urlscan.io logo urlscan.io
SecurityTrails logo

pay-staging.usbank.com Open in urlscan Pro
162.159.134.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pay-staging.usbank.com/
Effective URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Submission: On January 04 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 5 countries across 15 domains to perform 50 HTTP transactions. The main IP is 162.159.134.80, located in and belongs to CLOUDFLARENET, US. The main domain is pay-staging.usbank.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on January 6th 2020. Valid for: 2 years.
This is the only time pay-staging.usbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    162.159.134.80 (None, )

ASN13335 (CLOUDFLARENET, US)
pay-staging.usbank.com
10    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
instamedstg.cachefly.net
1    2606:4700::6810:262f (United States)

ASN13335 (CLOUDFLARENET, US)
js.maxmind.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f10c:83:face:b00c:0:25de (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
10    2606:4700:7::a29f:8650 (United States)

ASN13335 (CLOUDFLARENET, US)
www-staging.instamed.com
www.instamed.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700::6812:aef (United States)

ASN13335 (CLOUDFLARENET, US)
geoip-js.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
10 instamedstg.cachefly.net pay-staging.usbank.com
instamedstg.cachefly.net
5 www.instamed.com www-staging.instamed.com
5 www-staging.instamed.com instamedstg.cachefly.net
www-staging.instamed.com
4 pay-staging.usbank.com 2 redirects pay-staging.usbank.com
3 www.google.co.uk pay-staging.usbank.com
3 www.google.com pay-staging.usbank.com
3 googleads.g.doubleclick.net www.googleadservices.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www-staging.instamed.com
2 maps.googleapis.com instamedstg.cachefly.net
maps.googleapis.com
2 www.facebook.com pay-staging.usbank.com
2 www.googleadservices.com www.googletagmanager.com
pay-staging.usbank.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net pay-staging.usbank.com
connect.facebook.net
2 www.googletagmanager.com pay-staging.usbank.com
www.googletagmanager.com
1 geoip-js.com js.maxmind.com
1 stats.g.doubleclick.net www.google-analytics.com
1 js.maxmind.com pay-staging.usbank.com
50 18

This site contains links to these domains. Also see Links.

Domain
help.instamed.com
www.instamed.com
Subject Issuer Validity Valid
pay-staging.usbank.com
Entrust Certification Authority - L1K		 2020-01-06 -
2022-02-16		 2 years crt.sh
*.cachefly.net
GlobalSign RSA OV SSL CA 2018		 2021-10-18 -
2022-11-19		 a year crt.sh
*.maxmind.com
Sectigo RSA Organization Validation Secure Server CA		 2021-10-27 -
2022-11-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-13 -
2022-01-11		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.instamed.com
Thawte RSA CA 2018		 2021-03-18 -
2022-04-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-17 -
2022-07-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Frame ID: 4ADFD2E4F87D8FBD75ED62A1EA7A2300
Requests: 36 HTTP requests in this frame

Frame: https://www-staging.instamed.com/patientportal/assets/New-MasterEntry.html
Frame ID: C28FC6A8A02972B2B698655DC48C4AEB
Requests: 5 HTTP requests in this frame

Frame: https://www-staging.instamed.com/patientportal/assets/New-Certificates.html
Frame ID: 9F2AFF504950E3BCD9E3F2473B7954B4
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

InstaMed® Patient Portal - Login

Page URL History Show full URLs

  1. https://pay-staging.usbank.com/ HTTP 302
    https://pay-staging.usbank.com/find.aspx?ReturnUrl=%2f HTTP 302
    https://pay-staging.usbank.com/Form/PaymentPortal/Start Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

50
Requests

100 %
HTTPS

82 %
IPv6

15
Domains

18
Subdomains

17
IPs

5
Countries

2906 kB
Transfer

5336 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pay-staging.usbank.com/ HTTP 302
    https://pay-staging.usbank.com/find.aspx?ReturnUrl=%2f HTTP 302
    https://pay-staging.usbank.com/Form/PaymentPortal/Start Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Start
pay-staging.usbank.com/Form/PaymentPortal/
Redirect Chain
  • https://pay-staging.usbank.com/
  • https://pay-staging.usbank.com/find.aspx?ReturnUrl=%2f
  • https://pay-staging.usbank.com/Form/PaymentPortal/Start
648 KB
650 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be75a312639698f5999363866139f4fac615e42dc79f03e92137dce261ae2f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 04 Jan 2022 03:52:36 GMT
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
expires
-1
x-content-type-options
nosniff
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c8183da8f694333-FRA

