urlscan.io logo urlscan.io
SecurityTrails logo

publichealthinsurance.xyz Open in urlscan Pro
104.243.38.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://btafefwetpwc.kyto.pw/
Effective URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Submission: On April 07 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 14 domains to perform 46 HTTP transactions. The main IP is 104.243.38.20, located in Miami, United States and belongs to RELIABLESITE, US. The main domain is publichealthinsurance.xyz.
This is the only time publichealthinsurance.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    104.243.38.22 (Miami, United States)

ASN23470 (RELIABLESITE, US)
btafefwetpwc.kyto.pw
15    104.243.38.20 (Miami, United States)

ASN23470 (RELIABLESITE, US)
publichealthinsurance.xyz
3    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
tpc.googlesyndication.com
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    104.22.52.65 (United States)

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
8    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
www.googletagservices.com
3    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    192.99.8.34 (Richmond Hill, Canada)

ASN16276 (OVH, FR)
PTR: ns501383.ip-192-99-8.net
s4.histats.com
Domain Requested by
15 publichealthinsurance.xyz publichealthinsurance.xyz
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 fonts.gstatic.com publichealthinsurance.xyz
4 pagead2.googlesyndication.com publichealthinsurance.xyz
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 apis.google.com publichealthinsurance.xyz
apis.google.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 fonts.googleapis.com publichealthinsurance.xyz
1 s4.histats.com s10.histats.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 c.statcounter.com www.statcounter.com
1 s10.histats.com publichealthinsurance.xyz
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.google.de publichealthinsurance.xyz
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.statcounter.com publichealthinsurance.xyz
1 ajax.googleapis.com publichealthinsurance.xyz
1 www.googletagmanager.com publichealthinsurance.xyz
1 cdn.ampproject.org publichealthinsurance.xyz
1 btafefwetpwc.kyto.pw 1 redirects
46 22

This site contains no links.

Subject Issuer Validity Valid
misc-sni.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-22 -
2020-10-29		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.apis.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Frame ID: DBF7353F971FC264A06682C883731345
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200402/r20190131/zrt_lookup.html
Frame ID: C1A53977D95C145558326D44D42E90B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3181373112926235&output=html&h=600&slotname=4253165815&adk=1156750509&adf=2725398064&w=180&fwrn=4&fwrnh=100&lmt=1586252825&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=180x600&url=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fbtafefwetpwc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1586252825595&bpp=31&bdt=525&fdt=102&idt=102&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5078595498267&frm=20&pv=2&ga_vid=129510083.1586252826&ga_sid=1586252826&ga_hid=389777239&ga_fc=0&iag=0&icsg=34402643964&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=258&ady=405&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291%2C44713363&oid=3&pvsid=3703353915227769&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=3khAdMvWTZ&p=http%3A//publichealthinsurance.xyz&dtd=116
Frame ID: F8E21FCFDBD5DBEA85B1B069ADF3443C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3181373112926235&output=html&h=280&slotname=4253165815&adk=588490216&adf=4269680274&w=460&fwrn=4&fwrnh=100&lmt=1586252825&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=460x280&url=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fbtafefwetpwc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586252825626&bpp=6&bdt=556&fdt=110&idt=110&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=180x600&correlator=5078595498267&frm=20&pv=1&ga_vid=129510083.1586252826&ga_sid=1586252826&ga_hid=389777239&ga_fc=0&iag=0&icsg=584158457852&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=478&ady=338&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291%2C44713363&oid=3&pvsid=3703353915227769&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=2&uci=a!2&fsb=1&xpc=3Er58cvbEt&p=http%3A//publichealthinsurance.xyz&dtd=113
Frame ID: 9ACDE829A406A2B5CE56A808689A5B15
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3181373112926235&output=html&h=280&slotname=4253165815&adk=3508490640&adf=2555147040&w=336&fwrn=4&fwrnh=100&lmt=1586252825&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fbtafefwetpwc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586252825632&bpp=3&bdt=562&fdt=126&idt=126&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=180x600%2C460x280&correlator=5078595498267&frm=20&pv=1&ga_vid=129510083.1586252826&ga_sid=1586252826&ga_hid=389777239&ga_fc=0&iag=0&icsg=2336633831408&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1003&ady=90&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291%2C44713363&oid=3&pvsid=3703353915227769&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=3&uci=a!3&fsb=1&xpc=YxWaj0ddaI&p=http%3A//publichealthinsurance.xyz&dtd=129
Frame ID: 1A5EE318032B24019E0F4A417FB7F08D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3181373112926235&output=html&adk=1812271804&adf=3025194257&lmt=1586252825&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fbtafefwetpwc%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1586252825670&bpp=3&bdt=601&fdt=97&idt=97&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=180x600%2C460x280%2C336x280&nras=1&correlator=5078595498267&frm=20&pv=1&ga_vid=129510083.1586252826&ga_sid=1586252826&ga_hid=389777239&ga_fc=0&iag=0&icsg=2336633831408&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291%2C44713363&oid=3&pvsid=3703353915227769&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&dtd=101
Frame ID: 4377A6B26CC77651F1F5BFFCF53FACDB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 297F785A4665C7B762F675868CCA24BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://btafefwetpwc.kyto.pw/ HTTP 302
    http://publichealthinsurance.xyz/booker/btafefwetpwc/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

