urlscan.io logo urlscan.io
SecurityTrails logo

nsightrecovery.com Open in urlscan Pro
209.126.30.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nsightcovidtesting.com/
Effective URL: https://nsightrecovery.com/covid-testing-for-travel/
Submission Tags: falconsandbox
Submission: On July 27 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 4 countries across 19 domains to perform 94 HTTP transactions. The main IP is 209.126.30.42, located in United States and belongs to NEXCESS-NET, US. The main domain is nsightrecovery.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on December 29th 2020. Valid for: a year.
This is the only time nsightrecovery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 198.185.159.144 53831 (SQUARESPACE)
31 209.126.30.42 36444 (NEXCESS-NET)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 13.224.111.22 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
12 216.21.12.26 53334 (TUT-AS)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 13.224.111.111 16509 (AMAZON-02)
1 54.191.20.193 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.137.88 16509 (AMAZON-02)
1 74.122.189.136 15211 (SQUARE)
3 13.224.111.113 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 13.224.111.86 16509 (AMAZON-02)
2 34.211.191.133 16509 (AMAZON-02)
1 167.114.119.127 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
94 25
1    198.185.159.144 (United States)

ASN53831 (SQUARESPACE, US)
nsightcovidtesting.com
31    209.126.30.42 (United States)

ASN36444 (NEXCESS-NET, US)
PTR: cloudhost-75724.us-midwest-1.nxcli.net
nsightrecovery.com
4    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:10::ac43:2a0c (United States)

ASN13335 (CLOUDFLARENET, US)
static.legitscript.com
6    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    13.224.111.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-22.mad50.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
12    216.21.12.26 (United States)

ASN53334 (TUT-AS, US)
PTR: 216-21-12-26.customer.totaluptime.net
intakeq.com
6    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    13.224.111.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-111.mad50.r.cloudfront.net
certify.alexametrics.com
1    54.191.20.193 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-20-193.us-west-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
2    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.222.137.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-88.ams50.r.cloudfront.net
d2zah9y47r7bi2.cloudfront.net
1    74.122.189.136 (Ashburn, United States)

ASN15211 (SQUARE, US)
js.squareup.com
3    13.224.111.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-113.mad50.r.cloudfront.net
js.stripe.com
1    2606:4700:20::ac43:4a40 (United States)

ASN13335 (CLOUDFLARENET, US)
fattjs.fattpay.com
4    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    13.224.111.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-86.mad50.r.cloudfront.net
m.stripe.network
2    34.211.191.133 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-191-133.us-west-2.compute.amazonaws.com
m.stripe.com
1    167.114.119.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: prd-usage-2.tjsint.net
usage.trackjs.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
31 nsightrecovery.com nsightrecovery.com
12 intakeq.com nsightrecovery.com
intakeq.com
d2zah9y47r7bi2.cloudfront.net
6 www.gstatic.com www.google.com
www.gstatic.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
d2zah9y47r7bi2.cloudfront.net
6 www.google.com nsightrecovery.com
www.gstatic.com
4 maps.googleapis.com intakeq.com
maps.googleapis.com
4 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 www.googletagmanager.com nsightrecovery.com
www.googletagmanager.com
intakeq.com
3 js.stripe.com intakeq.com
js.stripe.com
2 m.stripe.com m.stripe.network
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.google.de nsightrecovery.com
2 stats.g.doubleclick.net www.google-analytics.com
d2zah9y47r7bi2.cloudfront.net
2 static.legitscript.com nsightrecovery.com
1 usage.trackjs.com
1 fattjs.fattpay.com intakeq.com
1 js.squareup.com intakeq.com
1 d2zah9y47r7bi2.cloudfront.net intakeq.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com nsightrecovery.com
1 certify.alexametrics.com nsightrecovery.com
1 d31qbv1cthcecs.cloudfront.net nsightrecovery.com
1 fonts.googleapis.com nsightrecovery.com
1 nsightcovidtesting.com 1 redirects
94 23