Redirect headers

date
Tue, 04 Jan 2022 03:52:36 GMT
content-type
text/html; charset=utf-8
cache-control
private
location
/Form/PaymentPortal/Start
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c8183d8dcb54333-FRA
PPP-Elavon-all.css
instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/ 		62 B
388 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/PPP-Elavon-all.css
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
318e2882a38aa9be900ff63e128acfac9541e451df8dc49dd3d1c4502895c6ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:36 GMT
x-cf3
M
cf4ttl
31536000.000
x-cf1
15461:fC.fra2:cf:cacheN.fra2-01:M
content-length
62
x-cf-tsc
1640584776
access-control-allow-origin
*
x-cf2
H
last-modified
Mon, 06 Dec 2021 18:47:19 GMT
server
CFS 0215
x-cff
B
content-type
text/css
x-cfhash
"c5182804761a6e29fde9cf43f5c5302b"
cache-control
max-age=14400
cf4age
0
accept-ranges
bytes
expires
Tue, 04 Jan 2022 07:52:36 GMT
ext-modern-all-min.js
instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/ 		2 MB
730 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/ext-modern-all-min.js
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
7f5bc2b8ec77d290768a5dc73ae043270ba4703aa4c86f1f0fd61eda91fb096c

Request headers

Referer
https://pay-staging.usbank.com/
Origin
https://pay-staging.usbank.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:36 GMT
content-encoding
gzip
x-cf3
M
cf4ttl
31536000.000
x-cfhash
"9e1e485325713a12c4e7570c9775b631"
x-cf1
15461:fA.fra2:cf:cacheN.fra2-01:M
content-length
746808
x-cf-tsc
1639930436
x-cf2
H
last-modified
Mon, 06 Dec 2021 18:46:51 GMT
server
CFS 0215
x-cff
B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf4age
0
accept-ranges
bytes
expires
Tue, 04 Jan 2022 07:52:36 GMT
geoip2.js
js.maxmind.com/js/apis/geoip2/v2.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:262f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fe5fb2d025e0a2a028376783078622313bb93ec4a64cae7a8f6c0463507b2b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 03 Jan 2022 17:23:13 GMT
server
cloudflare
age
197
etag
W/"61d33101-d69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
6c8183de7982c26d-FRA
expires
Tue, 04 Jan 2022 07:52:36 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-16010902-1
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
373ce1729bafd14229009844b792efe7858a6c950d57bedccdf5b7d1a45f3bd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36252
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Jan 2022 03:52:36 GMT
PPP-Elavon-all_1.css
instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/ 		222 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/PPP-Elavon-all_1.css
Requested by
Host: instamedstg.cachefly.net
URL: https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/PPP-Elavon-all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
3052defe05c9270ffc4d4165993964b2f7595dab0442d2576243919adf27eb79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/PPP-Elavon-all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:36 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
31536000.000
x-cfhash
"890726fb42c44db49754032f42d0bf8d"
x-cf1
15461:fC.fra2:cf:cacheN.fra2-01:M
content-length
41922
x-cf-tsc
1641104527
x-cf2
H
last-modified
Mon, 06 Dec 2021 18:47:19 GMT
server
CFS 0215
x-cff
B
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf4age
13243
accept-ranges
bytes
expires
Tue, 04 Jan 2022 07:52:36 GMT
PPP-Elavon-all_2.css
instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/ 		212 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/PPP-Elavon-all_2.css
Requested by
Host: instamedstg.cachefly.net
URL: https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/PPP-Elavon-all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
27fc4191abb7a15392cb19fc965cc94fdeacf6a940520dd132f13addd4278edb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/PPP-Elavon-all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:36 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
31536000.000
x-cfhash
"5a99aed7ac9f54b273ba2517d5c533c1"
x-cf1
15461:fC.fra2:cf:cacheN.fra2-01:M
content-length
39088
x-cf-tsc
1641104527
x-cf2
H
last-modified
Mon, 06 Dec 2021 18:47:19 GMT
server
CFS 0215
x-cff
B
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf4age
13243
accept-ranges
bytes
expires
Tue, 04 Jan 2022 07:52:36 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
SA4S2irwcDopcXtWdJehiDoq/0do9dRTfYdx2qEPWh26YxJEPQ5hSUVGXECgv/jrQ/cawdiaH6LPZX/v95CJqw==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 04 Jan 2022 03:52:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16010902-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3091
date
Tue, 04 Jan 2022 03:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 04 Jan 2022 05:01:06 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1064256295&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16010902-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
91c0f82da0e406586548f0f0bcd5e84e588078fc824ec2851741c1e7cc2173ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39670
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Jan 2022 03:52:37 GMT
197735894424369
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/197735894424369?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f5649a6ca65aef715e2d563e6f543cf1c12bd570621ae8757c3bbc28eb5b18d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
88919
x-xss-protection
0
pragma
public
x-fb-debug
FDVAo897EAhiQcDp1sgfWMoyiidBfRvG3BvSmL5SOZHcYNctJcLC0xpxj+I2C3FgMvg+EBJ1njsU88/H4aOmDA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 04 Jan 2022 03:52:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1064256295&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 04 Jan 2022 03:52:37 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=197735894424369&ev=PageView&dl=https%3A%2F%2Fpay-staging.usbank.com%2FForm%2FPaymentPortal%2FStart&rl=&if=false&ts=1641268357272&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1641268357270.721975334&it=1641268357218&coo=false&exp=p0&rqm=GET
