urlscan.io logo urlscan.io
SecurityTrails logo

confirmsubscription.com Open in urlscan Pro
103.28.41.32  Private Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.anesthesiallcnews.com/CBLT/nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkik...
Effective URL: https://confirmsubscription.com/h/r/0DF377472F358BA8
Submission: On November 15 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 18 HTTP transactions. The main IP is 103.28.41.32, located in Australia and belongs to CAMPAIGNMONITOR-AS-GLOBAL CAMPAIGN MONITOR PTY LTD, AU. The main domain is confirmsubscription.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 5th 2019. Valid for: 2 years.
This is the only time confirmsubscription.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 148.59.128.65 33561 (GREENHOUS...)
1 148.59.128.120 33561 (GREENHOUS...)
1 2a00:1450:400... 15169 (GOOGLE)
1 68.168.244.9 33561 (GREENHOUS...)
1 103.28.41.32 55819 (CAMPAIGNM...)
1 13.225.78.97 16509 (AMAZON-02)
2 52.222.174.250 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
18 11
3    148.59.128.65 (Canada)

ASN33561 (GREENHOUSE-WY - Green House Data, Inc., US)
PTR: host3.CBDNShost.com
links.anesthesiallcnews.com
1    148.59.128.120 (Canada)

ASN33561 (GREENHOUSE-WY - Green House Data, Inc., US)
PTR: rdns1.rdnswebhost.com
software.clickback.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    68.168.244.9 (Laramie, United States)

ASN33561 (GREENHOUSE-WY - Green House Data, Inc., US)
PTR: cloud9.cbsend.net
nei.businessontrack.com
1    103.28.41.32 (Australia)

ASN55819 (CAMPAIGNMONITOR-AS-GLOBAL CAMPAIGN MONITOR PTY LTD, AU)
PTR: cmail2.com
confirmsubscription.com
1    13.225.78.97 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-97.fra2.r.cloudfront.net
css.createsend1.com
2    52.222.174.250 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-174-250.fra54.r.cloudfront.net
js.createsend1.com
img.createsend1.com
1    2a00:1450:4001:825::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
6    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
6 fonts.gstatic.com js.createsend1.com
3 links.anesthesiallcnews.com 1 redirects ajax.googleapis.com
1 www.gstatic.com www.google.com
1 img.createsend1.com confirmsubscription.com
1 fonts.googleapis.com js.createsend1.com
1 www.google.com confirmsubscription.com
1 js.createsend1.com confirmsubscription.com
1 css.createsend1.com confirmsubscription.com
1 confirmsubscription.com links.anesthesiallcnews.com
1 nei.businessontrack.com software.clickback.com
1 ajax.googleapis.com links.anesthesiallcnews.com
1 software.clickback.com links.anesthesiallcnews.com
18 12

This site contains no links.

Subject Issuer Validity Valid
*.googleapis.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
createsend1.com
DigiCert SHA2 Secure Server CA		 2019-08-05 -
2021-08-18		 2 years crt.sh
*.createsend1.com
DigiCert SHA2 Secure Server CA		 2019-02-25 -
2020-07-08		 a year crt.sh
www.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://confirmsubscription.com/h/r/0DF377472F358BA8
Frame ID: 47066C1A249C8F6117FEDFDC1AF54EA0
Requests: 17 HTTP requests in this frame

Frame: http://nei.businessontrack.com/Frame.html
Frame ID: 3D76A40A08D0D470CDAA757F9756B8D5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://links.anesthesiallcnews.com/CBLT/nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkik... HTTP 302
    http://links.anesthesiallcnews.com/external_pages/clickTracker.aspx?nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpk... Page URL
  2. https://confirmsubscription.com/h/r/0DF377472F358BA8 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