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.facebook.com
twitter.com
legitscript.com
Subject Issuer Validity Valid
www.nsightrecovery.com
GeoTrust RSA CA 2018		 2020-12-29 -
2022-01-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-05 -
2021-09-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-15 -
2022-07-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.intakeq.com
Sectigo RSA Domain Validation Secure Server CA		 2020-02-01 -
2022-02-19		 2 years crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2020-10-08 -
2021-11-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh
*.squareup.com
Entrust Certification Authority - L1K		 2020-11-13 -
2021-11-30		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2021-07-09 -
2021-11-03		 4 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2021-11-03		 4 months crt.sh
*.trackjs.com
RapidSSL RSA CA 2018		 2019-06-11 -
2021-09-09		 2 years crt.sh
*.google.de
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://nsightrecovery.com/covid-testing-for-travel/
Frame ID: 94121905FE88039D3A98E4E31069B762
Requests: 53 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezxbUZAAAAAD9dYVrfDIEqGD9QgIwnI0mc-p60&co=aHR0cHM6Ly9uc2lnaHRyZWNvdmVyeS5jb206NDQz&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&size=normal&cb=t46gn53ad26
Frame ID: AFFECDFC7EC1A8E0980072F2B5221761
Requests: 8 HTTP requests in this frame

Frame: https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
Frame ID: F8E6C634A443CC248CFD1B7A3E9787C3
Requests: 28 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6LezxbUZAAAAAD9dYVrfDIEqGD9QgIwnI0mc-p60&cb=bo8n4pqtiib2
Frame ID: 3D90121CA087679AAB030417B74DD7F4
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
Frame ID: D15AA4199AF731204C93320A986E7032
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 3EE5B0849202219190BE07186BEA3D58
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://nsightcovidtesting.com/ HTTP 301
    https://nsightrecovery.com/covid-testing-for-travel/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

94
Requests

100 %
HTTPS

52 %
IPv6

19
Domains

23
Subdomains

25
IPs

4
Countries

3017 kB
Transfer

7013 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nsightcovidtesting.com/ HTTP 301
    https://nsightrecovery.com/covid-testing-for-travel/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

94 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nsightrecovery.com/covid-testing-for-travel/
Redirect Chain
  • https://nsightcovidtesting.com/
  • https://nsightrecovery.com/covid-testing-for-travel/
126 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
63df681a6022779e786ee2f3c5c1c14c26efe17b54f5edfd76a9e05a052f44d8

Request headers

:method
GET
:authority
nsightrecovery.com
:scheme
https
:path
/covid-testing-for-travel/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Tue, 27 Jul 2021 11:22:36 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 27 Jul 2021 02:45:16 GMT
x-cache-nxaccel
BYPASS
content-encoding
br

Redirect headers

age
76786
date
Mon, 26 Jul 2021 14:02:50 GMT
location
https://nsightrecovery.com/covid-testing-for-travel/
server
Squarespace
set-cookie
crumb=BVKmvyXDy0AQZjVmNTA1Zjc0NGUxNzk5ZGVjMDk2ODY2YTBkN2Nj;Path=/
x-contextid
nXtIRHfb/vYmiAWu5
content-length
0
js
www.googletagmanager.com/gtag/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-70446907-1
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
865aeaf4c7e625f4fb679640efab96bf62280eb8d0cef36b64dd4e8daca5b35e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40894
x-xss-protection
0
expires
Tue, 27 Jul 2021 11:22:36 GMT
style.min.css
nsightrecovery.com/wp-includes/css/dist/block-library/ 		79 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 05:22:14 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-nocache
1
set-cookie
_nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges
bytes
content-length
10523
expires
Wed, 27 Jul 2022 11:22:36 GMT
wpforms-full.min.css
nsightrecovery.com/wp-content/plugins/wpforms/assets/css/ 		38 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/wpforms/assets/css/wpforms-full.min.css?ver=1.6.7.1
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
94a26b29a875d0a28901bfd52cc9e7980582b203359b523e0bfdb90fabc97a8a

Request headers

:path
/wp-content/plugins/wpforms/assets/css/wpforms-full.min.css?ver=1.6.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 23:08:45 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5309
expires
Wed, 27 Jul 2022 11:22:36 GMT
css
fonts.googleapis.com/ 		11 KB
1023 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A400%2C600%7COpen+Sans%3A400%2C700%7CMerriweather%3A400%2C700&display=swap&ver=5.8
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5bd0d7854a7023c7c6b485c69a042997e4cb2a893e413cc44b1f9d120edaab0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 11:22:36 GMT
server
ESF
date
Tue, 27 Jul 2021 11:22:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Jul 2021 11:22:36 GMT
style.min.css
nsightrecovery.com/wp-content/themes/Impreza/css/ 		404 KB
72 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/themes/Impreza/css/style.min.css?ver=7.15
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
0d1bc1a2980aa12bb35c190b9e66f927c4e09d5c61bb6bec9d23bb92945a0720

