urlscan.io logo urlscan.io
SecurityTrails logo

cloud.hello.x-claim.com Open in urlscan Pro
13.110.204.16  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.hello.x-claim.com/?qs=fb32af0c161f032789f1c77f681386443bfc734c60b9fedf2e51eba9d927300e5d1adacbd6e4b0911b19dc6cb3a6...
Effective URL: http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fb...
Submission: On February 11 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 18 HTTP transactions. The main IP is 13.110.204.16, located in United States and belongs to SALESFORCE, US. The main domain is cloud.hello.x-claim.com.
This is the only time cloud.hello.x-claim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.110.196.1 14340 (SALESFORCE)
1 13.110.204.16 14340 (SALESFORCE)
1 4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:2c40::c7... 209242 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
18 9
1    13.110.196.1 (United States)

ASN14340 (SALESFORCE, US)
PTR: click.s12.exacttarget.com
click.hello.x-claim.com
1    13.110.204.16 (United States)

ASN14340 (SALESFORCE, US)
PTR: pub.s12.exacttarget.com
cloud.hello.x-claim.com
4    2606:4700::6811:f4cc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
3    2606:2c40::c73c:67fe (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.x-claim.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
5 x-claim.com
click.hello.x-claim.com
cloud.hello.x-claim.com
www.x-claim.com
83 KB
4 hubspot.net
cdn2.hubspot.net — Cisco Umbrella Rank: 6319
17 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
89 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 250
fonts.googleapis.com — Cisco Umbrella Rank: 35
33 KB
2 gstatic.com
fonts.gstatic.com
36 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610
40 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 401
2 KB
18 7
Domain Requested by
4 cdn2.hubspot.net 1 redirects cloud.hello.x-claim.com
3 cdnjs.cloudflare.com cloud.hello.x-claim.com
cdnjs.cloudflare.com
3 www.x-claim.com cloud.hello.x-claim.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com cloud.hello.x-claim.com
www.x-claim.com
2 maxcdn.bootstrapcdn.com cloud.hello.x-claim.com
1 cdn.jsdelivr.net cloud.hello.x-claim.com
1 ajax.googleapis.com cloud.hello.x-claim.com
1 cloud.hello.x-claim.com
1 click.hello.x-claim.com 1 redirects
18 10

This site contains links to these domains. Also see Links.

Domain
www.x-claim.com
Subject Issuer Validity Valid
www.x-claim.com
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2021-06-04 -
2022-06-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264
Frame ID: DD41FFA8EDF029060807072DA918727C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

XCLAIM | Communication Preferences

Page URL History Show full URLs

  1. http://click.hello.x-claim.com/?qs=fb32af0c161f032789f1c77f681386443bfc734c60b9fedf2e51eba9d927300e5d1adacb... HTTP 302
    http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de2807... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

18
Requests

89 %
HTTPS

80 %
IPv6

7
Domains

10
Subdomains

9
IPs

2
Countries

300 kB
Transfer

769 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.hello.x-claim.com/?qs=fb32af0c161f032789f1c77f681386443bfc734c60b9fedf2e51eba9d927300e5d1adacbd6e4b0911b19dc6cb3a69941f224147ef9f782fd98cc2f01e950e960 HTTP 302
    http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1635876356311/hubspot/hubspot_default/shared/responsive/layout.min.css HTTP 301
  • https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1635876356311/hubspot/hubspot_default/shared/responsive/layout.min.css

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request preference_center
cloud.hello.x-claim.com/
Redirect Chain
  • http://click.hello.x-claim.com/?qs=fb32af0c161f032789f1c77f681386443bfc734c60b9fedf2e51eba9d927300e5d1adacbd6e4b0911b19dc6cb3a69941f224147ef9f782fd98cc2f01e950e960
  • http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email...
11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264
Protocol
HTTP/1.1
Server
13.110.204.16 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
pub.s12.exacttarget.com
Software
/
Resource Hash
39d605746964470e2732c552058575daf9ff48678e5ed343247517602bae4ffb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Date
Fri, 11 Feb 2022 08:30:46 GMT
Connection
close
Content-Length
3257

