urlscan.io logo urlscan.io
SecurityTrails logo

charmalotconference.com Open in urlscan Pro
136.143.190.159  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://r20.cisend48.com/go/1/4a43728796c5257ea6473c7b9fa19141/24379/ecd6ef5021215fd6/cf7c8e17d86784bba6473c7b9fa19141/24...
Effective URL: http://charmalotconference.com/
Submission: On September 18 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 13 domains to perform 23 HTTP transactions. The main IP is 136.143.190.159, located in United States and belongs to ZOHO-AS - ZOHO, US. The main domain is charmalotconference.com.
This is the only time charmalotconference.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 199.167.225.41 174 (COGENT-174)
1 2 34.199.247.55 14618 (AMAZON-AES)
4 136.143.190.159 2639 (ZOHO-AS)
1 136.143.190.245 2639 (ZOHO-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 136.143.190.244 2639 (ZOHO-AS)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
23 12
1    199.167.225.41 (United States)

ASN174 (COGENT-174 - Cogent Communications, US)
PTR: portal.cisend.com
r20.cisend48.com
2    34.199.247.55 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-199-247-55.compute-1.amazonaws.com
www.rsleads.com
4    136.143.190.159 (United States)

ASN2639 (ZOHO-AS - ZOHO, US)
charmalotconference.com
1    136.143.190.245 (United States)

ASN2639 (ZOHO-AS - ZOHO, US)
www.charmhealth.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    136.143.190.244 (United States)

ASN2639 (ZOHO-AS - ZOHO, US)
ehr2.charmtracker.com
2    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
6    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    172.217.23.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
Domain Requested by
6 fonts.gstatic.com charmalotconference.com
4 charmalotconference.com www.rsleads.com
charmalotconference.com
2 www.google-analytics.com charmalotconference.com
2 www.google.com charmalotconference.com
2 fonts.googleapis.com charmalotconference.com
2 www.rsleads.com 1 redirects
1 www.google.de charmalotconference.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 ehr2.charmtracker.com charmalotconference.com
1 www.googletagmanager.com charmalotconference.com
1 www.charmhealth.com charmalotconference.com
1 r20.cisend48.com 1 redirects
23 13

This site contains links to these domains. Also see Links.

Domain
www.marriott.com
www.google.com
twitter.com
www.facebook.com
Subject Issuer Validity Valid
www.charmphr.com
Sectigo RSA Domain Validation Secure Server CA		 2019-08-23 -
2021-08-22		 2 years crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.charmtracker.com
Thawte RSA CA 2018		 2018-08-27 -
2020-09-25		 2 years crt.sh
www.google.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://charmalotconference.com/
Frame ID: 308240FE1FD28B5268016BAF9A4BC8B6
Requests: 21 HTTP requests in this frame

Frame: https://ehr2.charmtracker.com/eventpayment.sas
Frame ID: 06D272C91C491B0B423794C15D7D9646
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d85418.08540845875!2d-110.9310523070475!3d32.28891613545994!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x86d67263430b99bd%3A0x51cf2c190c1bd5f7!2sThe%20Westin%20La%20Paloma%20Resort%20%26%20Spa!5e0!3m2!1sen!2sin!4v1566889025780!5m2!1sen!2sin
Frame ID: F1C87048BF44C203220D51CDE36059FB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://r20.cisend48.com/go/1/4a43728796c5257ea6473c7b9fa19141/24379/ecd6ef5021215fd6/cf7c8e17d86784b... HTTP 302
    http://www.rsleads.com/909ht-905 HTTP 302
    http://www.rsleads.com/cgi-bin/rservice/redirect_2.asp?ID=909ht-905 Page URL
  2. http://charmalotconference.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

