www.air1.com Open in urlscan Pro
45.60.154.223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://go.pardot.com/e/763193/ton-i-recorded-this-for-you-pp/24l8zl/171769047?h=cJ0zlRMTYXP6ZD8opN1DjUZ0WnXYZuMqX4UQi...
Effective URL:
https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_conten...
Submission: On February 10 via manual (February 10th 2020, 4:25:26 pm UTC) from US

Summary HTTP 46 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 17 domains to perform 46 HTTP transactions. The main IP is 45.60.154.223, located in United States and belongs to INCAPSULA, US. The main domain is www.air1.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on May 8th 2019. Valid for: 2 years.

This is the only time www.air1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	35.174.78.146 35.174.78.146	14618 (AMAZON-AES) (AMAZON-AES)
13	45.60.154.223 45.60.154.223	19551 (INCAPSULA) (INCAPSULA)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
7	152.199.23.241 152.199.23.241	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	23.21.91.243 23.21.91.243	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
46	18

4 35.174.78.146 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-5-ue1.aws.pardot.com

go.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 45.60.154.223 (United States)

ASN19551 (INCAPSULA, US)

www.air1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 152.199.23.241 (United States)

ASN15133 (EDGECAST, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.91.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-91-243.compute-1.amazonaws.com

sample-api-v2.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	air1.com www.air1.com	178 KB
7	tiqcdn.com tags.tiqcdn.com	31 KB
4	facebook.com www.facebook.com	652 B
4	pardot.com 2 redirects go.pardot.com pi.pardot.com	6 KB
3	facebook.net connect.facebook.net	256 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	crazyegg.com script.crazyegg.com sample-api-v2.crazyegg.com	38 KB
2	youtube.com www.youtube.com	944 B
2	googleapis.com fonts.googleapis.com	1 KB
2	fontawesome.com use.fontawesome.com	60 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
1	ytimg.com s.ytimg.com	10 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	google.com apis.google.com	19 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	14 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	jquery.com code.jquery.com	30 KB
46	17

	Domain	Requested by
13	www.air1.com	www.air1.com
7	tags.tiqcdn.com	www.air1.com tags.tiqcdn.com
4	www.facebook.com	www.air1.com
3	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.air1.com
2	pi.pardot.com	tags.tiqcdn.com pi.pardot.com
2	www.youtube.com	www.air1.com s.ytimg.com
2	fonts.googleapis.com	www.air1.com
2	use.fontawesome.com	www.air1.com
2	go.pardot.com	2 redirects
1	sample-api-v2.crazyegg.com	script.crazyegg.com
1	www.googletagmanager.com	tags.tiqcdn.com
1	script.crazyegg.com	tags.tiqcdn.com
1	s.ytimg.com	www.youtube.com
1	fonts.gstatic.com	www.air1.com
1	apis.google.com	www.air1.com
1	stackpath.bootstrapcdn.com	www.air1.com
1	cdnjs.cloudflare.com	www.air1.com
1	code.jquery.com	www.air1.com
46	19

This site contains links to these domains. Also see Links.

Domain
www.testallmedia.com
donor.air1.com
www.facebook.com
instagram.com
www.twitter.com
www.pinterest.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.air1.com DigiCert SHA2 High Assurance Server CA	`2019-05-08` - `2021-08-10`	2 years	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.apis.google.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2017-10-25` - `2020-05-13`	3 years	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.pardot.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-01-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
ssl945600.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-28` - `2020-08-05`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2018-06-08` - `2020-08-05`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Frame ID: DE2A8462D6E93E79F53C8D2AEB9D2B8E
Requests: 45 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9vT2rISFOdY?autoplay=0&loop=0&controls=0&showinfo=0&autohide=1&modestbranding=1&vq=hd1080&rel=0&origin=https%3A%2F%2Fwww.air1.com&enablejsapi=1&widgetid=1
Frame ID: 41BD295A4C6D4434C79AF176446897C4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://go.pardot.com/e/763193/ton-i-recorded-this-for-you-pp/24l8zl/171769047?h=cJ0zlRMTYXP6ZD8op... HTTP 301
https://go.pardot.com/tracker/httpsRedirect?pi_email_id=171769047&request_uri_path=%2Fe%2F763193%2... HTTP 302
https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

46
Requests

100 %
HTTPS

72 %
IPv6

17
Domains

19
Subdomains

18
IPs

4
Countries

710 kB
Transfer

2613 kB
Size

18
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.testallmedia.com/air1/register-pre.aspx
Title: Become an Air1 Influencer

Search URL Search Domain Scan URL

URL: https://donor.air1.com/
Title: GIVE

Search URL Search Domain Scan URL

URL: http://www.testallmedia.com/air1/register-pre.aspx
Title: Become an Air1 Influencer

Search URL Search Domain Scan URL

URL: http://www.facebook.com/air1radio
Title:

Search URL Search Domain Scan URL

URL: http://instagram.com/air1radio
Title:

Search URL Search Domain Scan URL

URL: http://www.twitter.com/air1radio
Title:

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/air1radio
Title:

Search URL Search Domain Scan URL

URL: http://www.youtube.com/air1radio
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/kloveair1/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://go.pardot.com/e/763193/ton-i-recorded-this-for-you-pp/24l8zl/171769047?h=cJ0zlRMTYXP6ZD8opN1DjUZ0WnXYZuMqX4UQiNHkc7o HTTP 301
https://go.pardot.com/tracker/httpsRedirect?pi_email_id=171769047&request_uri_path=%2Fe%2F763193%2Fton-i-recorded-this-for-you-pp%2F24l8zl%2F171769047&https_redirect=1&tracker_id=27196187&account_id=763193&visitor_id=27524703&link_type=1 HTTP 302
https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set lees-candid-moment Show response
www.air1.com/email/
Redirect Chain

http://go.pardot.com/e/763193/ton-i-recorded-this-for-you-pp/24l8zl/171769047?h=cJ0zlRMTYXP6ZD8opN1DjUZ0WnXYZuMqX4UQiNHkc7o
https://go.pardot.com/tracker/httpsRedirect?pi_email_id=171769047&request_uri_path=%2Fe%2F763193%2Fton-i-recorded-this-for-you-pp%2F24l8zl%2F171769047&https_redirect=1&tracker_id=27196187&account_i...
https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp