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 04 Jan 2022 03:52:37 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1064256295/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1064256295/?random=1641268357302&cv=9&fst=1641268357302&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpay-staging.usbank.com%2FForm%2FPaymentPortal%2FStart&tiba=InstaMed%C2%AE%20Patient%20Portal%20-%20Login&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5947ac88799d239915a73a10a19a802511272be4a426ea32e061620f558400b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 03:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1065
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1064256295/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1064256295/?random=1641268357302&cv=9&fst=1641265200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpay-staging.usbank.com%2FForm%2FPaymentPortal%2FStart&tiba=InstaMed%C2%AE%20Patient%20Portal%20-%20Login&async=1&fmt=3&is_vtc=1&random=1099720778&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 03:52:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/1064256295/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/1064256295/?random=1641268357302&cv=9&fst=1641265200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpay-staging.usbank.com%2FForm%2FPaymentPortal%2FStart&tiba=InstaMed%C2%AE%20Patient%20Portal%20-%20Login&async=1&fmt=3&is_vtc=1&random=1099720778&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 03:52:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
3a794323056095d4ae3d4bccb01fdb689b186c5343f70248d41e61e951cf72fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17610
x-xss-protection
0
server
cafe
etag
5620577396173936331
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 04 Jan 2022 03:52:37 GMT
js
maps.googleapis.com/maps/api/ 		155 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyCx0WBU6_d6Mz1WPgIHdZVOfAVYPoEbYjo&libraries=places
Requested by
Host: instamedstg.cachefly.net
URL: https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/ext-modern-all-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
ec32b6d8576a1d50be79fb8b9774d79c5c21a7e4dd91324eff14a89e96e2015d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:37 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=20
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51800
x-xss-protection
0
expires
Tue, 04 Jan 2022 04:22:37 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1064256295/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1064256295/?random=1641268357840&cv=9&fst=1641268357840&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fpay-staging.usbank.com%2FForm%2FPaymentPortal%2FStart&tiba=InstaMed%C2%AE%20Patient%20Portal%20-%20Login&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb48cf061b3ccfc1f9523d1b504c62c13231e56c0e518425180843e72d126b7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 03:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1037
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
BlankImage.gif
pay-staging.usbank.com/Content/Images/General/ 		43 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay-staging.usbank.com/Content/Images/General/BlankImage.gif
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/Form/PaymentPortal/Start
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:38 GMT
cf-cache-status
MISS
last-modified
Tue, 04 Jan 2022 03:52:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=31535999
accept-ranges
bytes
cf-ray
6c8183e49d0d4333-FRA
content-length
43
expires
Wed, 04 Jan 2023 03:52:37 GMT
/
www.google.com/pagead/1p-user-list/1064256295/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1064256295/?random=1641268357840&cv=9&fst=1641265200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fpay-staging.usbank.com%2FForm%2FPaymentPortal%2FStart&tiba=InstaMed%C2%AE%20Patient%20Portal%20-%20Login&fmt=3&is_vtc=1&random=544857043&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 03:52:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/1064256295/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/1064256295/?random=1641268357840&cv=9&fst=1641265200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fpay-staging.usbank.com%2FForm%2FPaymentPortal%2FStart&tiba=InstaMed%C2%AE%20Patient%20Portal%20-%20Login&fmt=3&is_vtc=1&random=544857043&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 03:52:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCx0WBU6_d6Mz1WPgIHdZVOfAVYPoEbYjo&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pay-staging.usbank.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=735301853&t=pageview&_s=1&dl=https%3A%2F%2Fpay-staging.usbank.com%2FForm%2FPaymentPortal%2FStart&dp=%2FForm%2FPaymentPortal%2FStart&ul=en-us&de=UTF-8&dt=InstaMed%C2%AE%20Patient%20Portal%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABAAAAAC~&jid=1181441827&gjid=1424273489&cid=1256786334.1641268357&tid=UA-16010902-1&_gid=256896757.1641268357&_r=1&gtm=2ouc10&z=1555064329
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pay-staging.usbank.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 03:52:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pay-staging.usbank.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1064256295/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1064256295/?random=1641268358316&cv=9&fst=1641268358316&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2FForm%2FPaymentPortal%2FStart&frm=0&url=https%3A%2F%2Fpay-staging.usbank.com%2FForm%2FPaymentPortal%2FStart&tiba=InstaMed%C2%AE%20Patient%20Portal%20-%20Login&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0ba49fb55d6cb3b25cceaf5af4bf5de73e92285488778f0b061243b43b0933c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 03:52:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1079
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
New-MasterEntry.html
www-staging.instamed.com/patientportal/assets/ Frame C28F 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www-staging.instamed.com/patientportal/assets/New-MasterEntry.html
Requested by
Host: instamedstg.cachefly.net
URL: https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/ext-modern-all-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
d58b47e7e582adf9d81673bdc27de991b4fe63c6721ba4182b4f0891ebb9408c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/