23
Requests

70 %
HTTPS

54 %
IPv6

13
Domains

13
Subdomains

12
IPs

2
Countries

421 kB
Transfer

652 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://r20.cisend48.com/go/1/4a43728796c5257ea6473c7b9fa19141/24379/ecd6ef5021215fd6/cf7c8e17d86784bba6473c7b9fa19141/24379&amp HTTP 302
    http://www.rsleads.com/909ht-905 HTTP 302
    http://www.rsleads.com/cgi-bin/rservice/redirect_2.asp?ID=909ht-905 Page URL
  2. http://charmalotconference.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://r20.cisend48.com/go/1/4a43728796c5257ea6473c7b9fa19141/24379/ecd6ef5021215fd6/cf7c8e17d86784bba6473c7b9fa19141/24379&amp HTTP 302
  • http://www.rsleads.com/909ht-905 HTTP 302
  • http://www.rsleads.com/cgi-bin/rservice/redirect_2.asp?ID=909ht-905
Request Chain 16
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 18
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&a=1977776106&t=pageview&_s=1&dl=http%3A%2F%2Fcharmalotconference.com%2F&dr=http%3A%2F%2Fwww.rsleads.com%2Fcgi-bin%2Frservice%2Fredirect_2.asp%3FID%3D909ht-905&ul=en-us&de=UTF-8&dt=ChARMALOT%202019%20-%20ChARM%20Health%20Annual%20International%20User%20Conference&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=673175873&gjid=1297819937&cid=2043539056.1568830858&tid=UA-84200831-1&_gid=2039194401.1568830858&_r=1&gtm=2wg9b0K3CSP8&z=1358865971 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1977776106&t=pageview&_s=1&dl=http%3A%2F%2Fcharmalotconference.com%2F&dr=http%3A%2F%2Fwww.rsleads.com%2Fcgi-bin%2Frservice%2Fredirect_2.asp%3FID%3D909ht-905&ul=en-us&de=UTF-8&dt=ChARMALOT%202019%20-%20ChARM%20Health%20Annual%20International%20User%20Conference&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=673175873&gjid=1297819937&cid=2043539056.1568830858&tid=UA-84200831-1&_gid=2039194401.1568830858&_r=1&gtm=2wg9b0K3CSP8&z=1358865971

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
redirect_2.asp
www.rsleads.com/cgi-bin/rservice/
Redirect Chain
  • http://r20.cisend48.com/go/1/4a43728796c5257ea6473c7b9fa19141/24379/ecd6ef5021215fd6/cf7c8e17d86784bba6473c7b9fa19141/24379&amp
  • http://www.rsleads.com/909ht-905
  • http://www.rsleads.com/cgi-bin/rservice/redirect_2.asp?ID=909ht-905
111 B
433 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.rsleads.com/cgi-bin/rservice/redirect_2.asp?ID=909ht-905
Protocol
HTTP/1.1
Server
34.199.247.55 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-199-247-55.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a4bd583eb6dcdeec7adbeb86847f7a82c0ff8298a71fd8bfc6a2020aaedbf1bb

Request headers

Host
www.rsleads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Cookie
ASPSESSIONIDSCDQTCQQ=HEDJHGMAMEDKHHMIDDCJIECL
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Date
Wed, 18 Sep 2019 18:20:44 GMT
Connection
close

Redirect headers

Cache-Control
private
Content-Length
188
Content-Type
text/html
Location
http://www.rsleads.com/cgi-bin/rservice/redirect_2.asp?ID=909ht-905
Server
Microsoft-IIS/8.5
Set-Cookie
ASPSESSIONIDSCDQTCQQ=HEDJHGMAMEDKHHMIDDCJIECL; path=/
X-Powered-By
ASP.NET
Date
Wed, 18 Sep 2019 18:20:44 GMT
Primary Request /
charmalotconference.com/ 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://charmalotconference.com/
Requested by
Host: www.rsleads.com
URL: http://www.rsleads.com/cgi-bin/rservice/redirect_2.asp?ID=909ht-905
Protocol
HTTP/1.1
Server
136.143.190.159 , United States, ASN2639 (ZOHO-AS - ZOHO, US),
Reverse DNS
Software
ZGS /
Resource Hash
e239d106943eebca8e2141334241d582bb3a1ef59f1b4e103255e63fed52a3f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Host
charmalotconference.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://www.rsleads.com/cgi-bin/rservice/redirect_2.asp?ID=909ht-905
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.rsleads.com/cgi-bin/rservice/redirect_2.asp?ID=909ht-905