26 KB
6 KB

812ms
731ms

Document
text/html

45.60.154.223
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.154.223 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 07f770817e53909acdf2b294f22ea02a524706c19a9bf7d8451714763c2d5cff

Request headers

Host: www.air1.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 10 Feb 2020 16:25:06 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Request-Context: appId=cid-v1:739b5b90-6a3a-4ba1-b21f-f52e9ed461ef
Set-Cookie: ARRAffinity=8936bd4a12e60db0a554f5937e1a16edce8ba520c268213fd4382beb24a87865;Path=/;HttpOnly;Domain=www.air1.com visid_incap_2009076=gAcP1ZiZSnSwU3ltsallt+GDQV4AAAAAQUIPAAAAAABsPD+FHr2Q3scGX4Zo1C33; expires=Tue, 09 Feb 2021 08:48:23 GMT; path=/; Domain=.air1.com nlbi_2009076=cCpFPSgQKV3qHIvB3NDKMwAAAAAPtbbiis8XGdBz3JlGJlKk; path=/; Domain=.air1.com incap_ses_451_2009076=BLptYWWMYzzghSoNxEdCBuKDQV4AAAAA0XpQ+Vsr86lsliw16chVfw==; path=/; Domain=.air1.com ___utmvmFEuKMwDB=CIXeGcHPXOV; path=/; Max-Age=900 ___utmvaFEuKMwDB=AwdNMMW; path=/; Max-Age=900 ___utmvbFEuKMwDB=tZu XMCOkalW: btX; path=/; Max-Age=900
X-CDN: Incapsula
Transfer-Encoding: chunked
X-Iinfo: 3-33429011-33429012 NNNN CT(145 293 0) RT(1581351905436 20) q(0 0 4 0) r(7 7) U12

Redirect headers

Date: Mon, 10 Feb 2020 16:25:05 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Set-Cookie: visitor_id763193=27524703; expires=Thu, 07-Feb-2030 16:25:05 GMT; Max-Age=315360000; path=/; SameSite=None; domain=.pardot.com; secure visitor_id763193-hash=4fd58e29308b14df8de31d25cfa77c83cda128d8d3e478fb1d75a64f7c195bddf11e43d53dee4485fddd3b52dd7665acb7bbde2f; expires=Thu, 07-Feb-2030 16:25:05 GMT; Max-Age=315360000; path=/; SameSite=None; domain=.pardot.com; secure
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 190
Content-Type: text/html; charset=UTF-8
X-Pardot-Route: 32427ff3465437d362f61c790f7d2406
Server: PardotServer
X-Pardot-LB: d3d7f55bb0643f40d338b3c1e133d5c5
Connection: keep-alive

GET
H/1.1 200
OK air1.css
www.air1.com/styles/css/ 324 KB
47 KB 20ms
20ms Stylesheet
text/css 45.60.154.223
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.air1.com/styles/css/air1.css?v=19
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.154.223 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c110c3ef298630dce5070f8f057bb4b3eccc138bd815b53209d88d4da71edd73

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 10 Feb 2020 16:25:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Feb 2020 18:01:08 GMT
X-CDN: Incapsula
Etag: "0aa592e0ddd51:0"
Content-Type: text/css
X-Iinfo: 3-33429011-33395071 2CNN RT(1581351905436 756) q(0 0 0 -1) r(0 0)
Cache-Control: max-age=1, public
Content-Length: 47354
Expires: Mon, 10 Feb 2020 16:25:07 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.0/css/ 33 KB
8 KB 77ms
26ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.0/css/all.css
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9f29f2bbb25602f4bdbd3122c317244f8fd9741106ffd5a412574b02ee794993

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 16:25:06 GMT
content-encoding: gzip
last-modified: Fri, 01 Dec 2017 19:24:02 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"e35d9c4ebaea0573df8e4a9505b72eea"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 css
fonts.googleapis.com/ 417 B
700 B 35ms
16ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Days+One

Requested by

Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3353f2ec3320b49a0381cf48dfbd5704efc028aa8f55fe40a63d50b28716ac1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 10 Feb 2020 16:25:06 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 10 Feb 2020 16:25:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 10 Feb 2020 16:25:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
550 B 44ms
26ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d63b9ae0f8cccb888886d453950046c6925e5bb4e2a9096d5ad1d2f14d573a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 10 Feb 2020 16:25:06 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 10 Feb 2020 16:25:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 10 Feb 2020 16:25:06 GMT

GET
H/1.1 200
OK air1.css
www.air1.com/styles/css/ 324 KB
47 KB 55ms
19ms Stylesheet
text/css 45.60.154.223
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.air1.com/styles/css/air1.css?v=2.0.0.6
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.154.223 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c110c3ef298630dce5070f8f057bb4b3eccc138bd815b53209d88d4da71edd73

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 10 Feb 2020 16:25:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Feb 2020 18:01:08 GMT
X-CDN: Incapsula
Etag: "0aa592e0ddd51:0"
Content-Type: text/css
X-Iinfo: 5-54393575-54388811 2CNN RT(1581351906210 18) q(0 0 0 -1) r(0 0)
Cache-Control: max-age=1, public
Content-Length: 47354
Expires: Mon, 10 Feb 2020 16:25:07 GMT

GET
H/1.1 200
OK jquery-2.1.3.min.js Show response
www.air1.com/sitecore%20modules/Web/ExperienceForms/scripts/ 83 KB
30 KB 56ms
20ms Script
application/x-javascript 45.60.154.223
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.air1.com/sitecore%20modules/Web/ExperienceForms/scripts/jquery-2.1.3.min.js
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.154.223 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 49d1ce8511bdc39d1cce9c34aa947917423a067f9ee4d6e70e120422d9506542