Request headers

:path
/wp-content/themes/Impreza/css/style.min.css?ver=7.15
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 09:00:04 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
expires
Wed, 27 Jul 2022 11:22:36 GMT
Defaults-401353eb2db3f1777c76cd1babfc0c35.css
nsightrecovery.com/wp-content/cache/min/1/wp-content/uploads/smile_fonts/Defaults/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/cache/min/1/wp-content/uploads/smile_fonts/Defaults/Defaults-401353eb2db3f1777c76cd1babfc0c35.css
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
5772c5f69519e3507f335dbdf81a5145c7ed3be5ffc4fdc4c8fdaf4704d65fc8

Request headers

:path
/wp-content/cache/min/1/wp-content/uploads/smile_fonts/Defaults/Defaults-401353eb2db3f1777c76cd1babfc0c35.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 23:13:57 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4754
expires
Wed, 27 Jul 2022 11:22:36 GMT
ytprefs.min.css
nsightrecovery.com/wp-content/plugins/youtube-embed-plus/styles/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.4.3
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
54b16a534f27d39f8edb7dd908ecf182b4be466f86f28ac0f01f415f2ba9d1cf

Request headers

:path
/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.4.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 23:09:07 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1334
expires
Wed, 27 Jul 2022 11:22:36 GMT
frontend-gtag.min.js
nsightrecovery.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=6.7.0
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
40dd348a0a40e3117ce5a9b3d0fc49651749e4821c342e82b89039f4847b791d

Request headers

:path
/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=6.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 21:59:18 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2800
expires
Wed, 27 Jul 2022 11:22:36 GMT
jquery.min.js
nsightrecovery.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 05:22:15 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-nocache
1
set-cookie
_nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges
bytes
content-length
30908
expires
Wed, 27 Jul 2022 11:22:36 GMT
ytprefs.min.js
nsightrecovery.com/wp-content/plugins/youtube-embed-plus/scripts/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.3
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
2f617a099ba9e73c30624d09ec9c8cb90ae3e784e8f89d94be4574dfe1496266

Request headers

:path
/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 23:09:07 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3185
expires
Wed, 27 Jul 2022 11:22:36 GMT
3920615.js
static.legitscript.com/seals/ 		341 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.legitscript.com/seals/3920615.js
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13179b651e6f6a20555a85e047197e8a1e763a8e41fe13c4181ec55e817e9bd6

Request headers

Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 27 Jul 2021 10:02:14 GMT
server
cloudflare
age
2160
etag
W/"60ffd9a6-155"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
67557dac3ed097f6-FRA
js
www.googletagmanager.com/gtag/ 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PX4LFYF9B0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70446907-1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4e6251891823c794b0aa7d6149e6d0dff041cea15f779e7ef23a3eb84fbe62e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:37 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50884
x-xss-protection
0
expires
Tue, 27 Jul 2021 11:22:37 GMT
main.min.css
nsightrecovery.com/wp-content/plugins/luckywp-table-of-contents/front/assets/ 		3 KB
783 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/luckywp-table-of-contents/front/assets/main.min.css?ver=2.1.4
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
5978d7eee4b0fb37c9409a3315f1ca722ebd7dfd476a42e9efa8cb016c076414

Request headers

:path
/wp-content/plugins/luckywp-table-of-contents/front/assets/main.min.css?ver=2.1.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 03 Aug 2020 21:49:06 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
748
expires
Wed, 27 Jul 2022 11:22:36 GMT
rs6-ea392f2030a9dfd1f5483b72875ce45b.css
nsightrecovery.com/wp-content/cache/min/1/wp-content/plugins/revslider/public/assets/css/ 		49 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/cache/min/1/wp-content/plugins/revslider/public/assets/css/rs6-ea392f2030a9dfd1f5483b72875ce45b.css
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
54cc51499e874cd35e6c1c1ec285eb1d05aa8775ceec422f4ef6275432195694