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264
Date
Fri, 11 Feb 2022 08:30:46 GMT
Connection
close
Content-Length
443
layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1635876356311/hubspot/hubspot_default/shared/responsive/
Redirect Chain
  • http://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1635876356311/hubspot/hubspot_default/shared/responsive/layout.min.css
  • https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1635876356311/hubspot/hubspot_default/shared/responsive/layout.min.css
5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1635876356311/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by
Host: cloud.hello.x-claim.com
URL: http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264
Protocol
H2
Server
2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://cloud.hello.x-claim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1635876356404
date
Fri, 11 Feb 2022 08:30:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
316
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rdt%2BgwcJ76dbpwcYengyhZfp%2FzFsNCGOszVGiB3I%2FdByyv7LGND0ZBIbC06w8y89Mg%2BkWuI0UqFL7OBpx%2Fn3k4vA%2FqkGIG55o%2BZZhfPhsfn2COz30wGirh30eP8oSvKPF6FZWIxT0zQ5GTopnJc%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
last-modified
Tue, 02 Nov 2021 18:05:57 GMT
server
cloudflare
etag
W/"0b0c633d59ab0af9553a98c0e7d97349"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop
IAD89-P2
cf-ray
6dbc37a46b8172ae-LHR
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12

Redirect headers

Date
Fri, 11 Feb 2022 08:30:49 GMT
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RE8lBd5odV7tYq%2BgV9hhIxsJvPutmalUCixfBUg8rrkWO3y6iIQNaYty8cW5b3%2BU%2Fq2FzimJBRQHZS1tMHqcuUX1bL7vnKOhBMBXrTJLw%2BQrdop9T%2FWLh%2BODXv5FDeOTRAU88wxAoM751izs%2BM%3D"}],"group":"cf-nel","max_age":604800}
Location
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1635876356311/hubspot/hubspot_default/shared/responsive/layout.min.css
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6dbc37a43ca18868-LHR
Expires
Fri, 11 Feb 2022 09:30:49 GMT
xclaim_style.min.css
www.x-claim.com/hs-fs/hub/6070773/hub_generated/template_assets/23765079771/1620391447736/Xclaim_-_Dec2019/Style/ 		158 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.x-claim.com/hs-fs/hub/6070773/hub_generated/template_assets/23765079771/1620391447736/Xclaim_-_Dec2019/Style/xclaim_style.min.css
Requested by
Host: cloud.hello.x-claim.com
URL: http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
20819a2fc7f60138ca293099a91d44f05336fae6c793339366f3f350f4d26b5d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://cloud.hello.x-claim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1620391448233
date
Fri, 11 Feb 2022 08:30:49 GMT
via
1.1 5840e9664aef77d9be1f708259e60d56.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-P2
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
2SN285VAC3FVSWPQ
x-amz-id-2
35a6uWR3U+EFfSANnJgOcTUrCHBVMP79Uj+1XZ/lsm65y33gu0nswswMmRiV3JxCq69SHLWDbUQ=
last-modified
Fri, 07 May 2021 12:44:09 GMT
server
cloudflare
etag
W/"9a876097b112141c7e4893d18f0660d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TX0Gimog3nieRYEqWgB6wW%2F1BiU0ye2C0qsYL6oN0PE8qgIqfIs47m14Tfv7fnUXVL%2FE0x9PyvthEcesX%2BP9%2B8x8pZ2EIFWgmOKibvXDI4xU6SkWWrWJr0m%2BsZSUquy8uDoJweb9Jl6vrH2C4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
kK3op7E_EJTrkOlje1zaTd2HIpFMLkE0
cf-ray
6dbc37a4c9d2004a-LHR
x-amz-cf-id
972ciRvPiwDgBoVlzPUqJjSqt2Fu9bSZmNoNl5HjbATXmddrrNpcqw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
owl.carousel.min.css
cdn2.hubspot.net/hubfs/692469/Redswitches%20-%20Website%20Development%202018/owl%20carousel/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hubfs/692469/Redswitches%20-%20Website%20Development%202018/owl%20carousel/owl.carousel.min.css
Requested by
Host: cloud.hello.x-claim.com
URL: http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://cloud.hello.x-claim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Fri, 11 Feb 2022 08:30:49 GMT
via
1.1 d96c6a517450b169095d23aff6d646a4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-5778880039,FD-5779303166,P2u8r,FLS
age
62667
edge-cache-tag
F-5778880039,FD-5779303166,P2u8r,FLS
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
GNFXAKQSFBJFJX7Y
x-amz-id-2
nHJBQZ2GhP4W2X8QnRoHuPMWNfSheNWPuQv0rQooAAzLXLxsj9QxfpSuJpp+7I3R08CVq04fAtw=
last-modified
Tue, 15 May 2018 13:41:44 GMT
server
cloudflare
etag
W/"b2752a850d44f50036628eeaef3bfcfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZfzalFI5WSd3KXP2Po562NjKiUB8mGUPk5NZ6hgUBi3%2BvZG8kFcWRvBYNCXzue94XH%2B0h2q4nzYlr%2F9iouabo%2FcgXyFum6V9LrZIT6gIFO7frtCk5n13OwPueDZ4%2FCvH0yo%2BmuMaQRh3HKAsK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
ptsDk8wcHa4LPjlxwj7Lq3RWXqEvrJy.
x-amz-cf-pop
LHR3-C2
cf-ray
6dbc37a46b7d72ae-LHR
x-amz-cf-id
Skrw2RqJO8PL2S_6Uij_UnzHLctlunIWpFfpdi4DLveXQO7Qgj8qdQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
rellax.min.js
www.x-claim.com/hubfs/Xclaim%20Dec%202019/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.x-claim.com/hubfs/Xclaim%20Dec%202019/rellax.min.js
Requested by
Host: cloud.hello.x-claim.com
URL: http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9a0379bb70345e0c6e3c3b82f60cf02a3d64f526258f832ca8c43670a02091

