5737674&rcu=https%3A%2F%2Fpegasusmedical.net%2Fez-swipe-campaign%2F&pu=https%3A%2F%2Fpegasusmedical.net%2Fez-swipe-campaign%2F%3Futm_content%3D82036952%26_hsenc%3Dp2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw%26_hsmi%3D82036952&t=EZ-Swipe+Landing+-+Pegasus+Medical+Concepts&cts=1579199226869&vi=cc89e8b9d5311500bed9527432340e85&nc=true&u=122421524.cc89e8b9d5311500bed9527432340e85.1579199226865.1579199226865.1579199226865.1&b=122421524.1.1579199226865
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fd05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://pegasusmedical.net/ez-swipe-campaign/?utm_content=82036952&_hsenc=p2ANqtz-8IsnCoxYiegX7TyAHIeaP7QFpW5f73SEwMC9vbXT69ZuxgCIlmofBRSwYLB8pWURJEiNel0EzS_s1U8oRPJ1KYKDGghw&_hsmi=82036952
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 16 Jan 2020 18:27:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
5562243ffc8dc28b-FRA
content-type
image/gif
content-length
45
x-robots-tag
none

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| FontAwesomeCdnConfig string| cssUrl object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery undefined| oldgs object| punchgs object| _gsScope undefined| oldgs_queue undefined| GreenSockGlobals undefined| _gsQueue function| revslider_showDoubleJqueryError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React undefined| reqwest function| OutpostErrorReporter undefined| Pikaday function| hns2 function| hmerge undefined| I18n undefined| ReactDOM undefined| require undefined| requirejs undefined| define undefined| exports undefined| module undefined| bootstrap object| HSFR object| _hsq function| hs_reqwest_0 object| Tawk_API object| Tawk_LoadStart object| wpcf7 object| screenReaderText function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox object| jQuery1124043593397345920826 object| _paq boolean| _hstc_loaded string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName function| hsRecaptchaLoadCallback number| RECAPTCHA_INTERVAL object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha object| closure_lm_176438 boolean| _hstc_ran string| __hsUserToken number| expireDateTime

4 Cookies

Domain/Path Name / Value
pegasusmedical.net/ Name: __hssc
Value: 122421524.1.1579199226865
pegasusmedical.net/ Name: __hssrc
Value: 1
pegasusmedical.net/ Name: hubspotutk
Value: cc89e8b9d5311500bed9527432340e85
pegasusmedical.net/ Name: __hstc
Value: 122421524.cc89e8b9d5311500bed9527432340e85.1579199226865.1579199226865.1579199226865.1