Response headers

Server
ZGS
Date
Wed, 18 Sep 2019 18:20:56 GMT
Content-Type
text/html
Last-Modified
Tue, 17 Sep 2019 06:40:42 GMT
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5d807fea-5aa3"
Cache-Control
public
X-Content-Type-Options
nosniff
Content-Encoding
gzip
charmalot.css
charmalotconference.com/2018/css/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://charmalotconference.com/2018/css/charmalot.css
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
HTTP/1.1
Server
136.143.190.159 , United States, ASN2639 (ZOHO-AS - ZOHO, US),
Reverse DNS
Software
ZGS /
Resource Hash
c19a6e8a78ad5edb8bf749b2015c4847f693c08fdfe17c1a6acc41e94451488b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://charmalotconference.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 18:20:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05 Sep 2018 12:54:25 GMT
Server
ZGS
ETag
"5b8fd201-1809"
Content-Type
text/css
Cache-Control
public
Connection
keep-alive
Content-Length
6153
me-jquery.js
www.charmhealth.com/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.charmhealth.com/js/me-jquery.js
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.143.190.245 , United States, ASN2639 (ZOHO-AS - ZOHO, US),
Reverse DNS
Software
ZGS /
Resource Hash
22028831625c763a381c8afb4a1d8e358640ce8dd37fbb8597b7251091540d42
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://charmalotconference.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 18:20:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Feb 2015 06:18:46 GMT
Server
ZGS
ETag
"54d30b46-8261"
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
33377
Expires
Wed, 18 Sep 2019 18:20:56 GMT
css
fonts.googleapis.com/ 		15 KB
890 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
813c0b68e591cd70aa06dae65dbc5b4d309656ffb936e711e2333673584f3f8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://charmalotconference.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 18 Sep 2019 18:20:56 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 18 Sep 2019 18:20:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Wed, 18 Sep 2019 18:20:56 GMT
css
fonts.googleapis.com/ 		34 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
2bc145d0975da5e2963e8398c481060bb79c97fc25bf7e501f46e7750a500d64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://charmalotconference.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 18 Sep 2019 18:20:56 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 18 Sep 2019 18:20:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Wed, 18 Sep 2019 18:20:56 GMT
gtm.js
www.googletagmanager.com/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagmanager.com/gtm.js?id=GTM-K3CSP8
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4bb5af28db62c565b04e0a84120810bde221c91b1cb621a6a39b1cba81dca3d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://charmalotconference.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 18:20:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Sep 2019 18:00:00 GMT
Server
Google Tag Manager
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
http://www.googletagmanager.com
Cache-Control
private, max-age=900
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
Content-Length
26035
X-XSS-Protection
0
Expires
Wed, 18 Sep 2019 18:20:57 GMT
Cookie set eventpayment.sas
ehr2.charmtracker.com/ Frame 06D2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ehr2.charmtracker.com/eventpayment.sas
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.190.244 , United States, ASN2639 (ZOHO-AS - ZOHO, US),
Reverse DNS
Software
ZGS /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Host
ehr2.charmtracker.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://charmalotconference.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://charmalotconference.com/

Response headers

Server
ZGS
Date
Wed, 18 Sep 2019 18:20:58 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
24fd7b37c3=575992d035d7f3fa0d6254c8c51f598a; Path=/ iamcsr=c3671a08-a3cf-42aa-8c2e-f98585f10b03;path=/;Secure;priority=high JSESSIONID=468ACD28938AD489BFD42D2E4551E526; Path=/; HttpOnly
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-XSS-Protection
1;mode=block
Pragma
no-cache, no-store
Cache-Control
no-cache, no-store
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15768000
embed
www.google.com/maps/ Frame F1C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d85418.08540845875!2d-110.9310523070475!3d32.28891613545994!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x86d67263430b99bd%3A0x51cf2c190c1bd5f7!2sThe%20Westin%20La%20Paloma%20Resort%20%26%20Spa!5e0!3m2!1sen!2sin!4v1566889025780!5m2!1sen!2sin
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
mafe /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/maps/embed?pb=!1m18!1m12!1m3!1d85418.08540845875!2d-110.9310523070475!3d32.28891613545994!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x86d67263430b99bd%3A0x51cf2c190c1bd5f7!2sThe%20Westin%20La%20Paloma%20Resort%20%26%20Spa!5e0!3m2!1sen!2sin!4v1566889025780!5m2!1sen!2sin
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://charmalotconference.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://charmalotconference.com/