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://cloud.hello.x-claim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Fri, 11 Feb 2022 08:30:49 GMT
via
1.1 20405ed0e9ef5e72d636863d6d962362.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-25533671078,FD-23763113360,P-6070773,FLS-ALL
age
23182
edge-cache-tag
F-25533671078,FD-23763113360,P-6070773,FLS-ALL
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
GNFZKJ68GDSHTCNB
x-amz-id-2
mOyxHzXViw756bigVfDrS3RUGkoD26Yw6rbBh+fBh2GOyC1Zufjv9Sr9HPB3HR3x732VMR3fzPc=
last-modified
Mon, 10 Feb 2020 15:22:16 GMT
server
cloudflare
etag
W/"cc34f33d7d2795cfca13c09dc7b4cd08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQy6n1XoO1MahURoeSTfXBNSTyDi0l8nj%2Fjh%2F2rnRv2W3H6GjHf5pJAQxq2Vzfkb7eus%2B4IPO83h5Mrztv6kDYWhN9AyDB1VsgceLJC3gQU13U9ou10eDx28KgpPaK64dsQVxhuXD2SQ3SMxiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
AV3pOCXBvb0.AO5FmRiQsCPnDnrcCMNn
x-amz-cf-pop
LHR3-C2
cf-ray
6dbc37a4c9d3004a-LHR
x-amz-cf-id
2tj_dmhsHUqmqJ_Q3Ktx_uMR2wk4nhNldjUdLmkhR57gmqkVMSS9fQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
owl.carousel.min.js
cdn2.hubspot.net/hubfs/692469/Redswitches%20-%20Website%20Development%202018/owl%20carousel/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hubfs/692469/Redswitches%20-%20Website%20Development%202018/owl%20carousel/owl.carousel.min.js
Requested by
Host: cloud.hello.x-claim.com
URL: http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4fd17b93dc06b43c902c013cd58aeec361d691ec331d40c2d440ba43ed4eb9f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://cloud.hello.x-claim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Fri, 11 Feb 2022 08:30:49 GMT
via
1.1 78c7e5b1be457bfecc477642c3ddd802.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-5779304440,FD-5779303166,P2u8r,FLS
age
62667
edge-cache-tag
F-5779304440,FD-5779303166,P2u8r,FLS
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
GNFHQNCS1H6XAXP7
x-amz-id-2
hjTAgw54EiOUH/xbaTjoQBVCdketzhklf1uLFWREHOGD38Pm1x+bnVQYRoL2cnBONUrBrTu/uCg=
last-modified
Wed, 16 May 2018 14:40:57 GMT
server
cloudflare
etag
W/"535b232415a1a2f19ebe1340bd91336a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjtVHB7s9t4IFe95KecS6MU97UIxQcY1xEtSJlX5p7DrqHjl1nxvFW1Jl28DovGF0TCJQC9J0rNbiW6eol9YEqqe6o8se0OQpSd5ZOs43fNfjDFwToifv7lIA9f17MPgUY3Z8gj0NU6AyyKm478%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
l1Fm0ENVAMUUeANJaj7Jae5GfGs1cOfs
x-amz-cf-pop
LHR3-C2
cf-ray
6dbc37a46b7f72ae-LHR
x-amz-cf-id
7zuRmGTnVhbiOuaa6BzQZDS__X5ASuZwG-xhEgXu5zD0URM1iyEBSw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
Requested by
Host: cloud.hello.x-claim.com
URL: http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://cloud.hello.x-claim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 08:30:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
9331797
cdn-cachedat
2021-04-23 06:38:57
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
449f72d8e0e791782401025d8738a9f3
cf-ray
6dbc37a46a9375d1-LHR
cdn-requestcountrycode
FR
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: cloud.hello.x-claim.com
URL: http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://cloud.hello.x-claim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Feb 2023 16:13:36 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js
Requested by
Host: cloud.hello.x-claim.com
URL: http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://cloud.hello.x-claim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 08:30:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2116782
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6696
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-5309"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLeWllpkQD3FbQyAD12p5xOAe6hdNyW3aJLszBd1pusM%2BxyljvwswyG2Io5THQ7XmcCeAh04EjPbSS0LcXKYbI9kEbPclvfxc3Ihd5od8DVnVqgs0ZI2xymtEtuMInAR6i95M6RaC2PuYrvaGQT5S0hq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6dbc37a46f2e7562-LHR
expires
Wed, 01 Feb 2023 08:30:49 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
Requested by
Host: cloud.hello.x-claim.com
URL: http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://cloud.hello.x-claim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 08:30:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
9331797
cdn-cachedat
2021-04-23 06:18:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
9e1bf0d51a5a16979a71d1693c8a36a8
cf-ray
6dbc37a46a9475d1-LHR
cdn-requestcountrycode
FR
cdn-requestpullsuccess
True
magnific-popup.css
cdn.jsdelivr.net/jquery.magnific-popup/1.0.0/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.magnific-popup/1.0.0/magnific-popup.css
Requested by
Host: cloud.hello.x-claim.com
URL: http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9b46564ac46129178836c023603443d7006edb2cfa7ae14ab8b01b19fc7fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://cloud.hello.x-claim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 08:30:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
9331790
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19176-FRA, cache-lcy19224-LCY
timing-allow-origin
*
server
cloudflare
etag
W/"1e7d-kILmU+/fEqjzYADYKvzqylQJ3bA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6dbc37a4581b7509-LHR
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: cloud.hello.x-claim.com
URL: http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://cloud.hello.x-claim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 08:30:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