Request headers

:path
/wp-content/cache/min/1/wp-content/plugins/revslider/public/assets/css/rs6-ea392f2030a9dfd1f5483b72875ce45b.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 23:13:57 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
9446
expires
Wed, 27 Jul 2022 11:22:36 GMT
jquery.timepicker-13db75ee98c20b9ab39a3b5bfbf351fa.css
nsightrecovery.com/wp-content/cache/min/1/wp-content/plugins/wpforms/assets/css/ 		1 KB
447 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/cache/min/1/wp-content/plugins/wpforms/assets/css/jquery.timepicker-13db75ee98c20b9ab39a3b5bfbf351fa.css
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
13edf7af958312162729f15116d03ea2b4e9114b1b42dfd16e7d4c1497596922

Request headers

:path
/wp-content/cache/min/1/wp-content/plugins/wpforms/assets/css/jquery.timepicker-13db75ee98c20b9ab39a3b5bfbf351fa.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 23:14:15 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
389
expires
Wed, 27 Jul 2022 11:22:36 GMT
flatpickr.min.css
nsightrecovery.com/wp-content/plugins/wpforms/assets/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/wpforms/assets/css/flatpickr.min.css?ver=4.6.3
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018

Request headers

:path
/wp-content/plugins/wpforms/assets/css/flatpickr.min.css?ver=4.6.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 23:08:45 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3011
expires
Wed, 27 Jul 2022 11:22:36 GMT
rbtools.min.js
nsightrecovery.com/wp-content/plugins/revslider/public/assets/js/ 		121 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.1
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
a5f70e90e97e6ac1952a1a116dba485b468fa98dca2977853768a946227c7bc0

Request headers

:path
/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 23:08:58 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
46966
expires
Wed, 27 Jul 2022 11:22:36 GMT
rs6.min.js
nsightrecovery.com/wp-content/plugins/revslider/public/assets/js/ 		362 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.1
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
d8d0e4a3db20d04cfb3d038773f675bc3cca2ddf77e62f1d535f9ddae0669042

Request headers

:path
/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 23:08:58 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
expires
Wed, 27 Jul 2022 11:22:36 GMT
us.core.min.js
nsightrecovery.com/wp-content/themes/Impreza/js/ 		166 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/themes/Impreza/js/us.core.min.js?ver=7.15
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
c192ece70aaaedb7a2dbb480c9b4e9fcd208d871bcab54aee7a5eae1641d3d17

Request headers

:path
/wp-content/themes/Impreza/js/us.core.min.js?ver=7.15
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 09:00:04 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
41093
expires
Wed, 27 Jul 2022 11:22:36 GMT
fitvids.min.js
nsightrecovery.com/wp-content/plugins/youtube-embed-plus/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.4.3
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c

Request headers

:path
/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.4.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 23:09:07 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1009
expires
Wed, 27 Jul 2022 11:22:36 GMT
main.min.js
nsightrecovery.com/wp-content/plugins/luckywp-table-of-contents/front/assets/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/luckywp-table-of-contents/front/assets/main.min.js?ver=2.1.4
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
995456f7211327129612b97dc0a2baa2288f1e3065d1d6ed1882a0eb89d6baac

Request headers

:path
/wp-content/plugins/luckywp-table-of-contents/front/assets/main.min.js?ver=2.1.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 03 Aug 2020 21:49:06 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1476
expires
Wed, 27 Jul 2022 11:22:36 GMT
jquery.validate.min.js
nsightrecovery.com/wp-content/plugins/wpforms/assets/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/wpforms/assets/js/jquery.validate.min.js?ver=1.19.0
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7

Request headers

:path
/wp-content/plugins/wpforms/assets/js/jquery.validate.min.js?ver=1.19.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 23:08:45 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
7815
expires
Wed, 27 Jul 2022 11:22:36 GMT
flatpickr.min.js
nsightrecovery.com/wp-content/plugins/wpforms/assets/js/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/wpforms/assets/js/flatpickr.min.js?ver=4.6.3
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
fe2ac5219992a3608a5c9e2bc4759fac8fb2189b88d7a674d395ff6c435da536

Request headers

:path
/wp-content/plugins/wpforms/assets/js/flatpickr.min.js?ver=4.6.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 23:08:45 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
13761
expires
Wed, 27 Jul 2022 11:22:36 GMT
jquery.timepicker.min.js
nsightrecovery.com/wp-content/plugins/wpforms/assets/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/wpforms/assets/js/jquery.timepicker.min.js?ver=1.11.5
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
c89abf70364f007b654195d3b9778c66edb0c88974196d61f1786a0bfe816a3b