Response headers

date
Tue, 04 Jan 2022 03:52:38 GMT
content-type
text/html
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
last-modified
Fri, 09 Oct 2020 00:02:38 GMT
x-powered-by
WP Engine
x-robots-tag
noindex, nofollow
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 3
x-cache-group
normal
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c8183e7cc4d6963-FRA
content-encoding
gzip
New-Certificates.html
www-staging.instamed.com/patientportal/assets/ Frame 9F2A 		2 KB
979 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www-staging.instamed.com/patientportal/assets/New-Certificates.html
Requested by
Host: instamedstg.cachefly.net
URL: https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/ext-modern-all-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
45c417bd7d8b428a8f72bdb5afe240b523afb2eea9e7d643e1e4651edd1c38be

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/

Response headers

date
Tue, 04 Jan 2022 03:52:38 GMT
content-type
text/html
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
last-modified
Fri, 09 Oct 2020 00:02:38 GMT
x-powered-by
WP Engine
x-robots-tag
noindex, nofollow
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 4
x-cache-group
normal
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c8183e7cc4e6963-FRA
content-encoding
gzip
usbank_mobilelogo.svg
instamedstg.cachefly.net/V_2021_R3/Content/Images/General/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://instamedstg.cachefly.net/V_2021_R3/Content/Images/General/usbank_mobilelogo.svg
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
d943c1fbc5da0bc24b1628d9830e0954fcce2df45ad8cf4cbc774bcbe97ae5cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:38 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
31536000.000
x-cfhash
"485d31ef9141c7135abf24153119f87d"
x-cf1
15461:fC.fra2:cf:cacheN.fra2-01:M
content-length
1620
x-cf-tsc
1641104548
x-cf2
H
last-modified
Mon, 06 Dec 2021 18:46:12 GMT
server
CFS 0215
x-cff
B
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf4age
13238
accept-ranges
bytes
expires
Tue, 04 Jan 2022 07:52:38 GMT
poweredbyinstamed.svg
instamedstg.cachefly.net/V_2021_R3/Content/Images/General/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://instamedstg.cachefly.net/V_2021_R3/Content/Images/General/poweredbyinstamed.svg
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
3881a42ec2707f5c7a5248495c6da1681bd70dc309ba513e80a291388bf47663

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:38 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
31536000.000
x-cfhash
"85eae80ad552b4621cfbf2ccfa3c0f5e"
x-cf1
15461:fC.fra2:cf:cacheN.fra2-01:M
content-length
4064
x-cf-tsc
1641104548
x-cf2
H
last-modified
Mon, 06 Dec 2021 18:46:12 GMT
server
CFS 0215
x-cff
B
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf4age
13238
accept-ranges
bytes
expires
Tue, 04 Jan 2022 07:52:38 GMT
ppp-2fa-code-min.svg
instamedstg.cachefly.net/V_2021_R3/Content/Images/PaymentPortal/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://instamedstg.cachefly.net/V_2021_R3/Content/Images/PaymentPortal/ppp-2fa-code-min.svg
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
4bfaf03a17946c7a9fdd34a1d8dececa6796509ff57c6c7510accb204dc0d3be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:38 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
31536000.000
x-cfhash
"ae1eee34a45c61448a237637e2304d11"
x-cf1
15461:fC.fra2:cf:cacheN.fra2-01:M
content-length
2355
x-cf-tsc
1641104548
x-cf2
H
last-modified
Mon, 06 Dec 2021 18:46:31 GMT
server
CFS 0215
x-cff
B
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf4age
13238
accept-ranges
bytes
expires
Tue, 04 Jan 2022 07:52:38 GMT
ppp_graphic_text.min.svg
instamedstg.cachefly.net/V_2021_R3/Content/Images/PaymentPortal/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://instamedstg.cachefly.net/V_2021_R3/Content/Images/PaymentPortal/ppp_graphic_text.min.svg
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
9abc7651387c3362102fa2175ae3df7ac75f98a6f97f8a64a31531833d185b00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:38 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
31536000.000
x-cfhash
"b630dc9dc85229dfa5f2671c397e53de"
x-cf1
15461:fC.fra2:cf:cacheN.fra2-01:M
content-length
2061
x-cf-tsc
1641104548
x-cf2
H
last-modified
Mon, 06 Dec 2021 18:46:31 GMT
server
CFS 0215
x-cff
B
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf4age
13238
accept-ranges
bytes
expires
Tue, 04 Jan 2022 07:52:38 GMT
MaterialIcons-Regular.ttf
instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/fonts/ 		224 KB
224 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/fonts/MaterialIcons-Regular.ttf
Requested by
Host: instamedstg.cachefly.net
URL: https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/PPP-Elavon-all_2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
320d3688e085f8485936ee044e694fecb35f3eaf0e68a3efe98bdaf41eaed987