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 10 Feb 2020 16:25:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Aug 2018 18:20:30 GMT
X-CDN: Incapsula
Etag: "02b2fd08d35d41:0"
Content-Type: application/x-javascript
X-Iinfo: 4-45819426-0 0CNN RT(1581351906210 19) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=55635, public
Content-Length: 30085
Expires: Tue, 11 Feb 2020 07:52:21 GMT

GET
H/1.1 200
OK jquery.validate.min.js Show response
www.air1.com/sitecore%20modules/Web/ExperienceForms/scripts/ 22 KB
8 KB 57ms
20ms Script
application/x-javascript 45.60.154.223
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.air1.com/sitecore%20modules/Web/ExperienceForms/scripts/jquery.validate.min.js
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.154.223 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6de69d3256186ef62119ad793842f8776268e3345cfe397345b0422345be587e

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 10 Feb 2020 16:25:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Aug 2018 18:20:30 GMT
X-CDN: Incapsula
Etag: "02b2fd08d35d41:0"
Content-Type: application/x-javascript
X-Iinfo: 10-31572069-0 0CNN RT(1581351906210 20) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=55635, public
Content-Length: 7342
Expires: Tue, 11 Feb 2020 07:52:21 GMT

GET
H/1.1 200
OK jquery.validate.unobtrusive.min.js Show response
www.air1.com/sitecore%20modules/Web/ExperienceForms/scripts/ 5 KB
3 KB 57ms
21ms Script
application/x-javascript 45.60.154.223
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.air1.com/sitecore%20modules/Web/ExperienceForms/scripts/jquery.validate.unobtrusive.min.js
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.154.223 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a7a781b03ba782126e9848a7388ac4fc35eeaa99b3e5d9ea973092a81b60eb38

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 10 Feb 2020 16:25:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Aug 2018 18:20:30 GMT
X-CDN: Incapsula
Etag: "02b2fd08d35d41:0"
Content-Type: application/x-javascript
X-Iinfo: 9-18596272-0 0CNN RT(1581351906210 20) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=55635, public
Content-Length: 1953
Expires: Tue, 11 Feb 2020 07:52:21 GMT

GET
H/1.1 200
OK jquery.unobtrusive-ajax.min.js Show response
www.air1.com/sitecore%20modules/Web/ExperienceForms/scripts/ 3 KB
2 KB 58ms
21ms Script
application/x-javascript 45.60.154.223
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.air1.com/sitecore%20modules/Web/ExperienceForms/scripts/jquery.unobtrusive-ajax.min.js
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.154.223 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 15121af0c6d46f68e55bd3cce318dfa106d80745169531fb1d382b221031eafa

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 10 Feb 2020 16:25:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Aug 2018 18:20:30 GMT
X-CDN: Incapsula
Etag: "02b2fd08d35d41:0"
Content-Type: application/x-javascript
X-Iinfo: 1-18929938-0 0CNN RT(1581351906210 22) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=55635, public
Content-Length: 1258
Expires: Tue, 11 Feb 2020 07:52:21 GMT

GET
H/1.1 200
OK form.validate.js Show response
www.air1.com/sitecore%20modules/Web/ExperienceForms/scripts/ 2 KB
1 KB 58ms
19ms Script
application/x-javascript 45.60.154.223
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.air1.com/sitecore%20modules/Web/ExperienceForms/scripts/form.validate.js
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.154.223 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ef02bc2ddcec4dd20668fede0572c1a93e3b9cf72b471d6186e2366e39ac54d9

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 10 Feb 2020 16:25:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Aug 2018 18:20:30 GMT
X-CDN: Incapsula
Etag: "02b2fd08d35d41:0"
Content-Type: application/x-javascript
X-Iinfo: 3-33429011-0 0CNN RT(1581351905436 797) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=55635, public
Content-Length: 541
Expires: Tue, 11 Feb 2020 07:52:21 GMT

GET
H/1.1 200
OK form.tracking.js Show response
www.air1.com/sitecore%20modules/Web/ExperienceForms/scripts/ 5 KB
2 KB 76ms
19ms Script
application/x-javascript 45.60.154.223
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.air1.com/sitecore%20modules/Web/ExperienceForms/scripts/form.tracking.js
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.154.223 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 65692195843c63a05b6846b253eb2d7bbf70b8e288347a5152e0dbe793306925

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 10 Feb 2020 16:25:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Aug 2018 18:20:30 GMT
X-CDN: Incapsula
Etag: "02b2fd08d35d41:0"
Content-Type: application/x-javascript
X-Iinfo: 9-18596272-0 0CNN RT(1581351906210 41) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=55635, public
Content-Length: 1704
Expires: Tue, 11 Feb 2020 07:52:21 GMT

GET
H/1.1 200
OK air1-logo.png
www.air1.com/-/media/air1/ 12 KB
13 KB 227ms
227ms Image
image/png 45.60.154.223
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.air1.com/-/media/air1/air1-logo.png?h=73&la=en&w=160&hash=55A822880360331F064CC625795D204B
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.154.223 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cbfd528fb5f5eb028aa3a6681202151b508dae396a94b69ab501abf0e408149f

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 10 Feb 2020 16:25:06 GMT
Last-Modified: Fri, 28 Jun 2019 20:12:11 GMT
Server: Microsoft-IIS/10.0
Request-Context: appId=cid-v1:739b5b90-6a3a-4ba1-b21f-f52e9ed461ef
Content-Type: image/png
X-Iinfo: 1-18929938-18929941 NNNY CT(0 0 0) RT(1581351906210 41) q(0 0 0 -1) r(2 2) U2
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="air1-logo.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12697
X-CDN: Incapsula
Expires: Mon, 17 Feb 2020 16:25:06 GMT

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 30ms
6ms Script
application/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Origin: https://www.air1.com

Response headers

Date: Mon, 10 Feb 2020 16:25:06 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
ETag: W/"5a637bd4-1538f"
Vary: Accept-Encoding
X-HW: 1581351906.dop098.fr8.t,1581351906.cds051.fr8.shn,1581351906.cds051.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30288