Request headers

:path
/wp-content/plugins/wpforms/assets/js/jquery.timepicker.min.js?ver=1.11.5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 23:08:45 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5121
expires
Wed, 27 Jul 2022 11:22:36 GMT
jquery.inputmask.min.js
nsightrecovery.com/wp-content/plugins/wpforms/assets/js/ 		141 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/wpforms/assets/js/jquery.inputmask.min.js?ver=5.0.6
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
122d190c17fb6860750f62345610fa9e636ca5f028a7129fc7205416501b7cb8

Request headers

:path
/wp-content/plugins/wpforms/assets/js/jquery.inputmask.min.js?ver=5.0.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 23:08:45 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
32801
expires
Wed, 27 Jul 2022 11:22:36 GMT
mailcheck.min.js
nsightrecovery.com/wp-content/plugins/wpforms/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/wpforms/assets/js/mailcheck.min.js?ver=1.1.2
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d

Request headers

:path
/wp-content/plugins/wpforms/assets/js/mailcheck.min.js?ver=1.1.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 23:08:45 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1682
expires
Wed, 27 Jul 2022 11:22:36 GMT
wpforms.js
nsightrecovery.com/wp-content/plugins/wpforms/assets/js/ 		63 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/wpforms/assets/js/wpforms.js?ver=1.6.7.1
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
3e0b9354a135e1d77f362289524f1dd0c903810863d6380970e8a4411ac5329c

Request headers

:path
/wp-content/plugins/wpforms/assets/js/wpforms.js?ver=1.6.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 23:08:45 GMT
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
15878
expires
Wed, 27 Jul 2022 11:22:36 GMT
api.js
www.google.com/recaptcha/ 		915 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=wpformsRecaptchaLoad&render=explicit
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f3389b338c49be173cb4e61f36c12aac083f332ffe0167188ed2a7f1d80e894d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
580
x-xss-protection
1; mode=block
expires
Tue, 27 Jul 2021 11:22:36 GMT
lazyload.min.js
nsightrecovery.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

:path
/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
pragma
no-cache
cookie
_nx-nocache=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:37 GMT
content-encoding
gzip
last-modified
Fri, 24 Jul 2020 21:38:03 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-nocache
1
set-cookie
_nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges
bytes
content-length
2704
expires
Wed, 27 Jul 2022 11:22:37 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-22.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
7838111
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 3f18bbc133cf4ddae8afcd8a83c77a98.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
MAD50-C1
X-Amz-Cf-Id
x0xC-nx1iXzM5W89K8A6kPE6oCdJO13_pnvnB1PhfVBCt4vnIicRdQ==
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7329365ccc143ea5e8fd5b016ec83530fcadb1ce7f3588a85cf5508f3ae4399

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed646e63013e8f57e3f7c4d345d6802fa6345a4f6f9a011f3ec263974ed5a085

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C600%7COpen+Sans%3A400%2C700%7CMerriweather%3A400%2C700&display=swap&ver=5.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://nsightrecovery.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:26:10 GMT
x-content-type-options
nosniff
age
60987
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 18:26:10 GMT
fa-solid-900.woff2
nsightrecovery.com/wp-content/themes/Impreza/fonts/ 		134 KB
133 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/themes/Impreza/fonts/fa-solid-900.woff2?ver=7.15
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Request headers

sec-fetch-mode
cors
origin
https://nsightrecovery.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_nx-nocache=1
:path
/wp-content/themes/Impreza/fonts/fa-solid-900.woff2?ver=7.15
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://nsightrecovery.com
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:37 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 09:00:04 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000
x-nocache
1
set-cookie
_nx-nocache=1; Max-Age=300; Path=/; HttpOnly
expires
Thu, 26 Aug 2021 11:22:37 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C600%7COpen+Sans%3A400%2C700%7CMerriweather%3A400%2C700&display=swap&ver=5.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://nsightrecovery.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 01:25:07 GMT
x-content-type-options
nosniff
age
35850
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 01:25:07 GMT
fa-brands-400.woff2
nsightrecovery.com/wp-content/themes/Impreza/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/themes/Impreza/fonts/fa-brands-400.woff2?ver=7.15
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