Request headers

Referer
https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/PPP-Elavon-all_2.css
Origin
https://pay-staging.usbank.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:38 GMT
x-cf3
M
cf4ttl
31536000.000
x-cf1
15461:fA.fra2:cf:cacheN.fra2-01:M
content-length
228896
x-cf-tsc
1641268359
access-control-allow-origin
*
x-cf2
M
last-modified
Mon, 06 Dec 2021 18:48:01 GMT
server
CFS 0215
x-cff
B
content-type
font/truetype
x-cfhash
"5022f339b6bade069af7b2d79670e2b2"
cache-control
max-age=14400
cf4age
0
accept-ranges
bytes
expires
Tue, 04 Jan 2022 07:52:38 GMT
fontawesome-webfont.woff2
instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: instamedstg.cachefly.net
URL: https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/PPP-Elavon-all_1.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://instamedstg.cachefly.net/V_2021_R3/Content/sencha/extjs/ext6.5.1/PPP-Elavon/PPP-Elavon-all_1.css
Origin
https://pay-staging.usbank.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:38 GMT
x-cf3
M
cf4ttl
31536000.000
x-cf1
15461:fA.fra2:cf:cacheN.fra2-01:M
content-length
77160
x-cf-tsc
1641268359
access-control-allow-origin
*
x-cf2
M
last-modified
Mon, 06 Dec 2021 18:51:05 GMT
server
CFS 0215
x-cff
B
content-type
application/octet-stream
x-cfhash
"af7ae505a9eed503f8b8e6982036873e"
cache-control
max-age=14400
cf4age
0
accept-ranges
bytes
expires
Tue, 04 Jan 2022 07:52:38 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16010902-1&cid=1256786334.1641268357&jid=1181441827&gjid=1424273489&_gid=256896757.1641268357&_u=aEBAAUAAAAAAAC~&z=14397989
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pay-staging.usbank.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 04 Jan 2022 03:52:38 GMT
content-type
text/plain
access-control-allow-origin
https://pay-staging.usbank.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
me
geoip-js.com/geoip/v2.1/city/ 		920 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip-js.com/geoip/v2.1/city/me?referrer=https%3A%2F%2Fpay-staging.usbank.com
Requested by
Host: js.maxmind.com
URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8aa99a263562709b6fdec95ac7f8b68abe54fbe61561073742e7bff2cca2813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/vnd.maxmind.com-city+json; charset=UTF-8; version=2.1
access-control-allow-origin
*
cf-ray
6c8183e80fa842e7-FRA
content-length
920
/
www.google.com/pagead/1p-user-list/1064256295/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1064256295/?random=1641268358316&cv=9&fst=1641265200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bpage_path%3D%2FForm%2FPaymentPortal%2FStart&frm=0&url=https%3A%2F%2Fpay-staging.usbank.com%2FForm%2FPaymentPortal%2FStart&tiba=InstaMed%C2%AE%20Patient%20Portal%20-%20Login&async=1&fmt=3&is_vtc=1&random=1718487732&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 03:52:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/1064256295/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/1064256295/?random=1641268358316&cv=9&fst=1641265200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bpage_path%3D%2FForm%2FPaymentPortal%2FStart&frm=0&url=https%3A%2F%2Fpay-staging.usbank.com%2FForm%2FPaymentPortal%2FStart&tiba=InstaMed%C2%AE%20Patient%20Portal%20-%20Login&async=1&fmt=3&is_vtc=1&random=1718487732&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 03:52:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=197735894424369&ev=Microdata&dl=https%3A%2F%2Fpay-staging.usbank.com%2FForm%2FPaymentPortal%2FStart&rl=&if=false&ts=1641268358777&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22InstaMed%C2%AE%20Patient%20Portal%20-%20Login%22%2C%22meta%3Akeywords%22%3A%22InstaMed%C2%AE%20Patient%20Portal%22%2C%22meta%3Adescription%22%3A%22Have%20a%20healthcare%20bill%3F%20Pay%20online%20with%20the%20InstaMed%20Patient%20Portal%2C%20a%20simple%20and%20secure%20way%20to%20pay%20any%20healthcare%20provider.%20Pay%20all%20of%20your%20medical%20bills%20in%20one%20place%20with%20InstaMed%20and%20create%20a%20digital%20wallet.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1641268357270.721975334&it=1641268357218&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: pay-staging.usbank.com
URL: https://pay-staging.usbank.com/Form/PaymentPortal/Start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay-staging.usbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:39 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 04 Jan 2022 03:52:39 GMT
css
fonts.googleapis.com/ Frame 9F2A 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: www-staging.instamed.com
URL: https://www-staging.instamed.com/patientportal/assets/New-Certificates.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www-staging.instamed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 03:06:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 04 Jan 2022 03:52:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jan 2022 03:52:38 GMT
style.css
www-staging.instamed.com/patientportal/assets/css/ Frame 9F2A 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www-staging.instamed.com/patientportal/assets/css/style.css
Requested by
Host: www-staging.instamed.com
URL: https://www-staging.instamed.com/patientportal/assets/New-Certificates.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebaa2d0dfa63ffc1b49ad0de18a3629f4a1c44f62f07bb1c78daf957b0f766f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www-staging.instamed.com/patientportal/assets/New-Certificates.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 20 Nov 2020 01:02:40 GMT
server
cloudflare
etag
W/"5fb715b0-4454"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6c8183ea98066963-FRA
expires
Wed, 04 Jan 2023 03:52:39 GMT
security_logo_pci.png
www.instamed.com/wp-content/uploads/ Frame 9F2A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.instamed.com/wp-content/uploads/security_logo_pci.png
Requested by
Host: www-staging.instamed.com
URL: https://www-staging.instamed.com/patientportal/assets/New-Certificates.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec3b8ff6b34d7ab1766d46aaec94307596788c8cca2ae1e0ec66f0893c8df2f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www-staging.instamed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:38 GMT
cf-cache-status
HIT
age
1526394
cf-polished
origSize=1436
content-length
1373
last-modified
Mon, 11 Nov 2019 22:39:34 GMT
server
cloudflare
etag
"5dc9e326-59c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Wed, 04 Jan 2023 03:52:38 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6c8183ea98206963-FRA
cf-bgj
imgq:100,h2pri
security_logo_emv.png
www.instamed.com/wp-content/uploads/ Frame 9F2A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.instamed.com/wp-content/uploads/security_logo_emv.png
Requested by
Host: www-staging.instamed.com
URL: https://www-staging.instamed.com/patientportal/assets/New-Certificates.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6ff3d0bff69997d284ece34fbf5423e2da45beca02424a429856a02e4109a13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www-staging.instamed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:38 GMT
cf-cache-status
HIT
age
1202906
cf-polished
origSize=1859
content-length
1794
last-modified
Mon, 11 Nov 2019 22:39:36 GMT
server
cloudflare
etag
"5dc9e328-743"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Wed, 04 Jan 2023 03:52:38 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6c8183ea982e6963-FRA
cf-bgj
imgq:100,h2pri
security_logos_ehnac2.png
www.instamed.com/wp-content/uploads/ Frame 9F2A 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.instamed.com/wp-content/uploads/security_logos_ehnac2.png
Requested by
Host: www-staging.instamed.com
URL: https://www-staging.instamed.com/patientportal/assets/New-Certificates.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56fad914df6d2321e0c0ae07040d3ddbd0f4068bfe3414ef4758d28973c35924