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 32ms
18ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Origin: https://www.air1.com

Response headers

date: Mon, 10 Feb 2020 16:25:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 8846130
cf-ray: 562f6fe95881c281-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:25:14 GMT
server: cloudflare
etag: W/"5afd4a7a-500f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 30 Jan 2021 16:25:06 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
14 KB 39ms
8ms Script
text/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Origin: https://www.air1.com

Response headers

date: Mon, 10 Feb 2020 16:25:06 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:53 GMT
access-control-allow-origin: *
etag: "1544639633"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 14038

GET
H2 200 platform.js Show response
apis.google.com/js/ 48 KB
19 KB 48ms
28ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5a32cb751bb193335afccb5408b38ae908bca6deb11bcee513e95b0c49faa74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 16:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-OACHt2B2oXVmB6FwJakuUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "06b0d0db64c2b82c836462cf13496b69"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Mon, 10 Feb 2020 16:25:06 GMT

GET
H/1.1 200
OK analytics-events.js Show response
www.air1.com/scripts/pagecontent/ 1 KB
699 B 19ms
19ms Script
application/x-javascript 45.60.154.223
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.air1.com/scripts/pagecontent/analytics-events.js
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.154.223 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 18fe8309f4685a36cf1cf513a092e847d8f69a3c1fb97f72a82b0a145adc8ece

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 10 Feb 2020 16:25:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Feb 2020 18:01:08 GMT
X-CDN: Incapsula
Etag: "0aa592e0ddd51:0"
Content-Type: application/x-javascript
X-Iinfo: 5-54393575-54389735 2CNN RT(1581351906210 85) q(0 0 0 -1) r(0 0)
Cache-Control: max-age=1, public
Content-Length: 320
Expires: Mon, 10 Feb 2020 16:25:07 GMT

GET
H/1.1 200
OK _Incapsula_Resource Show response
www.air1.com/ 121 KB
17 KB 22ms
22ms Script
application/javascript 45.60.154.223
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.air1.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1680396738
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.154.223 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: bf795ae842b9e240b64618c72b2c3f09e7e1ed93ac91847ef71cc9c71cc93833

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: no-cache
X-Robots-Tag: noindex
Content-Length: 17507
Content-Type: application/javascript

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/emf/air1/prod/ 41 KB
13 KB 243ms
186ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/emf/air1/prod/utag.js
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lab/771A) /
Resource Hash: 5c3d73b408160ab9f8ed99b94d3cd7cc078fc2a508b35b8272bf450a2cda7a3c

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 16:25:06 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 18:19:50 GMT
server: ECAcc (lab/771A)
age: 284
etag: "3570418540"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 13015
expires: Mon, 10 Feb 2020 16:30:07 GMT

GET
H2 200 mem9YaCnxnKRiYZOCIYScrg0V8Bs.woff2
fonts.gstatic.com/s/daysone/v9/ 14 KB
14 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/daysone/v9/mem9YaCnxnKRiYZOCIYScrg0V8Bs.woff2

Requested by

Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8df9152a32b65cb6893a419867bb336dd8e49f481c548a136df2b4d52512b2af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Days+One
Origin: https://www.air1.com

Response headers

date: Wed, 05 Feb 2020 01:01:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 02:46:46 GMT
server: sffe
age: 487398
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13880
x-xss-protection: 0
expires: Thu, 04 Feb 2021 01:01:48 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
944 B 20ms
20ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

5bf3373e9a16a8975a8b22dadff75519eb86167fc3c1d9b5b8500742642ed6d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 16:25:06 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.0/webfonts/ 51 KB
52 KB 72ms
24ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.0/webfonts/fa-brands-400.woff2
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 45e39853c41558c4922ff1b0895547a99e378f136ec3d9d2f4df15cc269485fa

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://use.fontawesome.com/releases/v5.0.0/css/all.css
Origin: https://www.air1.com

Response headers

date: Mon, 10 Feb 2020 16:25:06 GMT
last-modified: Fri, 01 Dec 2017 19:27:32 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "657e828fb3a5963706e24cbf9d711bb8"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 52648

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflMm4105/ 27 KB
10 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflMm4105/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eeb62f42f906010abc435828d4dbbea5ed5d87068c09308e89318f395417a874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 08:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28494
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10239
x-xss-protection: 0
last-modified: Fri, 07 Feb 2020 18:19:36 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 18 Feb 2020 08:30:12 GMT

GET
H/1.1 200
OK _Incapsula_Resource
www.air1.com/ 1 B
113 B 18ms
18ms Image
text/plain 45.60.154.223
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.air1.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7020982307318848
Requested by: Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.154.223 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-cache
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H2 200 9vT2rISFOdY
www.youtube.com/embed/ Frame 41BD 0
0 158ms
158ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/9vT2rISFOdY?autoplay=0&loop=0&controls=0&showinfo=0&autohide=1&modestbranding=1&vq=hd1080&rel=0&origin=https%3A%2F%2Fwww.air1.com&enablejsapi=1&widgetid=1

Requested by

Host: s.ytimg.com
URL: https://s.ytimg.com/yts/jsbin/www-widgetapi-vflMm4105/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/9vT2rISFOdY?autoplay=0&loop=0&controls=0&showinfo=0&autohide=1&modestbranding=1&vq=hd1080&rel=0&origin=https%3A%2F%2Fwww.air1.com&enablejsapi=1&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp

Response headers

status: 200
cache-control: no-cache
strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-type: text/html; charset=utf-8
content-encoding: br
x-content-type-options: nosniff
date: Mon, 10 Feb 2020 16:25:07 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=oXsgZyCer40; path=/; domain=.youtube.com; secure; expires=Sat, 08-Aug-2020 16:25:06 GMT; httponly; samesite=None YSC=o0DIFYpPy0U; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Mon, 10-Feb-2020 16:55:06 GMT VISITOR_INFO1_LIVE=oXsgZyCer40; path=/; domain=.youtube.com; secure; expires=Sat, 08-Aug-2020 16:25:06 GMT; httponly; samesite=None
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 utag.4.js Show response
tags.tiqcdn.com/utag/emf/air1/prod/ 16 KB
4 KB 26ms
25ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/emf/air1/prod/utag.4.js?utv=ut4.46.202001081939
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/emf/air1/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B45) /
Resource Hash: 8de6a0009211bb8ebd240c04c4a575fe60ee0044bf564cbcbe9e1023f16c0f83