Response headers

status
200
content-type
text/html; charset=UTF-8
date
Wed, 18 Sep 2019 18:20:57 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
vary
Accept-Language
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding
gzip
server
mafe
content-length
1592
x-xss-protection
0
server-timing
gfet4t7; dur=151
set-cookie
NID=188=PPy64N0GYiEfZUWoVbB-6oCxS0m-VvZpovKKk5bVaazhh9OlVuw0BDqGC1KlSP6n14QAmoFqiVH0T0gWjyLDyLfRU0DjdmMqPDqHs1fr-YGVUx8iyd9l4slGIP8MOfWFVd2-UAj7lOSekV_LuyyHHPEFaR2VyQqhQHbRZhneC2E; expires=Thu, 19-Mar-2020 18:20:57 GMT; path=/; domain=.google.com; HttpOnly
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
charmalot-norepeat.png
charmalotconference.com/2018/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://charmalotconference.com/2018/images/charmalot-norepeat.png
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
HTTP/1.1
Server
136.143.190.159 , United States, ASN2639 (ZOHO-AS - ZOHO, US),
Reverse DNS
Software
ZGS /
Resource Hash
eb3f59e531e5ba41fd25693e8e877de99483bbc8306d01c0f30c6e0cb6142b51
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://charmalotconference.com/2018/css/charmalot.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 18:20:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 28 Jul 2018 04:11:11 GMT
Server
ZGS
ETag
"5b5becdf-3676"
Content-Type
image/png
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13942
banner.jpg
charmalotconference.com/2019/images/ 		234 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://charmalotconference.com/2019/images/banner.jpg
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
HTTP/1.1
Server
136.143.190.159 , United States, ASN2639 (ZOHO-AS - ZOHO, US),
Reverse DNS
Software
ZGS /
Resource Hash
4254e718ae5e69fde14d355830de1e56a2e476c6abf08699d272e3dc5812fff0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://charmalotconference.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 18:20:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 30 Aug 2019 09:13:18 GMT
Server
ZGS
ETag
"5d68e8ae-3a708"
Content-Type
image/jpeg
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
239368
7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v16/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v16/7Auwp_0qiz-afTLGLQjUwkQ.woff2
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
559a79dfc55855934e68eae72c755fb1e381e5628cbf2928354ccb871e79beb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Muli:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Origin
http://charmalotconference.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 14:12:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:23:05 GMT
server
sffe
age
2002106
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11528
x-xss-protection
0
expires
Tue, 25 Aug 2020 14:12:31 GMT
7Au_p_0qiz-adZXgOCX2z24PMFk.woff2
fonts.gstatic.com/s/muli/v16/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v16/7Au_p_0qiz-adZXgOCX2z24PMFk.woff2
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5db60688d7385f16ff4dee512e107cdd9ac5c45677d6a568f1fe5146f125b8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Muli:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Origin
http://charmalotconference.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 21 Aug 2019 21:16:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:24:11 GMT
server
sffe
age
2408683
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11444
x-xss-protection
0
expires
Thu, 20 Aug 2020 21:16:14 GMT
7Au_p_0qiz-adZnkOCX2z24PMFk.woff2
fonts.gstatic.com/s/muli/v16/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v16/7Au_p_0qiz-adZnkOCX2z24PMFk.woff2
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c9efd7fc7c05338def25dbdf68063a4efe9d34dd3bc854fae26cff90fbeef9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Muli:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Origin
http://charmalotconference.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 10:31:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:22:26 GMT
server
sffe
age
2274577
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11484
x-xss-protection
0
expires
Sat, 22 Aug 2020 10:31:20 GMT
7Au_p_0qiz-adYnjOCX2z24PMFk.woff2
fonts.gstatic.com/s/muli/v16/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v16/7Au_p_0qiz-adYnjOCX2z24PMFk.woff2
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ecdc1a24a0a56f42da0ee128d4c2e35235ef86acfbf98aab933aeb9cc5813bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Muli:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Origin
http://charmalotconference.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Sep 2019 05:08:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:49 GMT
server
sffe
age
47568
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11596
x-xss-protection
0
expires
Thu, 17 Sep 2020 05:08:09 GMT
7Au_p_0qiz-ade3iOCX2z24PMFk.woff2
fonts.gstatic.com/s/muli/v16/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v16/7Au_p_0qiz-ade3iOCX2z24PMFk.woff2
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bbf725af901c16b2cae1d7975ef1d333a8ccccf2bea304aa738ff26640b42d30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Muli:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Origin
http://charmalotconference.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 25 Aug 2019 08:21:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:52 GMT
server
sffe
age
2109592
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11552
x-xss-protection
0
expires
Mon, 24 Aug 2020 08:21:05 GMT
7Au-p_0qiz-afTf2LwLT4EYFOA.woff2