18
Requests

78 %
HTTPS

45 %
IPv6

8
Domains

12
Subdomains

11
IPs

4
Countries

353 kB
Transfer

759 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.anesthesiallcnews.com/CBLT/nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov HTTP 302
    http://links.anesthesiallcnews.com/external_pages/clickTracker.aspx?nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov Page URL
  2. https://confirmsubscription.com/h/r/0DF377472F358BA8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://links.anesthesiallcnews.com/CBLT/nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov HTTP 302
  • http://links.anesthesiallcnews.com/external_pages/clickTracker.aspx?nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
clickTracker.aspx
links.anesthesiallcnews.com/external_pages/
Redirect Chain
  • http://links.anesthesiallcnews.com/CBLT/nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov
  • http://links.anesthesiallcnews.com/external_pages/clickTracker.aspx?nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://links.anesthesiallcnews.com/external_pages/clickTracker.aspx?nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov
Protocol
HTTP/1.1
Server
148.59.128.65 , Canada, ASN33561 (GREENHOUSE-WY - Green House Data, Inc., US),
Reverse DNS
host3.CBDNShost.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4dc9150d52cae5628dfa370ba4ec52feaea7cbfa263379d1378e9bce58f2a3fc

Request headers

Host
links.anesthesiallcnews.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Cookie
ASPSESSIONIDQSBTQQRC=EHGHLAADMEFGEIIBJMAEEOCE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Access-Control-Allow-Headers
Authorization
Date
Fri, 15 Nov 2019 16:55:54 GMT
Content-Length
2581

Redirect headers

Cache-Control
private
Content-Type
text/html
Location
/external_pages/clickTracker.aspx?nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov
Server
Microsoft-IIS/10.0
Set-Cookie
ASPSESSIONIDQSBTQQRC=EHGHLAADMEFGEIIBJMAEEOCE; path=/
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Access-Control-Allow-Headers
Authorization
Date
Fri, 15 Nov 2019 16:55:53 GMT
Content-Length
257
CookieWriteJS.js
software.clickback.com/testing/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://software.clickback.com/testing/CookieWriteJS.js
Requested by
Host: links.anesthesiallcnews.com
URL: http://links.anesthesiallcnews.com/external_pages/clickTracker.aspx?nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov
Protocol
HTTP/1.1
Server
148.59.128.120 , Canada, ASN33561 (GREENHOUSE-WY - Green House Data, Inc., US),
Reverse DNS
rdns1.rdnswebhost.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
464796fd8b36a23cc18389718064d1a1f1332788c820162e76c61b83eecc9fe7

Request headers

Referer
http://links.anesthesiallcnews.com/external_pages/clickTracker.aspx?nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 Nov 2019 16:55:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Mar 2019 20:44:04 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"4acd5dabefd5d41:0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Authorization
Content-Length
855
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: links.anesthesiallcnews.com
URL: http://links.anesthesiallcnews.com/external_pages/clickTracker.aspx?nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://links.anesthesiallcnews.com/external_pages/clickTracker.aspx?nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 Nov 2019 15:57:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1213082
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Oct 2020 15:57:53 GMT
Frame.html
nei.businessontrack.com/ Frame 3D76 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://nei.businessontrack.com/Frame.html
Requested by
Host: software.clickback.com
URL: http://software.clickback.com/testing/CookieWriteJS.js
Protocol
HTTP/1.1
Server
68.168.244.9 Laramie, United States, ASN33561 (GREENHOUSE-WY - Green House Data, Inc., US),
Reverse DNS
cloud9.cbsend.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Host
nei.businessontrack.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://links.anesthesiallcnews.com/external_pages/clickTracker.aspx?nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://links.anesthesiallcnews.com/external_pages/clickTracker.aspx?nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 08 Oct 2019 14:00:48 GMT
Accept-Ranges
bytes
ETag
"1eae71c9e07dd51:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Date
Fri, 15 Nov 2019 16:55:54 GMT
Content-Length
929
UpdateGRT
links.anesthesiallcnews.com/external_pages/clicker.aspx/ 		10 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://links.anesthesiallcnews.com/external_pages/clicker.aspx/UpdateGRT
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Server
148.59.128.65 , Canada, ASN33561 (GREENHOUSE-WY - Green House Data, Inc., US),
Reverse DNS
host3.CBDNShost.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://links.anesthesiallcnews.com/external_pages/clickTracker.aspx?nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Fri, 15 Nov 2019 16:55:55 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization
Content-Length
30
Primary Request 0DF377472F358BA8
confirmsubscription.com/h/r/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://confirmsubscription.com/h/r/0DF377472F358BA8
Requested by
Host: links.anesthesiallcnews.com
URL: http://links.anesthesiallcnews.com/external_pages/clickTracker.aspx?nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.28.41.32 , Australia, ASN55819 (CAMPAIGNMONITOR-AS-GLOBAL CAMPAIGN MONITOR PTY LTD, AU),
Reverse DNS
cmail2.com
Software
csw /
Resource Hash
a1efa779419dcb3dab7b5b6e185b94caf018d50027ac89dafe350fe586b2ddac