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 16:25:07 GMT
content-encoding: gzip
last-modified: Mon, 26 Aug 2019 16:27:01 GMT
server: ECAcc (ama/8B45)
age: 236208
etag: "455328587+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 4471
expires: Tue, 25 Feb 2020 16:25:07 GMT

GET
H2 200 utag.3.js Show response
tags.tiqcdn.com/utag/emf/air1/prod/ 2 KB
1 KB 23ms
22ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/emf/air1/prod/utag.3.js?utv=ut4.46.202001081939
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/emf/air1/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B55) /
Resource Hash: 98c80f863908b148f274c57c3e5cfe0dbd6b64f60165f1e7012cb4ed0701276c

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 16:25:07 GMT
content-encoding: gzip
last-modified: Fri, 26 Jul 2019 20:41:38 GMT
server: ECAcc (ama/8B55)
age: 236208
etag: "3488193371+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1042
expires: Tue, 25 Feb 2020 16:25:07 GMT

GET
H2 200 utag.11.js Show response
tags.tiqcdn.com/utag/emf/air1/prod/ 18 KB
6 KB 21ms
20ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/emf/air1/prod/utag.11.js?utv=ut4.46.202001081939
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/emf/air1/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AE5) /
Resource Hash: d91d92adc05d5a881e572f197688ef4236d0e618a2bbdb8898aff502e0557292

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 16:25:07 GMT
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 21:03:55 GMT
server: ECAcc (ama/8AE5)
age: 236208
etag: "3407163682+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 6090
expires: Tue, 25 Feb 2020 16:25:07 GMT

GET
H2 200 utag.9.js Show response
tags.tiqcdn.com/utag/emf/air1/prod/ 18 KB
6 KB 23ms
23ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/emf/air1/prod/utag.9.js?utv=ut4.46.202001081939
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/emf/air1/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B31) /
Resource Hash: c5c96fb55a5273ea7142b26b7882258dfc61e705d41052135bb319145ba9a570

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 16:25:07 GMT
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 21:03:55 GMT
server: ECAcc (ama/8B31)
age: 236208
etag: "1208792851+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 6088
expires: Tue, 25 Feb 2020 16:25:07 GMT

GET
H2 200 utag.13.js Show response
tags.tiqcdn.com/utag/emf/air1/prod/ 601 B
473 B 24ms
24ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/emf/air1/prod/utag.13.js?utv=ut4.46.202001301819
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/emf/air1/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AB1) /
Resource Hash: eb8826f2a87241db34d6a9e83e7495b832990481552fec879b22605901dc69dd

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 16:25:07 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 18:19:50 GMT
server: ECAcc (ama/8AB1)
age: 236208
etag: "3795860951+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 398
expires: Tue, 25 Feb 2020 16:25:07 GMT

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 454ms
114ms Script
application/javascript 35.174.78.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/emf/air1/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-5-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: f6652dacc3641651bf842bb18861c6fbb66581a3dd2c41dde3226764740684b6

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 10 Feb 2020 16:25:07 GMT
Content-Encoding: gzip
X-Pardot-Route: ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB: d3d7f55bb0643f40d338b3c1e133d5c5
Last-Modified: Mon, 29 Oct 2018 18:54:30 GMT
Server: PardotServer
ETag: "13e7-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1817
Expires: Wed, 09 Feb 2022 16:25:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
31 KB 22ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/emf/air1/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: r40MsRgyJ+SrPSNRcXXUXI/QvjakmZ7+BFYewIevgpDoPzh0qeJUycP0hFGQrt4GGT/uCO2NdoY4O2bHI9h5Pg==
x-fb-trip-id: 1850256238
date: Mon, 10 Feb 2020 16:25:07 GMT, Mon, 10 Feb 2020 16:25:07 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2145.js Show response
script.crazyegg.com/pages/scripts/0092/ 116 KB
37 KB 56ms
33ms Script
application/x-javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0092/2145.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/emf/air1/prod/utag.13.js?utv=ut4.46.202001301819
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c13dfd55ce340bba4864b7e4fe9a5666fd84ed9824661f9d18b96ddd1b497f41

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 16:25:07 GMT
via: 1.1 07b994ddf00f39c9e5b18a963a695fd4.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57005
cf-polished: origSize=118881
x-cache: Miss from cloudfront
status: 200
content-encoding: gzip
last-modified: Fri, 07 Feb 2020 21:43:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
x-amz-cf-pop: LHR3-C2
cf-ray: 562f6feb99c4175a-FRA
x-amz-cf-id: 6zVE6HEPvagl1UaQJoIwvyzbz1QV2dylAhWyQz2OoUy72TewabGUrw==
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-10287248-2

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/emf/air1/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

484a1af1ab08bf9c6d6b1ac684e1efcc2b7f1a44a07113a3c308439319927b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 16:25:07 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=604800; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28365
x-xss-protection: 0
last-modified: Mon, 10 Feb 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Feb 2020 16:25:07 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
124 B 20ms
19ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=emf/air1/202001301819&cb=1581351907115
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/emf/air1/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AE1) /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 16:25:07 GMT
last-modified: Thu, 14 Apr 2016 16:59:33 GMT
server: ECAcc (ama/8AE1)
age: 236217
etag: "2243872957"
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Mon, 10 Feb 2020 16:35:07 GMT