fonts.gstatic.com/s/muli/v16/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v16/7Au-p_0qiz-afTf2LwLT4EYFOA.woff2
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
16f988a884f9530acf9635eeccdf0acd23effc456a78024c3c6da95597d4ff38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Muli:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Origin
http://charmalotconference.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 10:41:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:23:38 GMT
server
sffe
age
2273968
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
12004
x-xss-protection
0
expires
Sat, 22 Aug 2020 10:41:29 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://charmalotconference.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5844
date
Wed, 18 Sep 2019 16:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Wed, 18 Sep 2019 18:43:33 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
conversion_async.js
www.googleadservices.com/pagead/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-K3CSP8
Protocol
HTTP/1.1
Server
172.217.23.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
f871ea640b390fb63955568f537fe736c5fd9d12600eaff29990183ed3d17712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://charmalotconference.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 18 Sep 2019 18:20:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
5022999136154715131
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
9149
X-XSS-Protection
0
Expires
Wed, 18 Sep 2019 18:20:57 GMT
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&a=1977776106&t=pageview&_s=1&dl=http%3A%2F%2Fcharmalotconference.com%2F&dr=http%3A%2F%2Fwww.rsleads.com%2Fcgi-bin%2Frservice%2Fredirect_2.asp%3F...
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1977776106&t=pageview&_s=1&dl=http%3A%2F%2Fcharmalotconference.com%2F&dr=http%3A%2F%2Fwww.rsleads.com%2Fcgi-bin%2Frservice%2Fredirect_2.asp%3...
35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1977776106&t=pageview&_s=1&dl=http%3A%2F%2Fcharmalotconference.com%2F&dr=http%3A%2F%2Fwww.rsleads.com%2Fcgi-bin%2Frservice%2Fredirect_2.asp%3FID%3D909ht-905&ul=en-us&de=UTF-8&dt=ChARMALOT%202019%20-%20ChARM%20Health%20Annual%20International%20User%20Conference&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=673175873&gjid=1297819937&cid=2043539056.1568830858&tid=UA-84200831-1&_gid=2039194401.1568830858&_r=1&gtm=2wg9b0K3CSP8&z=1358865971
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://charmalotconference.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 18:20:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1977776106&t=pageview&_s=1&dl=http%3A%2F%2Fcharmalotconference.com%2F&dr=http%3A%2F%2Fwww.rsleads.com%2Fcgi-bin%2Frservice%2Fredirect_2.asp%3FID%3D909ht-905&ul=en-us&de=UTF-8&dt=ChARMALOT%202019%20-%20ChARM%20Health%20Annual%20International%20User%20Conference&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=673175873&gjid=1297819937&cid=2043539056.1568830858&tid=UA-84200831-1&_gid=2039194401.1568830858&_r=1&gtm=2wg9b0K3CSP8&z=1358865971
Non-Authoritative-Reason
HSTS
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/874602302/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/874602302/?random=1568830857745&cv=9&fst=1568830857745&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9b0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fcharmalotconference.com%2F&ref=http%3A%2F%2Fwww.rsleads.com%2Fcgi-bin%2Frservice%2Fredirect_2.asp%3FID%3D909ht-905&tiba=ChARMALOT%202019%20-%20ChARM%20Health%20Annual%20International%20User%20Conference&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ca9b78fc3c19f6ce3ecc9b235216f128b1c58af7e72cb37702d62f55e3ee9361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://charmalotconference.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 18:20:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
1016
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/874602302/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/874602302/?random=1568830857745&cv=9&fst=1568829600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9b0&sendb=1&frm=0&url=http%3A%2F%2Fcharmalotconference.com%2F&ref=http%3A%2F%2Fwww.rsleads.com%2Fcgi-bin%2Frservice%2Fredirect_2.asp%3FID%3D909ht-905&tiba=ChARMALOT%202019%20-%20ChARM%20Health%20Annual%20International%20User%20Conference&async=1&fmt=3&is_vtc=1&random=2046507001&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://charmalotconference.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 18:20:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/874602302/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/874602302/?random=1568830857745&cv=9&fst=1568829600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9b0&sendb=1&frm=0&url=http%3A%2F%2Fcharmalotconference.com%2F&ref=http%3A%2F%2Fwww.rsleads.com%2Fcgi-bin%2Frservice%2Fredirect_2.asp%3FID%3D909ht-905&tiba=ChARMALOT%202019%20-%20ChARM%20Health%20Annual%20International%20User%20Conference&async=1&fmt=3&is_vtc=1&random=2046507001&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: charmalotconference.com
URL: http://charmalotconference.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://charmalotconference.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2019 18:20:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| dataLayer number| wid number| scrollValue object| jQuery19107628030857026546 function| playVideo function| videoClosepopup number| target_date number| days number| hours number| minutes number| seconds object| countdown object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