734500
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8o4N8xVXLPqyfiWYtWLenieIhvLSMCebmWEfrlk23g6DPOSn0wqy5yydLKjGMfJSgiRHzY5qoj9TGm8WxQEm1GPWSyXh7M%2FAA%2BZJU1%2FhwFjTwHzdBjlWL07RmsVVOejPTYm0vNcQ4WfoZnOfmXOEhhTs"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6dbc37a46f2d7562-LHR
expires
Wed, 01 Feb 2023 08:30:49 GMT
css2
fonts.googleapis.com/ 		716 B
874 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Unna:wght@700&display=swap
Requested by
Host: cloud.hello.x-claim.com
URL: http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bd1bc0ff7736d67803263144ab4a96659b7b6a69e0fb57c86a4f54d3176b9ad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://cloud.hello.x-claim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 11 Feb 2022 08:30:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 11 Feb 2022 08:30:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 11 Feb 2022 08:30:49 GMT
xcmLogo_webLg_white.png
www.x-claim.com/hubfs/New%20Registered%20Logos/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.x-claim.com/hubfs/New%20Registered%20Logos/xcmLogo_webLg_white.png
Requested by
Host: cloud.hello.x-claim.com
URL: http://cloud.hello.x-claim.com/preference_center?qs=bc6ab450e654e13f0d03fa7b374f2a2cba0b6ca065fec59e1de280790521ed163d615f097fbae7c48ec42b1994a3441592098ad71fc924b0&utm_source=sfmc&utm_medium=email&utm_campaign=post_trade_survey_branded&utm_term=Footer%3a+Email+preferences&utm_id=21515&sfmc_id=9784264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad979a02737146c041b4de1f474471365c3bc1729b660012c7b49fd5df0058f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://cloud.hello.x-claim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-36450624136,FD-36450624122,P-6070773,FLS-ALL
x-amz-request-id
81Z7CX0DFPAGR0M9
x-amz-server-side-encryption
AES256
edge-cache-tag
F-36450624136,FD-36450624122,P-6070773,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
etag
"bd7998144faf6079b51a813ef883faa3"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1603258491127
date
Fri, 11 Feb 2022 08:30:49 GMT
via
1.1 253e41640534a8ebde4c0b8e13b25d54.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LHR3-C2
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
46670
x-amz-id-2
ZfSQ012BVWaa2VXkrR5NExYG5QVASacKiISS0mDGNlDU/INSa6GiJjopX4AlvMmWFp4vFyf1AVw=
last-modified
Wed, 21 Oct 2020 05:34:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNxs8VVhO5%2B78gZAtXC3t0COGOSPRpCOzb72F%2BK7cvf%2FSzXOhfga%2FSjRF0RcrgBLpgduhXvfi%2Fp230tvuHXUgyV1%2FiYGkZEXmIh4Yqg9ZSen03C6J9igVnxu8%2Brpku2OwqtCOVPrpKCzKv70jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
40TTTnhQLbN8UXsUQeHk9IYX7uWDpRAT
accept-ranges
bytes
cf-ray
6dbc37a51a22004a-LHR
x-amz-cf-id
JiM4uBrodeHzf0TaLyXP6xnKWN7l7LMNmpqA-01PYkTl1fpOqCyGjg==
css
fonts.googleapis.com/ 		23 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:100,300,300i,400,400i,500,500i,600,600i,700,700i|IBM+Plex+Sans+Condensed:400,600&display=swap%22%20rel=%22stylesheet
Requested by
Host: www.x-claim.com
URL: https://www.x-claim.com/hs-fs/hub/6070773/hub_generated/template_assets/23765079771/1620391447736/Xclaim_-_Dec2019/Style/xclaim_style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b62cd3e9aea5c051e86fed748ee5eb04804cbe37fb9cee4fce65884d09b6dd0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.x-claim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 11 Feb 2022 08:30:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 11 Feb 2022 08:30:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 11 Feb 2022 08:30:51 GMT
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v13/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:100,300,300i,400,400i,500,500i,600,600i,700,700i|IBM+Plex+Sans+Condensed:400,600&display=swap%22%20rel=%22stylesheet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://cloud.hello.x-claim.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:43:39 GMT
x-content-type-options
nosniff
age
132433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18000
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:25 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:43:39 GMT
zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v13/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:100,300,300i,400,400i,500,500i,600,600i,700,700i|IBM+Plex+Sans+Condensed:400,600&display=swap%22%20rel=%22stylesheet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea18ca3fe3ae4d94d21bb36a2912258193fb4f257be81be3dabe0e3809a312e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://cloud.hello.x-claim.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:43:39 GMT
x-content-type-options
nosniff
age
132433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18232
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:00:08 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:43:39 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
http://cloud.hello.x-claim.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 08:30:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2550219
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIsSHX4J1q%2BfSyMZ9EzOP0f%2Bsv0CGj0wS7N%2F8TGaJluG3Xq7jOgGadLT3oxg5KKBYx8bjQmm19sYHNa8JYIxEoncQnWkkH%2Bq3J6ZDvLr9VIP1FQdhpF9MOhwp98PVdN%2B3MkaoO73Tva9c3YnLU9yV9sS"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6dbc37bc9cfd769d-LHR
expires
Wed, 01 Feb 2023 08:30:52 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| Rellax function| $ function| jQuery function| Popper object| bootstrap