GET
H2 200 157629738157554 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 66ms
66ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/157629738157554?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9c4de314c49e631dd892c3068787c1ce85d6863c2a7bbf8c68cec5068684d3c2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: TTsQ1iRhazaqZ4NcdV59+kaB6c1ajYniG4WTG+CUAmeTXGbxBV8oOxjB6kux+Hxe+MfY6lkduNCr52Aiz0T8kg==
x-fb-trip-id: 1850256238
date: Mon, 10 Feb 2020 16:25:07 GMT, Mon, 10 Feb 2020 16:25:07 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-10287248-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 6695
date: Mon, 10 Feb 2020 14:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Mon, 10 Feb 2020 16:33:32 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
6ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j80&aip=1&a=1106732565&t=pageview&_s=1&dl=https%3A%2F%2Fwww.air1.com%2Femail%2Flees-candid-moment%3Futm_source%3DEmail%26utm_medium%3DList-Email%26utm_campaign%3DA1PD2002%26utm_content%3Dbutton-i-recorded-this-for-you-pp&ul=en-us&de=UTF-8&dt=Hi%2C%20it%27s%20Lee!%20%7C%20Air1%20Worship%20Now&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=oEBAAUAB~&cid=1066576913.1581351907&uid=01702feb2f050002a252f2b01f4300079009807100b08&tid=UA-10287248-2&_gid=1958139274.1581351907&gtm=2ou1t0&z=1763420350

Requested by

Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 02:07:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 483458
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK all Show response
sample-api-v2.crazyegg.com/n/922145/ 66 B
593 B 430ms
113ms XHR
text/html 23.21.91.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sample-api-v2.crazyegg.com/n/922145/all?v=7&user_script_version=1581111733

Requested by

Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0092/2145.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.21.91.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-21-91-243.compute-1.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

6c5ed2fa605e0be04f134d0cf46084b2be762d1e263fe2d44316266f9ef91486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
Origin: https://www.air1.com

Response headers

Date: Mon, 10 Feb 2020 16:25:07 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.12.1
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Content-Length: 66
X-XSS-Protection: 1; mode=block

GET
H2 200 1016321115107851 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 63ms
62ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1016321115107851?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96005414e2ea06a2741137c50ad403044d530512f1eef613131f8c067ae977db

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: peGJKRjOqBDYDvy7niwYGCS49AmuZ6szxAkqeCj/PHL0UHdbDDyyNLXE5StdoMGAWDvWHEMy7XjOOswsjuInsQ==
x-fb-trip-id: 1850256238
date: Mon, 10 Feb 2020 16:25:07 GMT, Mon, 10 Feb 2020 16:25:07 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
349 B 19ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=157629738157554&ev=PageView&dl=https%3A%2F%2Fwww.air1.com%2Femail%2Flees-candid-moment%3Futm_source%3DEmail%26utm_medium%3DList-Email%26utm_campaign%3DA1PD2002%26utm_content%3Dbutton-i-recorded-this-for-you-pp&rl=&if=false&ts=1581351907252&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1581351907251.455711800&it=1581351907150&coo=false&rqm=GET

Requested by

Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 16:25:07 GMT, Mon, 10 Feb 2020 16:25:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Mon, 10 Feb 2020 16:25:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1016321115107851&ev=PageView&dl=https%3A%2F%2Fwww.air1.com%2Femail%2Flees-candid-moment%3Futm_source%3DEmail%26utm_medium%3DList-Email%26utm_campaign%3DA1PD2002%26utm_content%3Dbutton-i-recorded-this-for-you-pp&rl=&if=false&ts=1581351907344&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1581351907251.455711800&it=1581351907150&coo=false&rqm=GET

Requested by

Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 16:25:07 GMT, Mon, 10 Feb 2020 16:25:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Mon, 10 Feb 2020 16:25:07 GMT

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ 257 B
2 KB 534ms
534ms Script
text/javascript 35.174.78.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&pi_opt_in=&campaign_id=38807&account_id=764193&title=Hi%2C%20it%27s%20Lee!%20%7C%20Air1%20Worship%20Now&url=https%3A%2F%2Fwww.air1.com%2Femail%2Flees-candid-moment%3Futm_source%3DEmail%26utm_medium%3DList-Email%26utm_campaign%3DA1PD2002%26utm_content%3Dbutton-i-recorded-this-for-you-pp&referrer=&utm_campaign=A1PD2002&utm_medium=List-Email&utm_source=Email&utm_content=button-i-recorded-this-for-you-pp
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-5-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 693e1b969c20e37a76ad0f0a17ff1a3302b1c4c14bf3d1451fc93544a052a233