Request headers

sec-fetch-mode
cors
origin
https://nsightrecovery.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_nx-nocache=1
:path
/wp-content/themes/Impreza/fonts/fa-brands-400.woff2?ver=7.15
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://nsightrecovery.com
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:37 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 09:00:04 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000
x-nocache
1
set-cookie
_nx-nocache=1; Max-Age=300; Path=/; HttpOnly
expires
Thu, 26 Aug 2021 11:22:37 GMT
fa-regular-400.woff2
nsightrecovery.com/wp-content/themes/Impreza/fonts/ 		165 KB
165 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nsightrecovery.com/wp-content/themes/Impreza/fonts/fa-regular-400.woff2?ver=7.15
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Request headers

sec-fetch-mode
cors
origin
https://nsightrecovery.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_nx-nocache=1
:path
/wp-content/themes/Impreza/fonts/fa-regular-400.woff2?ver=7.15
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://nsightrecovery.com
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:37 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 09:00:04 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000
x-nocache
1
set-cookie
_nx-nocache=1; Max-Age=300; Path=/; HttpOnly
expires
Thu, 26 Aug 2021 11:22:37 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v36/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C600%7COpen+Sans%3A400%2C700%7CMerriweather%3A400%2C700&display=swap&ver=5.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://nsightrecovery.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 13:46:37 GMT
x-content-type-options
nosniff
age
77760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24064
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:31:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 13:46:37 GMT
widget.min.js
intakeq.com/js/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intakeq.com/js/widget.min.js?1
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.21.12.26 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
216-21-12-26.customer.totaluptime.net
Software
/
Resource Hash
232922a5f1f9300b357c689abcfbf974c107aaf64ee5bb5d575fec47acefa474
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:37 GMT
content-encoding
gzip
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Request-Context
content-length
8749
request-context
appId=cid-v1:f4cfc828-921e-4b72-8b81-919cbab3f4f8
3920615.png
static.legitscript.com/seals/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.legitscript.com/seals/3920615.png
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7187d9182ad93910b496683b093ffa91c8a8d4a7973c2787da788b2d6f7eed6b

Request headers

Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:37 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Jul 2021 10:02:14 GMT
server
cloudflare
age
2160
etag
"60ffd9a6-5443"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
67557dae9fac97f6-FRA
content-length
21571
collect
www.google-analytics.com/g/ 		0
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-PX4LFYF9B0&gtm=2oe7l1&_p=2093883307&sr=1600x1200&ul=en-us&cid=2011433294.1627384957&_s=1&dl=https%3A%2F%2Fnsightrecovery.com%2Fcovid-testing-for-travel%2F&dt=COVID%20Testing%20for%20Travel%20-%20PCR%20Nasal%20Swab%20-%20Results%20in%20less%20than%2024%20hours&sid=1627384956&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PX4LFYF9B0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 11:22:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nsightrecovery.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70446907-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
1898
date
Tue, 27 Jul 2021 10:50:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Tue, 27 Jul 2021 12:50:59 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=2093883307&t=pageview&_s=1&dl=https%3A%2F%2Fnsightrecovery.com%2Fcovid-testing-for-travel%2F&dp=%2Fcovid-testing-for-travel%2F&ul=en-us&de=UTF-8&dt=COVID%20Testing%20for%20Travel%20-%20PCR%20Nasal%20Swab%20-%20Results%20in%20less%20than%2024%20hours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=2006918761&gjid=1993062269&cid=2011433294.1627384957&tid=UA-70446907-1&_gid=835430358.1627384957&_r=1&gtm=2ou7l1&did=dNDMyYj&z=746507933
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 11:22:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nsightrecovery.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/ 		341 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=wpformsRecaptchaLoad&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edb6f1ba6e05bf7ceac236730c44bbd3bd10dfc3dbe6758e66d297c63358c64a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://nsightrecovery.com
Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 10:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136001
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 04:06:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 10:36:54 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=COVID%20Testing%20for%20Travel%20-%20PCR%20Nasal%20Swab%20-%20Results%20in%20less%20than%2024%20hours&time=1627384957565&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fnsightrecovery.com%2Fcovid-testing-for-travel%2F&random_number=735543163&sess_cookie=dc312e2e17ae7b3ca7c87920436&sess_cookie_flag=1&user_cookie=dc312e2e17ae7b3ca7c87920436&user_cookie_flag=1&dynamic=true&domain=nsightrecovery.com&account=wnxMm1a4KM+2L7&jsv=20130128&user_lang=en-US
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-111.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 03:19:11 GMT
Via
1.1 77fcce204f96e329df7227f192690939.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
29006
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
MAD50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
7rATCxbE-6h4RZchLUXbHB6kAS8iHxM7qQ-TY5EEsYnSsVH44WWx3A==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.191.20.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-191-20-193.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:38 GMT
server
Server
collect
stats.g.doubleclick.net/j/ 		4 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-70446907-1&cid=2011433294.1627384957&jid=2006918761&gjid=1993062269&_gid=835430358.1627384957&_u=YADAAUAAAAAAAC~&z=1863770844
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 27 Jul 2021 11:22:37 GMT
content-type
text/plain
access-control-allow-origin
https://nsightrecovery.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
Nsight-Horizontal-Logo-Small.png
nsightrecovery.com/wp-content/uploads/2018/03/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsightrecovery.com/wp-content/uploads/2018/03/Nsight-Horizontal-Logo-Small.png
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
d0951fd18386924926abc3230115dca75b2bf20a8a1f0b5f1e684f386c5fea89