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www-staging.instamed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:38 GMT
cf-cache-status
HIT
age
1202906
cf-polished
origSize=9800
content-length
8809
last-modified
Wed, 30 Dec 2020 01:12:32 GMT
server
cloudflare
etag
"5febd400-2648"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Wed, 04 Jan 2023 03:52:38 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6c8183ea981d6963-FRA
cf-bgj
imgq:100,h2pri
security_logo_aicpa.png
www.instamed.com/wp-content/uploads/ Frame 9F2A 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.instamed.com/wp-content/uploads/security_logo_aicpa.png
Requested by
Host: www-staging.instamed.com
URL: https://www-staging.instamed.com/patientportal/assets/New-Certificates.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f419f6933786000d3a0d8772bd0eb8076f172a90092f7c89b59344d8bf0a23fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www-staging.instamed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:38 GMT
cf-cache-status
HIT
age
1313274
cf-polished
origSize=14884
content-length
14017
last-modified
Mon, 11 Nov 2019 22:39:40 GMT
server
cloudflare
etag
"5dc9e32c-3a24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Wed, 04 Jan 2023 03:52:38 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6c8183ea982f6963-FRA
cf-bgj
imgq:100,h2pri
security_logo_p2pe.png
www.instamed.com/wp-content/uploads/ Frame 9F2A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.instamed.com/wp-content/uploads/security_logo_p2pe.png
Requested by
Host: www-staging.instamed.com
URL: https://www-staging.instamed.com/patientportal/assets/New-Certificates.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fa7320b432fc2886dd385af3ee867711d7e4dd63d0d94a6b1760f44ea81b7f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www-staging.instamed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:38 GMT
cf-cache-status
HIT
age
1526394
cf-polished
origSize=5212
content-length
4357
last-modified
Mon, 11 Nov 2019 22:41:05 GMT
server
cloudflare
etag
"5dc9e381-145c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Wed, 04 Jan 2023 03:52:38 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6c8183ea981e6963-FRA
cf-bgj
imgq:100,h2pri
css
fonts.googleapis.com/ Frame C28F 		8 KB
787 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: www-staging.instamed.com
URL: https://www-staging.instamed.com/patientportal/assets/New-MasterEntry.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www-staging.instamed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 02:59:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 04 Jan 2022 03:52:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jan 2022 03:52:38 GMT
style.css
www-staging.instamed.com/patientportal/assets/css/ Frame C28F 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www-staging.instamed.com/patientportal/assets/css/style.css
Requested by
Host: www-staging.instamed.com
URL: https://www-staging.instamed.com/patientportal/assets/New-MasterEntry.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebaa2d0dfa63ffc1b49ad0de18a3629f4a1c44f62f07bb1c78daf957b0f766f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www-staging.instamed.com/patientportal/assets/New-MasterEntry.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 20 Nov 2020 01:02:40 GMT
server
cloudflare
age
0
etag
W/"5fb715b0-4454"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6c8183ea98086963-FRA
expires
Wed, 04 Jan 2023 03:52:39 GMT
PhoneTab_Large_Cropped.png
www-staging.instamed.com/patientportal/assets/img/ Frame C28F 		761 KB
761 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-staging.instamed.com/patientportal/assets/img/PhoneTab_Large_Cropped.png
Requested by
Host: www-staging.instamed.com
URL: https://www-staging.instamed.com/patientportal/assets/New-MasterEntry.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21657923047e8f506a6a4860331bd799208f250ee9fd9be0533bc27a7f5e3ab1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www-staging.instamed.com/patientportal/assets/New-MasterEntry.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 03:52:39 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Nov 2019 20:33:02 GMT
server
cloudflare
etag
"5dcb16fe-be21f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6c8183ea980b6963-FRA
content-length
778783
expires
Wed, 04 Jan 2023 03:52:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 9F2A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www-staging.instamed.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 01:54:06 GMT
x-content-type-options
nosniff
age
525513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 01:54:06 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame C28F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www-staging.instamed.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 01:54:06 GMT
x-content-type-options
nosniff
age
525513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 01:54:06 GMT