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Feb 2020 16:25:07 GMT
Content-Encoding: gzip
X-Pardot-Route: 13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB: d3d7f55bb0643f40d338b3c1e133d5c5
X-Pardot-Rsp: 16/91/54
Vary: Accept-Encoding,User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 197
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=157629738157554&ev=Microdata&dl=https%3A%2F%2Fwww.air1.com%2Femail%2Flees-candid-moment%3Futm_source%3DEmail%26utm_medium%3DList-Email%26utm_campaign%3DA1PD2002%26utm_content%3Dbutton-i-recorded-this-for-you-pp&rl=&if=false&ts=1581351907754&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Hi%2C%20it%27s%20Lee!%20%7C%20Air1%20Worship%20Now%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Air1%20Worship%20Now%22%2C%22og%3Atype%22%3A%22%22%2C%22og%3Atitle%22%3A%22Hi%2C%20it%27s%20Lee!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.air1.com%2F-%2Fmedia%2Fair1%2Fa1-facebook-og-image.jpg%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fjpeg%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.air1.com%2Femail%2Flees-candid-moment%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1581351907251.455711800&it=1581351907150&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 16:25:07 GMT, Mon, 10 Feb 2020 16:25:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Mon, 10 Feb 2020 16:25:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1016321115107851&ev=Microdata&dl=https%3A%2F%2Fwww.air1.com%2Femail%2Flees-candid-moment%3Futm_source%3DEmail%26utm_medium%3DList-Email%26utm_campaign%3DA1PD2002%26utm_content%3Dbutton-i-recorded-this-for-you-pp&rl=&if=false&ts=1581351907845&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Hi%2C%20it%27s%20Lee!%20%7C%20Air1%20Worship%20Now%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Air1%20Worship%20Now%22%2C%22og%3Atype%22%3A%22%22%2C%22og%3Atitle%22%3A%22Hi%2C%20it%27s%20Lee!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.air1.com%2F-%2Fmedia%2Fair1%2Fa1-facebook-og-image.jpg%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fjpeg%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.air1.com%2Femail%2Flees-candid-moment%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1581351907251.455711800&it=1581351907150&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.air1.com
URL: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.air1.com/email/lees-candid-moment?utm_source=Email&utm_medium=List-Email&utm_campaign=A1PD2002&utm_content=button-i-recorded-this-for-you-pp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 16:25:07 GMT, Mon, 10 Feb 2020 16:25:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Mon, 10 Feb 2020 16:25:07 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: o0DIFYpPy0U
www.air1.com/	1970-01-22 22:51:51	Name: visitor_id763193-hash Value: f4492ebbe1788b4ba883e3960d74d39ab06d30a74b40e70edb7f7daf9d6131172d84d2beacfba676f91f01b190d648856acbe76f
.youtube.com/	1970-01-19 11:35:03	Name: VISITOR_INFO1_LIVE Value: oXsgZyCer40
www.air1.com/	1970-01-22 22:51:51	Name: visitor_id763193 Value: 27524719
.air1.com/	1970-01-19 09:25:27	Name: _fbp Value: fb.1.1581351907251.455711800
.air1.com/	1970-01-19 07:17:18	Name: _gid Value: GA1.2.1958139274.1581351907
.air1.com/	1970-01-19 07:16:06	Name: utm_content Value: button-i-recorded-this-for-you-pp
.www.air1.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 8936bd4a12e60db0a554f5937e1a16edce8ba520c268213fd4382beb24a87865
www.air1.com/	1970-01-19 07:15:51	Name: ___utmvc Value: rW9fqegsoQZcioUHQmA9xrDvTzanqE1WYgsxqBNI0bsI0WxmO6lGnwdUDBIw7jJ4TNoqaqyh1D7i6sPlKOX2y2ih4PZ4RcDBF8rPYMYpxI3OMJFxeBicl96XoueXrTSlGanJGHU2CIM1EKiXMdAT+2ek/232s+5hRqPAA/JoL9Nwu7TA/oNRAHY/TvOEkDaqrtMHjzzCJbdNddHXfdZQlUB+6LvTZVkQORnKuynfRw7+heP/4IgRN4y8PD/V/rIzpzBJ/2rzeDP0aT+IbZedy+1vlte403P/zhPBsgMsecSfdU2oft2e0pHUyGcI04CTahCTCXsbui68QcXulydUCg66nSmbuS9xDl4FmSxIbpWV0b1pI2xVB3caetGZ6rnr/SDoOaO6tx3Vz3vkD9JTSy3CidF5DZ1hIerFZRzWT5kKqWU6F9gW3E3ZC8CH2UK+UcSWrbnX2Lwrq5Rn8tXhQ/b3KZbDJZXG5MuqEHcwRLNt+tndLNjNebdCgZq6TOpB6EmzUsNw96KgIGuTULfJH1ehFmKfqJZzzDARY307YVWzHOXBUxiQlzfqmWweB07efu3TmEOl9vYaNiimx0iHBNdYe+CCsYVLSczjyGRM7z/RILhtfxBxUZhPbzHzSsdaLhljkEw9HNQk6W+OvPXCftksNMPBh9n1CPKF7evNW2Q894aROqvnu5B3xOYWsYfTLPibroXG1vyV/vSDuEN1kNviXrjSwau97bIIa8+AuUMEz5BQ9Q4Xh1UYEWxRKQb4KRezSLmY8ofo6mKW5htJFyPtAKngBTJXvL9w4rBaD9N1wpqV729YXwFMAhj5fyiNtVIzEhznim4ZD4MOLNut+EHnJp8s67FbNZjzQW9e7AzyLOWZvjbGjOKkpOmAE1n20Apt0inP2WhXSvQOwLkF+wKTMb2leJJdFj3UjdkhG8Y+er2iNJcPeKdQy0PX+d69KNlt19C9iaLNmuSBLMakD+LwKQXLig1i8PBmRqkDcAFLB8B8n+i/Sx4NkpXjT9d5QjTirUNCWLO5NijW0ZcbH2maHDUX/N1xIaql4Y6JqONcKzsa6LMVefwIzo4CrBzLsl2c5ulmOhs6eovBTP57Owpwx2VyfDmSY7Lf6uDd+AAs7n95fQ6SzHAKe4xwhT0K6LqOQj6ucUPdY5o7Wma4wsxK078PvUeLT7xQ2xBYL0/eWtCmJ4Og4WvgjaTn0Zzw7qF+C+YFI71S2INXWzPANZI346i8qYdZIV0pZslAXh/rzjOrojlT1oE08PX9J4pTYfgCDBEgNBG4WuiCMmuEfuc2iXK8RXbueVvH/youC/eTJgaK/ITlrqJzF1t5JCGy6jQo2dwlGvcVpaCD0IoSS0+f6HwHaCFpgXMrOfm82uwIqvyGgnGn62837Ux0p6bwe1hn9t6C1Ll364G/LssNXxD0npgSu+pprn+gOZerKyh2HUcKOHGIQc2jK0E2TaANvqSBHXf04fqCT1ZYFsLEYtN27Ijkbs/Ld+42Chp4p23ZFVVXkZSVAf1bTIcaBqdamzMqw5N5kl8axXaz3NFP5zSM8GLx0VXevib8qSrUKvxshbqFFNPzhVdY+8/lqBTZeQe/ml48kK9Nq4BVaW1hMBZzaepEmppp5dPHIixkaWdlc3Q9MTE0Mjk2LHM9OTM4MTk5OTQ4NTYxN2M2NmE0OWI4Mzc4NjY5MzhjOTk5YTgwN2E5ZGEzOTQ4Mzk4NzU5YTVmOWVhZDZjNzQ4Mzk5OGI5YzhlNzY4MjcxNmY=
.air1.com/	1970-01-19 07:16:06	Name: utm_campaign Value: A1PD2002
.air1.com/	1970-01-19 07:16:06	Name: utm_source Value: Email
.air1.com/	1970-01-19 16:01:27	Name: utag_main Value: v_id:01702feb2f050002a252f2b01f4300079009807100b08$_sn:1$_se:1$_ss:1$_st:1581353707078$ses_id:1581351907078%3Bexp-session$_pn:1%3Bexp-session
.air1.com/	1970-01-19 07:16:06	Name: utm_medium Value: List-Email
.air1.com/	1969-12-31 23:59:59	Name: incap_ses_451_2009076 Value: BLptYWWMYzzghSoNxEdCBuKDQV4AAAAA0XpQ+Vsr86lsliw16chVfw==
.air1.com/	1970-01-20 00:47:03	Name: _ga Value: GA1.2.1066576913.1581351907
.youtube.com/	1970-01-19 07:15:53	Name: GPS Value: 1
.air1.com/	1969-12-31 23:59:59	Name: nlbi_2009076 Value: cCpFPSgQKV3qHIvB3NDKMwAAAAAPtbbiis8XGdBz3JlGJlKk
.air1.com/	1970-01-19 16:01:00	Name: visid_incap_2009076 Value: gAcP1ZiZSnSwU3ltsallt+GDQV4AAAAAQUIPAAAAAABsPD+FHr2Q3scGX4Zo1C33