46
Requests

50 %
HTTPS

72 %
IPv6

14
Domains

22
Subdomains

15
IPs

5
Countries

543 kB
Transfer

1447 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://btafefwetpwc.kyto.pw/ HTTP 302
    http://publichealthinsurance.xyz/booker/btafefwetpwc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=389777239&t=pageview&_s=1&dl=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fbtafefwetpwc%2F&ul=en-us&de=UTF-8&dt=Downloads%20PDF%20Keeping%206%20Norman%20Sharkey%20BalboaPress%20Books&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=755144735&gjid=393792858&cid=129510083.1586252826&tid=UA-37281609-1&_gid=1003774190.1586252826&_r=1&gtm=2ou3p1&z=2022750802 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37281609-1&cid=129510083.1586252826&jid=755144735&_gid=1003774190.1586252826&gjid=393792858&_v=j81&z=2022750802 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37281609-1&cid=129510083.1586252826&jid=755144735&_v=j81&z=2022750802 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37281609-1&cid=129510083.1586252826&jid=755144735&_v=j81&z=2022750802&slf_rd=1&random=14306910

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
publichealthinsurance.xyz/booker/btafefwetpwc/
Redirect Chain
  • http://btafefwetpwc.kyto.pw/
  • http://publichealthinsurance.xyz/booker/btafefwetpwc/
21 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx / PHP/5.6.40-12+ubuntu18.04.1+deb.sury.org+1
Resource Hash
3a498f27bae7fa23646b2265c66f26130ae3a792f4c2abae6819b694fe22ef74

Request headers

Host
publichealthinsurance.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Tue, 07 Apr 2020 09:47:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40-12+ubuntu18.04.1+deb.sury.org+1
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 07 Apr 2020 09:47:04 GMT
Content-Type
text/html
Content-Length
154
Connection
keep-alive
Location
http://publichealthinsurance.xyz/booker/btafefwetpwc/
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40eed9231a06faf122640d8d54b4ef36038dab603932cf5e02b4743a1e0dfe3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18362
x-xss-protection
0
server
sffe
date
Tue, 07 Apr 2020 09:47:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"9ad526c22bc07bb1"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Apr 2020 09:47:05 GMT
js
www.googletagmanager.com/gtag/ 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-37281609-1
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0515d2bda9a0c481757a20486b0e048c50eedf083465209b5e1b234a0d1c2d30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 09:47:05 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
29062
x-xss-protection
0
last-modified
Tue, 07 Apr 2020 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Apr 2020 09:47:05 GMT
bootstrap.min.css
publichealthinsurance.xyz/material/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://publichealthinsurance.xyz/material/css/bootstrap.min.css
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
1eeb40951c715bd128277746af336f5f4ad88b869cc89776081bd25d8f3bf23c