2 Console Messages

Source Level URL
Text
console-api debug URL: https://hs-5737674.t.hubspotstarter-i9.net/e2t/c/*W1v3RK08vTc8bW4DJ_DY2MVXtd0/*Vz-znN79pgvnW5HQnKC2bm-gQ0/5/f18dQhb0S5fj8XJ9fqN7NTYndHyjJqVQZ8Wg3Mqr7CN3hHh8mXL0jYMp3s9rqlt_kW54SnR332p-DpVKnFG830nqkJW6ghYqr1TKB7hN5nbq6BGXpVfW8Zg3Ym4bH_qwW2N33B53_t0gLW32Gf2Q4dy5FSW1kxCT64cMfVrW3Kqlz72KFZxKN3Z7ntXMNBCZVMMQxX80gSRfW97rB1b8xqZz6W8sdjGp2vZVgTW2DggNq27nGJxW1p1wky6Q8BfkW64Kqzc6T70p4W3lKcg_4SDxrnW5sGtfk4xtj9MW65Y-zD5xvsHWN3fN8YmdNYLdW98yFn06LKkZDVSC1bb8kXvBzVYgyNj6Tp195W5r1Nts7wTZy2W9jW8Z38csGDVVD2JF57jWY7ZN3jhJSBhJw6qW47YrBy1qxjJdN95S7zbsjV00W5XThPz1KLznlW7j5dZm56fn9fW7zG_sY66pp3YW7bxjW79k5_YSW3y19vM3wMXFCD1d5FyrjH0103(Line 13)
Message:
toS
console-api log URL: https://secureservercdn.net/160.153.137.99/zho.396.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1&time=1579196725(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.hubspot.com
cdn.flipsnack.com
cdn.jsdelivr.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
hs-5737674.t.hubspotstarter-i9.net
js.hs-analytics.net
js.hs-scripts.com
js.hsforms.net
pegasusmedical.net
player.vimeo.com
secureservercdn.net
static-v.tawk.to
track.hubspot.com
use.fontawesome.com
va.tawk.to
vs34.tawk.to
www.google.com
www.gstatic.com
143.204.101.8
151.101.112.217
192.124.249.18
2001:4860:4802:32::75
23.111.9.35
2606:4700:10::6814:f34f
2606:4700::6810:5705
2606:4700::6810:fd05
2606:4700::6811:43b0
2606:4700::6811:b949
2606:4700::6811:d2cc
2606:4700::6812:183
2a00:1450:4001:814::2003
2a00:1450:4001:815::2003
2a00:1450:4001:824::200a
2a02:fe80:1010::16
2a04:4e42:3::621
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
0340afc9e03e861bf1ace48fe900054ca7df17a00cc9a7e8e4cded4bc560eb81
0550e4fee4126a10c8f98a6ecec6b36604065ac324bf25f9fafe58893a734218
093fe32275a2f13a08e2930ed01db207a289ea933e649d813d8a29572902aad8
0abc35367f1accfde8f43aed74a998a54197c60f5edbb1b297e3dd2599faa188
0d79496cc65afa5c84932f9a0d8da2e8153bde1f46ccc11a91bd46be6132ee56
10c339550d586fdc27b323069f9dfbdc9d4b2ff97d04b4748edf8ecf8fd5586b
10eff5b3cdc93e9ecf312cb2de0e2127411181fad72fbc74527488f5f917c175
1761b46cb1bcb4cfb4c627392d4658d0ef4e58bc68f73afaa4011da4c7b880ea
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1add8dd86b460f80f1270626785c08bbebd9414cd449733a150547c2a68d1b4d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f951afc759dfae0200d0e26610d57495b680210b2a71f512a7d306cc1299cbf
2119db473349eab97db595ff394b61b77b46a7cf2b509ace51309a9d84f44b26
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b682eafdbb1105c7e0292965160ed0e2a446a30ac0d49049297f29e8c48a278
2d295222f579413780610932d4550bc979937e133c124fff59b4b60da23d7a54
3147026ff99804131affcb3cadbdfd49c0a07583682aefcc1198f57e2614d5b0
37e2cc2fc92e7d15c207169b00e664ac6a32f0d5ed15ff6cb5038aadfed3b2a5
3cb4c2092414f20e48acd8ea90790e99464b82e0d13ac0287832330a86ed22da
3f1aa5a10ea3d62b73bc533b480c8f889dd560d1c2d905bdefef5988a6e70391
40f2c09588f43af65b7174e925a71314af1be77532703e548d302af40b5f7b82
43c05c48653b42f9fec84134c7b3961d4c2609a8a1f7d817d163b80bd625bac9
43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e1b3528e126d9bc1943fac6361042e4f85677b26fbf805665bea702f6578dac
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5c0db6629949af3bf28c7a60f38eff1fd1a47a49ef8b2f26e83b66a2a31396c1
67a51ecd944eb630e4073a73c5142afd6d70e8634dd52d903fc58b28cb02e4d9
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a
7048656614a2cfe865336abb6d6223fb523c5882b9f992ee112fad38ab5b8291
73c88e990f7951c4d6538b8a50e0acd779cddf8bc585052cf8bd0d3a770211e0
767f465ce2cd75969f101b1333638f68a9c9399a6804cbcfb051ff3c66c3e09b
7bbae6fa292c467a01860c011519ac4fa119b4e4ea3cc56e864415e813fb7a72
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
85d5902aa4552391d6dde945cf635b96fd3d816eab5e39e5cf1b5dadff037668
8780a1296b2198218955f78f1121bf0577804e60dc207a2ba75d6400d4f836a4
87f3cbc50c0eaf780733e936bd0de9883018fed4142cd0fded39563c85bab1a6
89f0d69b447160014b6666f9ccae01580a2bc20e968cecd71e809a53e8a0f090
8cdc53975174314cc55ef7ca7ee80afbf80e724452e4b0fc7e4bea1e43ad4f59
91da8476978e60bec49cae99c09205e5be2d6ff9de9ed420f72d89ec9e7b9ab3
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
98623530a25d81d9c3faf11e788353781b73a45a5cd00c786dca10889f942150
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9e56e9da28569baf9a2d9466c69c24dc41affec201bfec90fff6fad642131b5d
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a011e7e4611f55d0d73749411e3ebb107fc759a9a42a7f63a2820fd10a9fabcd
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
b32f68a50991e4305b24df038e3ca16c9a32ffe1cc0b60e7cfa34096d48d35a6
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b92f18f9d8e47a1492c142bf71ff12d4c578af1cc7cf77acb043d0e573ba2a7c
c64badcd6afa56e9c30bb814593d1bb3e8b49dc05de4fd0c57f01c2abdaba315
c6c75617f26fef298699c4bc09793ce8dfc1ab9ee265cd6a5275d528c259e229
ca83bf6c4611e07ea8b93893694e16957cd66082de76afb1ee564fba6f055750
d1bc6824ff3dcc4ccc747abb0ecae27105a15f9006fedfad3bd27912a94ee562
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
d5acdc2cbc7cc6aa9f514c1203f62f6f76d48d53b2c61becc7939082331385b9
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e6af11911622b8ccf7a7d095685360f6d16f3dde97a360de681e2848cf35729a
f3d8cc9601bcfd016bf471f13c7a50e823ed10fa4a99dbf23516b82719c91545
f54182b6eb69d3b0a4d751fa3b724babdba0b4fb9d86ebba0566d79628c01e57
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586
f98e89b29a0d780c525c447314205b62a291416ba004485591d57da672eef518