Request headers

Host
confirmsubscription.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://links.anesthesiallcnews.com/external_pages/clickTracker.aspx?nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
http://links.anesthesiallcnews.com/external_pages/clickTracker.aspx?nijtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkkkokpknkmkhkojtkkkmknkikkkpkhjtkikjkpkpkhkikmjtkhjtkikpkqknknklov

Response headers

Server
csw
Vary
Accept-Encoding
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
P3P
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Date
Fri, 15 Nov 2019 16:55:57 GMT
Expires
-1
Pragma
no-cache
Transfer-Encoding
chunked
Connection
Keep-Alive
X-UA-Compatible
IE=edge
hosted-subscribe-form.min.css
css.createsend1.com/css/app/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.createsend1.com/css/app/hosted-subscribe-form.min.css?h=F50689C22019062720190801
Requested by
Host: confirmsubscription.com
URL: https://confirmsubscription.com/h/r/0DF377472F358BA8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.97 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
767a90103d4264e5d6f52bf73e65b4ef620422e571deffdfd36b98862567fdec

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://confirmsubscription.com/h/r/0DF377472F358BA8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 Nov 2019 23:46:56 GMT
content-encoding
gzip
x-amz-expiration
expiry-date="Thu, 13 Feb 2020 00:00:00 GMT", rule-id="assets-clean-up"
last-modified
Thu, 14 Nov 2019 23:33:14 GMT
server
AmazonS3
age
59546
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
xGd8BfRrz-qNpJUo29qfT2RO5boDbl0krijql_TI7PC9oHaBCoZKoA==
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
hostedsubscribeform.min.js
js.createsend1.com/js/compiled/app/contacts/hostedsubscribeform/ 		228 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.createsend1.com/js/compiled/app/contacts/hostedsubscribeform/hostedsubscribeform.min.js?h=3D88CC2B2019062720190801
Requested by
Host: confirmsubscription.com
URL: https://confirmsubscription.com/h/r/0DF377472F358BA8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.174.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-174-250.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25e708599ea39f5562d117291f4821f49ae302bb54204cd9b5f74651eeab6c23