7 Cookies

Domain/Path Name / Value
ehr2.charmtracker.com/ Name: JSESSIONID
Value: 468ACD28938AD489BFD42D2E4551E526
.google.com/ Name: NID
Value: 188=PPy64N0GYiEfZUWoVbB-6oCxS0m-VvZpovKKk5bVaazhh9OlVuw0BDqGC1KlSP6n14QAmoFqiVH0T0gWjyLDyLfRU0DjdmMqPDqHs1fr-YGVUx8iyd9l4slGIP8MOfWFVd2-UAj7lOSekV_LuyyHHPEFaR2VyQqhQHbRZhneC2E
.charmalotconference.com/ Name: _gat_UA-84200831-1
Value: 1
ehr2.charmtracker.com/ Name: iamcsr
Value: c3671a08-a3cf-42aa-8c2e-f98585f10b03
.charmalotconference.com/ Name: _ga
Value: GA1.2.2043539056.1568830858
ehr2.charmtracker.com/ Name: 24fd7b37c3
Value: 575992d035d7f3fa0d6254c8c51f598a
.charmalotconference.com/ Name: _gid
Value: GA1.2.2039194401.1568830858

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

charmalotconference.com
ehr2.charmtracker.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
r20.cisend48.com
www.charmhealth.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.rsleads.com
136.143.190.159
136.143.190.244
136.143.190.245
172.217.23.130
199.167.225.41
2a00:1450:4001:809::200a
2a00:1450:4001:819::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:81e::2003
2a00:1450:4001:820::2008
2a00:1450:4001:825::200e
34.199.247.55
16f988a884f9530acf9635eeccdf0acd23effc456a78024c3c6da95597d4ff38
22028831625c763a381c8afb4a1d8e358640ce8dd37fbb8597b7251091540d42
2bc145d0975da5e2963e8398c481060bb79c97fc25bf7e501f46e7750a500d64
4254e718ae5e69fde14d355830de1e56a2e476c6abf08699d272e3dc5812fff0
559a79dfc55855934e68eae72c755fb1e381e5628cbf2928354ccb871e79beb9
5db60688d7385f16ff4dee512e107cdd9ac5c45677d6a568f1fe5146f125b8d3
813c0b68e591cd70aa06dae65dbc5b4d309656ffb936e711e2333673584f3f8c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a4bb5af28db62c565b04e0a84120810bde221c91b1cb621a6a39b1cba81dca3d
a4bd583eb6dcdeec7adbeb86847f7a82c0ff8298a71fd8bfc6a2020aaedbf1bb
bbf725af901c16b2cae1d7975ef1d333a8ccccf2bea304aa738ff26640b42d30
c19a6e8a78ad5edb8bf749b2015c4847f693c08fdfe17c1a6acc41e94451488b
c9efd7fc7c05338def25dbdf68063a4efe9d34dd3bc854fae26cff90fbeef9e0
ca9b78fc3c19f6ce3ecc9b235216f128b1c58af7e72cb37702d62f55e3ee9361
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e239d106943eebca8e2141334241d582bb3a1ef59f1b4e103255e63fed52a3f2
eb3f59e531e5ba41fd25693e8e877de99483bbc8306d01c0f30c6e0cb6142b51
ecdc1a24a0a56f42da0ee128d4c2e35235ef86acfbf98aab933aeb9cc5813bed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f871ea640b390fb63955568f537fe736c5fd9d12600eaff29990183ed3d17712