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 May 2019 23:01:28 GMT
Server
nginx
ETag
W/"5cd9f748-1d999"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
bootstrap-material-design.css
publichealthinsurance.xyz/material/css/ 		103 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://publichealthinsurance.xyz/material/css/bootstrap-material-design.css
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
fcd864a50f33500ef8f049006c6d7d79094b7b33f41f72430721c7d415d9d501

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 May 2019 23:01:28 GMT
Server
nginx
ETag
W/"5cd9f748-19bf0"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
ripples.css
publichealthinsurance.xyz/material/css/ 		1 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://publichealthinsurance.xyz/material/css/ripples.css
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
1d615b29ea8624e9aa292d00ec9b501ed05334013d2b0606cbe90dff1138e54a

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 May 2019 23:01:28 GMT
Server
nginx
ETag
W/"5cd9f748-514"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
jquery.dropdown.css
publichealthinsurance.xyz/material/css/ 		2 KB
992 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://publichealthinsurance.xyz/material/css/jquery.dropdown.css
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
79538cdcec10e98be945f339e08fe7dba1871fed358d83649b8a699586a2b250

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 May 2019 23:01:28 GMT
Server
nginx
ETag
W/"5cd9f748-83c"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
style.css
publichealthinsurance.xyz/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://publichealthinsurance.xyz/style.css
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
3ee593e35b5a326cde4f67ad1fd91263a48b039c4cc2c9400c45b820271c3f74

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 May 2019 23:01:28 GMT
Server
nginx
ETag
W/"5cd9f748-38d0"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto:300,400,500
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55358d6caf431bde2a03ce1438a4d7630c804976fa0422c8eaad1cf5799c603c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Apr 2020 09:47:05 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Tue, 07 Apr 2020 09:47:05 GMT
icon
fonts.googleapis.com/ 		574 B
468 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Apr 2020 09:47:05 GMT
server
ESF
date
Tue, 07 Apr 2020 09:47:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Apr 2020 09:47:05 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 22 Jan 2020 05:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6580677
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Jan 2021 05:49:08 GMT
logo.png
publichealthinsurance.xyz/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://publichealthinsurance.xyz/images/logo.png
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
3183ea3bad9999bcecc91378d61955fe1b3de5bad1653d0ff0892ea7792475e0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Last-Modified
Mon, 13 May 2019 23:01:28 GMT
Server
nginx
ETag
"5cd9f748-e0f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3599
jquery-1.10.2.min.js
publichealthinsurance.xyz/js/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://publichealthinsurance.xyz/js/jquery-1.10.2.min.js
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
919d09a8fbe74b29a69c52ecbacf05b55c5ef805ceda7bdc3fd12e91188294b6

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Dec 2019 15:39:57 GMT
Server
nginx
ETag
W/"5de681cd-16ea7"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Connection
keep-alive
loading.svg
publichealthinsurance.xyz/images/ 		696 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://publichealthinsurance.xyz/images/loading.svg
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
1844de70f8a19e1bb882b6f7a1161affa42ebe90640ab3415b44819251de0843

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Last-Modified
Mon, 13 May 2019 23:01:28 GMT
Server
nginx
ETag
"5cd9f748-2b8"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
696
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		107 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a570c0a8b44e2d5e8b6586cdca2d3b8ea041799698c1d4b9ee26ba61a3724ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
9354317404833513581
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
39159
X-XSS-Protection
0
Expires
Tue, 07 Apr 2020 09:47:05 GMT
imglazyload.js
publichealthinsurance.xyz/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://publichealthinsurance.xyz/js/imglazyload.js
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
d6ef3fd5623ae5008fa3c70b222291c40e4dcfa493ea5d4ce2b066e0788b1edc

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 May 2019 23:01:28 GMT
Server
nginx
ETag
W/"5cd9f748-867"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Connection
keep-alive
bootstrap.min.js
publichealthinsurance.xyz/material/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://publichealthinsurance.xyz/material/js/bootstrap.min.js
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 May 2019 23:01:28 GMT
Server
nginx
ETag
W/"5cd9f748-9004"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Connection
keep-alive
ripples.min.js
publichealthinsurance.xyz/material/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://publichealthinsurance.xyz/material/js/ripples.min.js
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
4d8fc43bffbe520fcff9f4818daaa59adba984204ac253fb4ce9d2f921a737c8