1 Cookies

Domain/Path Name / Value
.www.x-claim.com/ Name: __cfruid
Value: 4f1488e699fc339bb75e0644d019fa0fc825861a-1644568249

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdn2.hubspot.net
cdnjs.cloudflare.com
click.hello.x-claim.com
cloud.hello.x-claim.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
www.x-claim.com
13.110.196.1
13.110.204.16
2606:2c40::c73c:67fe
2606:4700::6810:135e
2606:4700::6810:5714
2606:4700::6811:f4cc
2606:4700::6812:bcf
2a00:1450:4001:801::200a
2a00:1450:4001:808::2003
2a00:1450:4001:82f::200a
20819a2fc7f60138ca293099a91d44f05336fae6c793339366f3f350f4d26b5d
2ad979a02737146c041b4de1f474471365c3bc1729b660012c7b49fd5df0058f
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170
39d605746964470e2732c552058575daf9ff48678e5ed343247517602bae4ffb
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
b62cd3e9aea5c051e86fed748ee5eb04804cbe37fb9cee4fce65884d09b6dd0f
bd1bc0ff7736d67803263144ab4a96659b7b6a69e0fb57c86a4f54d3176b9ad4
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
d4fd17b93dc06b43c902c013cd58aeec361d691ec331d40c2d440ba43ed4eb9f
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
ea18ca3fe3ae4d94d21bb36a2912258193fb4f257be81be3dabe0e3809a312e5
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc9a0379bb70345e0c6e3c3b82f60cf02a3d64f526258f832ca8c43670a02091
fc9b46564ac46129178836c023603443d7006edb2cfa7ae14ab8b01b19fc7fd2
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2