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| $jscomp object| Ext function| PerformDirectAction function| CreateMethodParameterObject function| PerformAction function| SubmitFormHttp function| getChartDataStore function| RenderChart function| RenderChartSeries function| RenderChartAxes function| RenderChartPortlet function| ProcessUpdateCharts function| PerformActionSuccessHandler function| SetValidationVisibility function| SortValidationSummary function| SetSortedValidationSummary function| PerformActionFailureHandler function| SuspendEvents function| ResumeEvents function| UpdateFieldData function| FocusField function| submitOnEnter function| SalesforceSAMLPost function| SalesforceSAMLPostInternal function| GetBrowserType function| GetBrowserVersion object| myMask object| InstaMed undefined| lastForm object| PostMessageHelper undefined| findIndexFunction function| getRemoveSpecialValuesSubmitValue number| __elementIdCounter object| cookieScripts object| LogoutTimer object| base64 object| FontDetect object| Ux object| MyApp object| iNoBounce undefined| outDatedBrowser function| browserCheck object| geoip2 function| gtag object| dataLayer function| fbq function| _fbq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO undefined| firstHtml string| webPropertyId object| loader function| onSuccess function| onError function| headerPatientPortalBack function| displaySuggestions function| removeProvider function| removeOffNetworkPayee function| registerRemovePayeeTooltip function| registerAllRemovePayeeTooltips function| EncodeApostropheAndURIComponent function| payeeTileRedirect function| handlePayNow function| handleGoTo function| handleGoToCheckIn function| closeMenu function| displayPayeeDropDown function| displayFeatureDetails function| NavigateToLoginPage function| NavigateToSignUpPage function| revealEmailField function| quickPayForgotPassword object| PaymentReceiptController object| TextMessageEnrollmentController object| QuickPaySignUpController object| MyAccountController object| QuickPayLoginController object| FindProviderController object| QuickPayOptimizedProviderLandingController object| PaymentActionController object| ResetPasswordController object| IdleTimerController object| GridController object| PushNotificationController object| PatientPortalLoginController object| SignUpController object| google_conversion_id object| google_custom_params object| google_remarketing_only object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView string| id object| backButton undefined| menuButton