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 May 2019 23:01:28 GMT
Server
nginx
ETag
W/"5cd9f748-af9"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Connection
keep-alive
material.min.js
publichealthinsurance.xyz/material/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://publichealthinsurance.xyz/material/js/material.min.js
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
8a2770268fb74d2f9c0463b4b836e2764c553e1ad4e914ae2bc1c31a9230ab78

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 May 2019 23:01:28 GMT
Server
nginx
ETag
W/"5cd9f748-152e"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Connection
keep-alive
jquery.dropdown.js
publichealthinsurance.xyz/material/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://publichealthinsurance.xyz/material/js/jquery.dropdown.js
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
86f7523fd3bff5a6464ace1e296b6e5c864b4a444d833b4decd992da40f658cd

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 May 2019 23:01:28 GMT
Server
nginx
ETag
W/"5cd9f748-3056"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Connection
keep-alive
counter.js
www.statcounter.com/counter/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af4e87a3c8c8c300d4fb8ffe1627624a8c5463c0d48d3ebb4fcf3ec2da3f7dd

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 09:47:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Mar 2020 14:45:36 GMT
server
cloudflare
age
32392
etag
W/"5e723410-7fd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=43200
cf-ray
5802d33f18f1cc46-ZRH
expires
Tue, 07 Apr 2020 12:47:13 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-37281609-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4413
date
Tue, 07 Apr 2020 08:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Tue, 07 Apr 2020 10:33:32 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://publichealthinsurance.xyz
Referer
http://fonts.googleapis.com/css?family=Roboto:300,400,500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Mar 2020 03:36:22 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jul 2019 01:18:50 GMT
Server
sffe
Age
886243
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
11016
X-XSS-Protection
0
Expires
Sun, 28 Mar 2021 03:36:22 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://publichealthinsurance.xyz
Referer
http://fonts.googleapis.com/css?family=Roboto:300,400,500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 31 Jan 2020 00:33:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jul 2019 01:18:52 GMT
Server
sffe
Age
5822019
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
11180
X-XSS-Protection
0
Expires
Sat, 30 Jan 2021 00:33:26 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v50/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v50/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/icon?family=Material+Icons
Origin
http://publichealthinsurance.xyz
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 20:01:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Feb 2020 01:57:25 GMT
server
sffe
age
2382307
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
60840
x-xss-protection
0
expires
Wed, 10 Mar 2021 20:01:58 GMT
plusone.js
apis.google.com/js/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js?onload=onLoadCallback
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/js/jquery-1.10.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e1f63a04006a1ea69fdcff237512f0b416ef3320f3fec4102f4b3dc788df9a81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 09:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-01+ZnfLJpN4tZFxEt3AuJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"20c7f969fe89765f8f12708dc1b78a13"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Tue, 07 Apr 2020 09:47:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://publichealthinsurance.xyz
Referer
http://fonts.googleapis.com/css?family=Roboto:300,400,500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 31 Jan 2020 00:45:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jul 2019 01:18:48 GMT
Server
sffe
Age
5821323
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
11056
X-XSS-Protection
0
Expires
Sat, 30 Jan 2021 00:45:02 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=389777239&t=pageview&_s=1&dl=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fbtafefwetpwc%2F&ul=en-us&de=UTF-8&dt=Downloads%20PDF%20Keeping...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37281609-1&cid=129510083.1586252826&jid=755144735&_gid=1003774190.1586252826&gjid=393792858&_v=j81&z=2022750802
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37281609-1&cid=129510083.1586252826&jid=755144735&_v=j81&z=2022750802
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37281609-1&cid=129510083.1586252826&jid=755144735&_v=j81&z=2022750802&slf_rd=1&random=14306910
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37281609-1&cid=129510083.1586252826&jid=755144735&_v=j81&z=2022750802&slf_rd=1&random=14306910
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 09:47:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Apr 2020 09:47:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37281609-1&cid=129510083.1586252826&jid=755144735&_v=j81&z=2022750802&slf_rd=1&random=14306910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
keeping-6-norman-sharkey-self-help-norman-sharkey-balboapress-BtaFefWETpwC.jpg
publichealthinsurance.xyz/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://publichealthinsurance.xyz/img/keeping-6-norman-sharkey-self-help-norman-sharkey-balboapress-BtaFefWETpwC.jpg
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
ed622177c5b6c9f0e4ecbefc2183d4fb3cf6c89cf85ceff37ee3a3eec7a35f15