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://confirmsubscription.com/h/r/0DF377472F358BA8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 Nov 2019 00:21:03 GMT
content-encoding
gzip
x-amz-expiration
expiry-date="Thu, 13 Feb 2020 00:00:00 GMT", rule-id="assets-clean-up"
last-modified
Thu, 14 Nov 2019 00:06:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA54
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
x-amz-cf-id
GNjGymBU49Bvq9K6p0nOZo14pVK1XrHBMiGtRp4gX1MDZ_HhiiOO7w==
via
1.1 e4a44efc4b3241dc23019df63a1f645c.cloudfront.net (CloudFront)
api.js
www.google.com/recaptcha/ 		729 B
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: confirmsubscription.com
URL: https://confirmsubscription.com/h/r/0DF377472F358BA8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
3211cd82ce26fec042b2543617d3138a366d470fa74ed56788c3b0956c9f9ffb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://confirmsubscription.com/h/r/0DF377472F358BA8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 Nov 2019 16:55:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
463
x-xss-protection
1; mode=block
expires
Fri, 15 Nov 2019 16:55:57 GMT
css
fonts.googleapis.com/ 		7 KB
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:900%7CLato:300%7CPlayfair+Display:700italic%7CMerriweather:700%7CCrete+Round%7CPT+Sans+Narrow:700&subset=latin,latin,latin,latin,latin,latin
Requested by
Host: js.createsend1.com
URL: https://js.createsend1.com/js/compiled/app/contacts/hostedsubscribeform/hostedsubscribeform.min.js?h=3D88CC2B2019062720190801
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
8457a3b629baace2f22ac956cd260a7037e69a9cafb35d9c83ed32e9c7f4c935
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://confirmsubscription.com/h/r/0DF377472F358BA8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 15 Nov 2019 16:55:57 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 15 Nov 2019 16:55:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 15 Nov 2019 16:55:57 GMT
ABC_Logo_CMYK_trans.png
img.createsend1.com/static/hsf/r/03/B2D/D7E/0DF377472F358BA8/headerImages/160128043851/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.createsend1.com/static/hsf/r/03/B2D/D7E/0DF377472F358BA8/headerImages/160128043851/ABC_Logo_CMYK_trans.png
Requested by
Host: confirmsubscription.com
URL: https://confirmsubscription.com/h/r/0DF377472F358BA8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.174.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-174-250.fra54.r.cloudfront.net
Software
csw /
Resource Hash
d97e1c8ec53f1709a596e99af3e6d0d525cdd3aed105bc5e0e69141d5c130753
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://confirmsubscription.com/h/r/0DF377472F358BA8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 Nov 2019 16:55:58 GMT
via
1.1 e4a44efc4b3241dc23019df63a1f645c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA54
x-cache
Miss from cloudfront
p3p
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status
200
content-length
69468
x-xss-protection
1;mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 27 Jan 2016 17:38:51 GMT
server
csw
etag
"c49af6952959d11:0"
content-type
image/png
cache-control
public,max-age=86400
accept-ranges
bytes
x-amz-cf-id
i8GWHLAP3MST5AsY6joxRYarS9kmDaAnu1NooCvip5HQT0h29bovUQ==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/ 		254 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3b6f51d30b4b20b9e7b3da75b5c14a51ce39ec203b9fa37e043f097272d5540e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://confirmsubscription.com/h/r/0DF377472F358BA8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 Nov 2019 18:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Nov 2019 05:06:47 GMT
server
sffe
age
340072
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
92852
x-xss-protection
0
expires
Tue, 10 Nov 2020 18:28:05 GMT
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: js.createsend1.com
URL: https://js.createsend1.com/js/compiled/app/contacts/hostedsubscribeform/hostedsubscribeform.min.js?h=3D88CC2B2019062720190801
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:900%7CLato:300%7CPlayfair+Display:700italic%7CMerriweather:700%7CCrete+Round%7CPT+Sans+Narrow:700&subset=latin,latin,latin,latin,latin,latin
Origin
https://confirmsubscription.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 30 Oct 2019 07:38:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:45 GMT
server
sffe
age
1415841
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13732
x-xss-protection
0
expires
Thu, 29 Oct 2020 07:38:36 GMT
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
Requested by
Host: js.createsend1.com
URL: https://js.createsend1.com/js/compiled/app/contacts/hostedsubscribeform/hostedsubscribeform.min.js?h=3D88CC2B2019062720190801
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:900%7CLato:300%7CPlayfair+Display:700italic%7CMerriweather:700%7CCrete+Round%7CPT+Sans+Narrow:700&subset=latin,latin,latin,latin,latin,latin
Origin
https://confirmsubscription.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 06:56:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:39 GMT
server
sffe
age
1331983
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13912
x-xss-protection
0
expires
Fri, 30 Oct 2020 06:56:14 GMT
nuFnD-vYSZviVYUb_rj3ij__anPXDTngOWwu5DRmFqWF_g.woff2