11 Cookies

Domain/Path Name / Value
pay-staging.usbank.com/ Name: __cflb
Value: 02DiuFtWtEwUaUu5mHj5JXrpCk4yC7A6YefKJsqHueZoJ
pay-staging.usbank.com/ Name: ASP.NET_SessionId_PatientPayments
Value: 2w2np0wj4stkmdknoo2jelar
pay-staging.usbank.com/ Name: RequestKeyPatientPortal
Value: 107989E70C46699D54B27729087ED09952BDB481A6B278B50D34FD838FC87B36
pay-staging.usbank.com/ Name: MY_SESSION
Value: !CYFL3fjMhi4tuHIr3Y0zmf+Q17UbUhHc04WaDKRg/OrchFL1BCS2yF+qQxkYpiaj2eGlfNVkEQTXyQ==
.pay-staging.usbank.com/ Name: TS016d09f1
Value: 01ab9304e44a00e305ed52f42ba758bd00326710c823a50a37a29a6cbebec9b0a15fccd5cb52ad687c939da23ed09a49979c54ea58094913d0704ef12a07483f0bdfbcc29c38cd77c8e468ea1ea7ec9f4c2ebaaa32884622d3c835fd0ad7f1d04cd062d9153b6f9f5cb5141313a6edba09f79a6969
.usbank.com/ Name: _gcl_au
Value: 1.1.601854514.1641268357
.usbank.com/ Name: _ga
Value: GA1.2.1256786334.1641268357
.usbank.com/ Name: _gid
Value: GA1.2.256896757.1641268357
.usbank.com/ Name: _fbp
Value: fb.1.1641268357270.721975334
.doubleclick.net/ Name: IDE
Value: AHWqTUnqAxK4tGDu4srwcbsVZQRMAjp1A-sX-aJL2NP6bb3y17KjVwbC2uYfRwdU
.usbank.com/ Name: _gat_gtag_UA_16010902_1
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
geoip-js.com
googleads.g.doubleclick.net
instamedstg.cachefly.net
js.maxmind.com
maps.googleapis.com
pay-staging.usbank.com
stats.g.doubleclick.net
www-staging.instamed.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.instamed.com
142.250.185.226
162.159.134.80
205.234.175.175
2606:4700:7::a29f:8650
2606:4700::6810:262f
2606:4700::6812:aef
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:400c:c08::9c
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f10c:83:face:b00c:0:25de
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1fa7320b432fc2886dd385af3ee867711d7e4dd63d0d94a6b1760f44ea81b7f2
21657923047e8f506a6a4860331bd799208f250ee9fd9be0533bc27a7f5e3ab1
27fc4191abb7a15392cb19fc965cc94fdeacf6a940520dd132f13addd4278edb
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fe5fb2d025e0a2a028376783078622313bb93ec4a64cae7a8f6c0463507b2b1
3052defe05c9270ffc4d4165993964b2f7595dab0442d2576243919adf27eb79
318e2882a38aa9be900ff63e128acfac9541e451df8dc49dd3d1c4502895c6ef
320d3688e085f8485936ee044e694fecb35f3eaf0e68a3efe98bdaf41eaed987
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
373ce1729bafd14229009844b792efe7858a6c950d57bedccdf5b7d1a45f3bd2
3881a42ec2707f5c7a5248495c6da1681bd70dc309ba513e80a291388bf47663
3a794323056095d4ae3d4bccb01fdb689b186c5343f70248d41e61e951cf72fb
45c417bd7d8b428a8f72bdb5afe240b523afb2eea9e7d643e1e4651edd1c38be
4bfaf03a17946c7a9fdd34a1d8dececa6796509ff57c6c7510accb204dc0d3be
56fad914df6d2321e0c0ae07040d3ddbd0f4068bfe3414ef4758d28973c35924
5947ac88799d239915a73a10a19a802511272be4a426ea32e061620f558400b1
5f5649a6ca65aef715e2d563e6f543cf1c12bd570621ae8757c3bbc28eb5b18d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7f5bc2b8ec77d290768a5dc73ae043270ba4703aa4c86f1f0fd61eda91fb096c
91c0f82da0e406586548f0f0bcd5e84e588078fc824ec2851741c1e7cc2173ea
9abc7651387c3362102fa2175ae3df7ac75f98a6f97f8a64a31531833d185b00
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6ff3d0bff69997d284ece34fbf5423e2da45beca02424a429856a02e4109a13
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
be75a312639698f5999363866139f4fac615e42dc79f03e92137dce261ae2f83
c0ba49fb55d6cb3b25cceaf5af4bf5de73e92285488778f0b061243b43b0933c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d58b47e7e582adf9d81673bdc27de991b4fe63c6721ba4182b4f0891ebb9408c
d943c1fbc5da0bc24b1628d9830e0954fcce2df45ad8cf4cbc774bcbe97ae5cb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ebaa2d0dfa63ffc1b49ad0de18a3629f4a1c44f62f07bb1c78daf957b0f766f7
ec32b6d8576a1d50be79fb8b9774d79c5c21a7e4dd91324eff14a89e96e2015d
ec3b8ff6b34d7ab1766d46aaec94307596788c8cca2ae1e0ec66f0893c8df2f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f419f6933786000d3a0d8772bd0eb8076f172a90092f7c89b59344d8bf0a23fe
f8aa99a263562709b6fdec95ac7f8b68abe54fbe61561073742e7bff2cca2813
fb48cf061b3ccfc1f9523d1b504c62c13231e56c0e518425180843e72d126b7b