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Last-Modified
Wed, 13 Feb 2019 14:53:52 GMT
Server
nginx
ETag
"5c642f80-2646"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9798
Expires
Tue, 14 Apr 2020 09:47:05 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=publichealthinsurance.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 09:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=publichealthinsurance.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 09:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/ 		215 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2da2dc80a7d0151db91ff56760824db8d71941db36d761b0094fabc2be9baf69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 09:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
82821
x-xss-protection
0
server
cafe
etag
14107941289507204222
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Apr 2020 09:47:05 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200402/r20190131/ Frame C1A5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200402/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200402/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Sat, 04 Apr 2020 09:44:32 GMT
expires
Sat, 18 Apr 2020 09:44:32 GMT
content-type
text/html; charset=UTF-8
etag
10348540741379653356
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4494
x-xss-protection
0
cache-control
public, max-age=1209600
age
259353
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/btafefwetpwc/
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:37:17 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 14:12:12 GMT
X-CDN-Pop-IP
51.254.41.128/26
ETag
"-139234964"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
32087
Content-Type
text/javascript
X-CDN-Pop
rbx1
Accept-Ranges
bytes
Content-Length
4525
X-Request-ID
998605317
t.php
c.statcounter.com/ 		49 B
445 B 		Other
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=11109587&java=1&security=aef6ae22&u1=AF479851AF184F1311DA054020B922A5&sc_rum_f_s=0&sc_rum_f_e=1501&sc_rum_e_s=1708&sc_rum_e_e=1712&sc_random=0.2576316001279422&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//publichealthinsurance.xyz/booker/btafefwetpwc/&t=Downloads%20PDF%20Keeping%206%20Norman%20Sharkey%20BalboaPress%20Books&sc_snum=1&sess=5f6681&p=0&invisible=1
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
Origin
http://publichealthinsurance.xyz
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 07 Apr 2020 09:47:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
status
200
cf-ray
5802d3409d4bcc46-ZRH
content-type
image/gif
content-length
49
expires
Mon, 26 Jul 1997 05:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.JKCQ2Hvuo0E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ/ 		140 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.JKCQ2Hvuo0E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js?onload=onLoadCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24b45790f58b5d8c376ea8320617b5defa1c88576b7b8df5abf1337a758adba3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 02 Apr 2020 00:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Jan 2020 20:40:07 GMT
server
sffe
age
466121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
50234
x-xss-protection
0
expires
Fri, 02 Apr 2021 00:18:24 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F8E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3181373112926235&output=html&h=600&slotname=4253165815&adk=1156750509&adf=2725398064&w=180&fwrn=4&fwrnh=100&lmt=1586252825&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=180x600&url=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fbtafefwetpwc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1586252825595&bpp=31&bdt=525&fdt=102&idt=102&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5078595498267&frm=20&pv=2&ga_vid=129510083.1586252826&ga_sid=1586252826&ga_hid=389777239&ga_fc=0&iag=0&icsg=34402643964&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=258&ady=405&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291%2C44713363&oid=3&pvsid=3703353915227769&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=3khAdMvWTZ&p=http%3A//publichealthinsurance.xyz&dtd=116