fonts.gstatic.com/s/playfairdisplay/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v15/nuFnD-vYSZviVYUb_rj3ij__anPXDTngOWwu5DRmFqWF_g.woff2
Requested by
Host: js.createsend1.com
URL: https://js.createsend1.com/js/compiled/app/contacts/hostedsubscribeform/hostedsubscribeform.min.js?h=3D88CC2B2019062720190801
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e2be813bec4a67796810e86b2a142715737087305129dc6f6a88385e1f427b55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:900%7CLato:300%7CPlayfair+Display:700italic%7CMerriweather:700%7CCrete+Round%7CPT+Sans+Narrow:700&subset=latin,latin,latin,latin,latin,latin
Origin
https://confirmsubscription.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 Nov 2019 21:34:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:23:49 GMT
server
sffe
age
1192872
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19072
x-xss-protection
0
expires
Sat, 31 Oct 2020 21:34:45 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v21/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v21/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
Requested by
Host: js.createsend1.com
URL: https://js.createsend1.com/js/compiled/app/contacts/hostedsubscribeform/hostedsubscribeform.min.js?h=3D88CC2B2019062720190801
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:900%7CLato:300%7CPlayfair+Display:700italic%7CMerriweather:700%7CCrete+Round%7CPT+Sans+Narrow:700&subset=latin,latin,latin,latin,latin,latin
Origin
https://confirmsubscription.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 11:08:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:18:58 GMT
server
sffe
age
280032
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12192
x-xss-protection
0
expires
Wed, 11 Nov 2020 11:08:45 GMT
55xoey1sJNPjPiv1ZZZrxK170b3iKWxM.woff2
fonts.gstatic.com/s/creteround/v8/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/creteround/v8/55xoey1sJNPjPiv1ZZZrxK170b3iKWxM.woff2
Requested by
Host: js.createsend1.com
URL: https://js.createsend1.com/js/compiled/app/contacts/hostedsubscribeform/hostedsubscribeform.min.js?h=3D88CC2B2019062720190801
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
87fe6a52cfab7a10b558cee56a97769c66eebf68b7052d317bb360089d49f0d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:900%7CLato:300%7CPlayfair+Display:700italic%7CMerriweather:700%7CCrete+Round%7CPT+Sans+Narrow:700&subset=latin,latin,latin,latin,latin,latin
Origin
https://confirmsubscription.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 07:02:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Jul 2019 00:03:42 GMT
server
sffe
age
1331583
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11512
x-xss-protection
0
expires
Fri, 30 Oct 2020 07:02:54 GMT
BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_3CRs-2.woff2
fonts.gstatic.com/s/ptsansnarrow/v11/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsansnarrow/v11/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_3CRs-2.woff2
Requested by
Host: js.createsend1.com
URL: https://js.createsend1.com/js/compiled/app/contacts/hostedsubscribeform/hostedsubscribeform.min.js?h=3D88CC2B2019062720190801
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
56aad63cd4ceef659e3293c2d11e01b32143afe3619e4f2fe2dcec4d8d85676b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:900%7CLato:300%7CPlayfair+Display:700italic%7CMerriweather:700%7CCrete+Round%7CPT+Sans+Narrow:700&subset=latin,latin,latin,latin,latin,latin
Origin
https://confirmsubscription.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 11:09:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:21:35 GMT
server
sffe
age
280016
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11452
x-xss-protection
0
expires
Wed, 11 Nov 2020 11:09:01 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| regeneratorRuntime object| CS function| $ object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
confirmsubscription.com
css.createsend1.com
fonts.googleapis.com
fonts.gstatic.com
img.createsend1.com
js.createsend1.com
links.anesthesiallcnews.com
nei.businessontrack.com
software.clickback.com
www.google.com
www.gstatic.com
103.28.41.32
13.225.78.97
148.59.128.120
148.59.128.65
2a00:1450:4001:809::200a
2a00:1450:4001:818::2003
2a00:1450:4001:821::2003
2a00:1450:4001:824::200a
2a00:1450:4001:825::2004
52.222.174.250
68.168.244.9
25e708599ea39f5562d117291f4821f49ae302bb54204cd9b5f74651eeab6c23
3211cd82ce26fec042b2543617d3138a366d470fa74ed56788c3b0956c9f9ffb
3b6f51d30b4b20b9e7b3da75b5c14a51ce39ec203b9fa37e043f097272d5540e
464796fd8b36a23cc18389718064d1a1f1332788c820162e76c61b83eecc9fe7
4dc9150d52cae5628dfa370ba4ec52feaea7cbfa263379d1378e9bce58f2a3fc
56aad63cd4ceef659e3293c2d11e01b32143afe3619e4f2fe2dcec4d8d85676b
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
767a90103d4264e5d6f52bf73e65b4ef620422e571deffdfd36b98862567fdec
8457a3b629baace2f22ac956cd260a7037e69a9cafb35d9c83ed32e9c7f4c935
87fe6a52cfab7a10b558cee56a97769c66eebf68b7052d317bb360089d49f0d7
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
a1efa779419dcb3dab7b5b6e185b94caf018d50027ac89dafe350fe586b2ddac
b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b
d97e1c8ec53f1709a596e99af3e6d0d525cdd3aed105bc5e0e69141d5c130753
e2be813bec4a67796810e86b2a142715737087305129dc6f6a88385e1f427b55