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.air1.com/scripts/pagecontent/analytics-events.js(Line 1) Message: binding analytics click events

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
go.pardot.com
pi.pardot.com
s.ytimg.com
sample-api-v2.crazyegg.com
script.crazyegg.com
stackpath.bootstrapcdn.com
tags.tiqcdn.com
use.fontawesome.com
www.air1.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
152.199.23.241
2001:4de0:ac19::1:b:3a
2001:4de0:ac19::1:b:3b
23.111.9.35
23.21.91.243
2606:4700::6811:4004
2606:4700::6813:9308
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:808::200e
2a00:1450:4001:809::200e
2a00:1450:4001:816::2003
2a00:1450:4001:81e::200a
2a00:1450:4001:821::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.174.78.146
45.60.154.223
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
07f770817e53909acdf2b294f22ea02a524706c19a9bf7d8451714763c2d5cff
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15121af0c6d46f68e55bd3cce318dfa106d80745169531fb1d382b221031eafa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18fe8309f4685a36cf1cf513a092e847d8f69a3c1fb97f72a82b0a145adc8ece
3353f2ec3320b49a0381cf48dfbd5704efc028aa8f55fe40a63d50b28716ac1b
3d63b9ae0f8cccb888886d453950046c6925e5bb4e2a9096d5ad1d2f14d573a6
45e39853c41558c4922ff1b0895547a99e378f136ec3d9d2f4df15cc269485fa
484a1af1ab08bf9c6d6b1ac684e1efcc2b7f1a44a07113a3c308439319927b20
49d1ce8511bdc39d1cce9c34aa947917423a067f9ee4d6e70e120422d9506542
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5bf3373e9a16a8975a8b22dadff75519eb86167fc3c1d9b5b8500742642ed6d9
5c3d73b408160ab9f8ed99b94d3cd7cc078fc2a508b35b8272bf450a2cda7a3c
65692195843c63a05b6846b253eb2d7bbf70b8e288347a5152e0dbe793306925
693e1b969c20e37a76ad0f0a17ff1a3302b1c4c14bf3d1451fc93544a052a233
6c5ed2fa605e0be04f134d0cf46084b2be762d1e263fe2d44316266f9ef91486
6de69d3256186ef62119ad793842f8776268e3345cfe397345b0422345be587e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8de6a0009211bb8ebd240c04c4a575fe60ee0044bf564cbcbe9e1023f16c0f83
8df9152a32b65cb6893a419867bb336dd8e49f481c548a136df2b4d52512b2af
96005414e2ea06a2741137c50ad403044d530512f1eef613131f8c067ae977db
98c80f863908b148f274c57c3e5cfe0dbd6b64f60165f1e7012cb4ed0701276c
9c4de314c49e631dd892c3068787c1ce85d6863c2a7bbf8c68cec5068684d3c2
9f29f2bbb25602f4bdbd3122c317244f8fd9741106ffd5a412574b02ee794993
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a7a781b03ba782126e9848a7388ac4fc35eeaa99b3e5d9ea973092a81b60eb38
b5a32cb751bb193335afccb5408b38ae908bca6deb11bcee513e95b0c49faa74
bf795ae842b9e240b64618c72b2c3f09e7e1ed93ac91847ef71cc9c71cc93833
c110c3ef298630dce5070f8f057bb4b3eccc138bd815b53209d88d4da71edd73
c13dfd55ce340bba4864b7e4fe9a5666fd84ed9824661f9d18b96ddd1b497f41
c5c96fb55a5273ea7142b26b7882258dfc61e705d41052135bb319145ba9a570
cbfd528fb5f5eb028aa3a6681202151b508dae396a94b69ab501abf0e408149f
d91d92adc05d5a881e572f197688ef4236d0e618a2bbdb8898aff502e0557292
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
eb8826f2a87241db34d6a9e83e7495b832990481552fec879b22605901dc69dd
eeb62f42f906010abc435828d4dbbea5ed5d87068c09308e89318f395417a874
ef02bc2ddcec4dd20668fede0572c1a93e3b9cf72b471d6186e2366e39ac54d9
f6652dacc3641651bf842bb18861c6fbb66581a3dd2c41dde3226764740684b6

www.air1.com Open in urlscan Pro 45.60.154.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

72 %IPv6

17 Domains

19 Subdomains

18 IPs

4 Countries

710 kBTransfer

2613 kBSize

18 Cookies

9 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.air1.com Open in urlscan Pro
45.60.154.223 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

72 %
IPv6

17
Domains

19
Subdomains

18
IPs

4
Countries

710 kB
Transfer

2613 kB
Size

18
Cookies

46 HTTP transactions
0 data transactions