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3181373112926235&output=html&h=600&slotname=4253165815&adk=1156750509&adf=2725398064&w=180&fwrn=4&fwrnh=100&lmt=1586252825&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=180x600&url=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fbtafefwetpwc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1586252825595&bpp=31&bdt=525&fdt=102&idt=102&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5078595498267&frm=20&pv=2&ga_vid=129510083.1586252826&ga_sid=1586252826&ga_hid=389777239&ga_fc=0&iag=0&icsg=34402643964&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=258&ady=405&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291%2C44713363&oid=3&pvsid=3703353915227769&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=3khAdMvWTZ&p=http%3A//publichealthinsurance.xyz&dtd=116
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 07 Apr 2020 09:47:05 GMT
server
cafe
content-length
198
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 07-Apr-2020 10:02:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires
Tue, 07 Apr 2020 09:47:05 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3647b49a385374990c3b8a8ffcc1e7979ef25a7029b3711ac37e1eebb370e6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 09:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1585953408266222"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
27981
x-xss-protection
0
expires
Tue, 07 Apr 2020 09:47:05 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9ACD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3181373112926235&output=html&h=280&slotname=4253165815&adk=588490216&adf=4269680274&w=460&fwrn=4&fwrnh=100&lmt=1586252825&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=460x280&url=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fbtafefwetpwc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586252825626&bpp=6&bdt=556&fdt=110&idt=110&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=180x600&correlator=5078595498267&frm=20&pv=1&ga_vid=129510083.1586252826&ga_sid=1586252826&ga_hid=389777239&ga_fc=0&iag=0&icsg=584158457852&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=478&ady=338&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291%2C44713363&oid=3&pvsid=3703353915227769&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=2&uci=a!2&fsb=1&xpc=3Er58cvbEt&p=http%3A//publichealthinsurance.xyz&dtd=113
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3181373112926235&output=html&h=280&slotname=4253165815&adk=588490216&adf=4269680274&w=460&fwrn=4&fwrnh=100&lmt=1586252825&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=460x280&url=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fbtafefwetpwc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586252825626&bpp=6&bdt=556&fdt=110&idt=110&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=180x600&correlator=5078595498267&frm=20&pv=1&ga_vid=129510083.1586252826&ga_sid=1586252826&ga_hid=389777239&ga_fc=0&iag=0&icsg=584158457852&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=478&ady=338&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291%2C44713363&oid=3&pvsid=3703353915227769&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=2&uci=a!2&fsb=1&xpc=3Er58cvbEt&p=http%3A//publichealthinsurance.xyz&dtd=113
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 07 Apr 2020 09:47:05 GMT
server
cafe
content-length
201
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 07-Apr-2020 10:02:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires
Tue, 07 Apr 2020 09:47:05 GMT
cache-control
private
0.php
s4.histats.com/stats/ 		50 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s4.histats.com/stats/0.php?4267576&@f16&@g1&@h1&@i1&@j1586252825745&@k0&@l1&@mDownloads%20PDF%20Keeping%206%20Norman%20Sharkey%20BalboaPress%20Books&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-110699477&@b3:1586252826&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fbtafefwetpwc%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Server
192.99.8.34 Richmond Hill, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns501383.ip-192-99-8.net
Software
/
Resource Hash
da1b198307ed676e2ad278d743f104a84b3c7315280566802efe9ab0f10e8212

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:05 GMT
Connection
close
Content-Length
50
Content-Type
text/html;charset=UTF-8
ads
googleads.g.doubleclick.net/pagead/ Frame 1A5E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3181373112926235&output=html&h=280&slotname=4253165815&adk=3508490640&adf=2555147040&w=336&fwrn=4&fwrnh=100&lmt=1586252825&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fbtafefwetpwc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586252825632&bpp=3&bdt=562&fdt=126&idt=126&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=180x600%2C460x280&correlator=5078595498267&frm=20&pv=1&ga_vid=129510083.1586252826&ga_sid=1586252826&ga_hid=389777239&ga_fc=0&iag=0&icsg=2336633831408&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1003&ady=90&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291%2C44713363&oid=3&pvsid=3703353915227769&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=3&uci=a!3&fsb=1&xpc=YxWaj0ddaI&p=http%3A//publichealthinsurance.xyz&dtd=129
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3181373112926235&output=html&h=280&slotname=4253165815&adk=3508490640&adf=2555147040&w=336&fwrn=4&fwrnh=100&lmt=1586252825&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fbtafefwetpwc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586252825632&bpp=3&bdt=562&fdt=126&idt=126&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=180x600%2C460x280&correlator=5078595498267&frm=20&pv=1&ga_vid=129510083.1586252826&ga_sid=1586252826&ga_hid=389777239&ga_fc=0&iag=0&icsg=2336633831408&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1003&ady=90&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291%2C44713363&oid=3&pvsid=3703353915227769&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=3&uci=a!3&fsb=1&xpc=YxWaj0ddaI&p=http%3A//publichealthinsurance.xyz&dtd=129
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 07 Apr 2020 09:47:05 GMT
server
cafe
content-length
199
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 07-Apr-2020 10:02:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires
Tue, 07 Apr 2020 09:47:05 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 4377 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3181373112926235&output=html&adk=1812271804&adf=3025194257&lmt=1586252825&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fbtafefwetpwc%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1586252825670&bpp=3&bdt=601&fdt=97&idt=97&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=180x600%2C460x280%2C336x280&nras=1&correlator=5078595498267&frm=20&pv=1&ga_vid=129510083.1586252826&ga_sid=1586252826&ga_hid=389777239&ga_fc=0&iag=0&icsg=2336633831408&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291%2C44713363&oid=3&pvsid=3703353915227769&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&dtd=101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3181373112926235&output=html&adk=1812271804&adf=3025194257&lmt=1586252825&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fbtafefwetpwc%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1586252825670&bpp=3&bdt=601&fdt=97&idt=97&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=180x600%2C460x280%2C336x280&nras=1&correlator=5078595498267&frm=20&pv=1&ga_vid=129510083.1586252826&ga_sid=1586252826&ga_hid=389777239&ga_fc=0&iag=0&icsg=2336633831408&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291%2C44713363&oid=3&pvsid=3703353915227769&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&dtd=101
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 07 Apr 2020 09:47:05 GMT
server
cafe
content-length
779
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 07-Apr-2020 10:02:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires
Tue, 07 Apr 2020 09:47:05 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200402&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2383423a5e5174fe71d89d43130aa8ca2f61219bd0efb3760be26df4cf335bef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
Origin
http://publichealthinsurance.xyz
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Apr 2020 09:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5168
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 09:47:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1582746470043195"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=3000
Accept-Ranges
bytes
Content-Length
5456
X-XSS-Protection
0
Expires
Tue, 07 Apr 2020 09:47:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 297F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Tue, 07 Apr 2020 09:41:02 GMT
expires
Wed, 07 Apr 2021 09:41:02 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
364
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200402&jk=3703353915227769&bg=!MjGlMSlYbXY-r85pbDsCAAAANVIAAAAKmQFknE4517cBToJknWSxXWfTR0KvnZoTVSq9w-vNlosWOjcG6VYpmTHKld3jJh1E-YuhSzMg_QuL_zW_BjxPupqINyKBIiVooua7BOJ3XLDyODxdn4jij624pz46y9uti97ILJR2I-bi-avIkhkaXZ0yF94SjRKBYLye_w1YWJ8EQCJ2dKyPYEO01Dek-61h66R808AXH_PgDOWt0hu0C_y1Ol5gIwqTKYwpuvfo3EwJ1NA5ID-q_Bj5e21J6s6Lh4oIg_mVC30To250r7nx6ghBBvzLZR-dqYrUQ3lVWqmsIscblkEoYUVh1RAGG403B9oSrpm0zJu5m2YGNu1-GIGLZ9fYRGlenculxmCBOXeEi3qCr9Wba1R3m3Ey2sA-IMynI_LTgWhvCOIYL3MSaAJbxfKGITHvqzx6RJ4NMUJOLzi859snM5id4gO11pMQEl-nySF9ZT6v5JwNMqLbhEY37Nogucg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://publichealthinsurance.xyz/booker/btafefwetpwc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 09:47:06 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| adsbygoogle object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| jQuery11020662243897816895 object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars number| sc_project number| sc_invisible string| sc_security object| _Hasync function| _statcounter object| gapi object| ___jsl function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired function| chfh function| chfh2 string| _HST_cntval object| Histats object| gadgets object| osapi object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _HistatsCounterGraphics_0_setValues object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
.publichealthinsurance.xyz/ Name: sc_is_visitor_unique
Value: rx11109587.1586252826.AF479851AF184F1311DA054020B922A5.1.1.1.1.1.1.1.1.1
publichealthinsurance.xyz/ Name: HstCnv4267576
Value: 1
publichealthinsurance.xyz/ Name: HstCns4267576
Value: 1
publichealthinsurance.xyz/ Name: HstPn4267576
Value: 1
publichealthinsurance.xyz/ Name: HstCmu4267576
Value: 1586252825745
publichealthinsurance.xyz/ Name: HstPt4267576
Value: 1
publichealthinsurance.xyz/ Name: HstCla4267576
Value: 1586252825745
publichealthinsurance.xyz/ Name: HstCfa4267576
Value: 1586252825745
.publichealthinsurance.xyz/ Name: _gid
Value: GA1.2.1003774190.1586252826
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.publichealthinsurance.xyz/ Name: _gat_gtag_UA_37281609_1
Value: 1
.publichealthinsurance.xyz/ Name: _ga
Value: GA1.2.129510083.1586252826

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
apis.google.com
btafefwetpwc.kyto.pw
c.statcounter.com
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
publichealthinsurance.xyz
s10.histats.com
s4.histats.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
104.22.52.65
104.243.38.20
104.243.38.22
192.99.8.34
2a00:1450:4001:800::2008
2a00:1450:4001:808::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2002
2a00:1450:4001:814::2003
2a00:1450:4001:815::2002
2a00:1450:4001:819::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::2004
2a00:1450:4001:821::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9d
46.105.201.240
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0515d2bda9a0c481757a20486b0e048c50eedf083465209b5e1b234a0d1c2d30
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
1844de70f8a19e1bb882b6f7a1161affa42ebe90640ab3415b44819251de0843
1d615b29ea8624e9aa292d00ec9b501ed05334013d2b0606cbe90dff1138e54a
1eeb40951c715bd128277746af336f5f4ad88b869cc89776081bd25d8f3bf23c
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
2383423a5e5174fe71d89d43130aa8ca2f61219bd0efb3760be26df4cf335bef
24b45790f58b5d8c376ea8320617b5defa1c88576b7b8df5abf1337a758adba3
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2da2dc80a7d0151db91ff56760824db8d71941db36d761b0094fabc2be9baf69
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3183ea3bad9999bcecc91378d61955fe1b3de5bad1653d0ff0892ea7792475e0
3a498f27bae7fa23646b2265c66f26130ae3a792f4c2abae6819b694fe22ef74
3ee593e35b5a326cde4f67ad1fd91263a48b039c4cc2c9400c45b820271c3f74
40eed9231a06faf122640d8d54b4ef36038dab603932cf5e02b4743a1e0dfe3b
4af4e87a3c8c8c300d4fb8ffe1627624a8c5463c0d48d3ebb4fcf3ec2da3f7dd
4d8fc43bffbe520fcff9f4818daaa59adba984204ac253fb4ce9d2f921a737c8
55358d6caf431bde2a03ce1438a4d7630c804976fa0422c8eaad1cf5799c603c
5a570c0a8b44e2d5e8b6586cdca2d3b8ea041799698c1d4b9ee26ba61a3724ad
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
79538cdcec10e98be945f339e08fe7dba1871fed358d83649b8a699586a2b250
86f7523fd3bff5a6464ace1e296b6e5c864b4a444d833b4decd992da40f658cd
8a2770268fb74d2f9c0463b4b836e2764c553e1ad4e914ae2bc1c31a9230ab78
919d09a8fbe74b29a69c52ecbacf05b55c5ef805ceda7bdc3fd12e91188294b6
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
a3647b49a385374990c3b8a8ffcc1e7979ef25a7029b3711ac37e1eebb370e6d
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d6ef3fd5623ae5008fa3c70b222291c40e4dcfa493ea5d4ce2b066e0788b1edc
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
da1b198307ed676e2ad278d743f104a84b3c7315280566802efe9ab0f10e8212
e1f63a04006a1ea69fdcff237512f0b416ef3320f3fec4102f4b3dc788df9a81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ed622177c5b6c9f0e4ecbefc2183d4fb3cf6c89cf85ceff37ee3a3eec7a35f15
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcd864a50f33500ef8f049006c6d7d79094b7b33f41f72430721c7d415d9d501