Request headers

:path
/wp-content/uploads/2018/03/Nsight-Horizontal-Logo-Small.png
pragma
no-cache
cookie
_nx-nocache=1; _ga_PX4LFYF9B0=GS1.1.1627384956.1.0.1627384956.0; _ga=GA1.2.2011433294.1627384957; _gid=GA1.2.835430358.1627384957; _gat_gtag_UA_70446907_1=1; __asc=dc312e2e17ae7b3ca7c87920436; __auc=dc312e2e17ae7b3ca7c87920436; _wpfuuid=2d9b2dde-955c-42f6-8c8e-28c3cf311f09
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:37 GMT
last-modified
Wed, 11 Mar 2020 02:07:54 GMT
server
nginx
vary
Accept,Accept-Encoding
content-type
image/webp
x-nocache
1
cache-control
max-age=10368000
x-webp-express
Redirected directly to existing webp
set-cookie
_nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges
bytes
content-length
5042
expires
Wed, 24 Nov 2021 11:22:37 GMT
Beach-Sunset.png
nsightrecovery.com/wp-content/uploads/2020/03/ 		216 KB
217 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsightrecovery.com/wp-content/uploads/2020/03/Beach-Sunset.png
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
2b6557ba3189f285a60a833248f57383be2d79164e48f55b89f5a9f558ca54ed

Request headers

:path
/wp-content/uploads/2020/03/Beach-Sunset.png
pragma
no-cache
cookie
_nx-nocache=1; _ga_PX4LFYF9B0=GS1.1.1627384956.1.0.1627384956.0; _ga=GA1.2.2011433294.1627384957; _gid=GA1.2.835430358.1627384957; _gat_gtag_UA_70446907_1=1; __asc=dc312e2e17ae7b3ca7c87920436; __auc=dc312e2e17ae7b3ca7c87920436; _wpfuuid=2d9b2dde-955c-42f6-8c8e-28c3cf311f09
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:37 GMT
last-modified
Wed, 11 Mar 2020 02:25:34 GMT
server
nginx
vary
Accept,Accept-Encoding
content-type
image/webp
x-nocache
1
cache-control
max-age=10368000
x-webp-express
Redirected directly to existing webp
set-cookie
_nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges
bytes
content-length
221444
expires
Wed, 24 Nov 2021 11:22:37 GMT
Nsight-Covid-Testing-600x337.png
nsightrecovery.com/wp-content/uploads/2020/10/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsightrecovery.com/wp-content/uploads/2020/10/Nsight-Covid-Testing-600x337.png
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.126.30.42 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-75724.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash
6d9b7e462c6cdc5dcb633358c84a5a24a02fe34c6dd89e6468fa22114aaf875e

Request headers

:path
/wp-content/uploads/2020/10/Nsight-Covid-Testing-600x337.png
pragma
no-cache
cookie
_nx-nocache=1; _ga_PX4LFYF9B0=GS1.1.1627384956.1.0.1627384956.0; _ga=GA1.2.2011433294.1627384957; _gid=GA1.2.835430358.1627384957; _gat_gtag_UA_70446907_1=1; __asc=dc312e2e17ae7b3ca7c87920436; __auc=dc312e2e17ae7b3ca7c87920436; _wpfuuid=2d9b2dde-955c-42f6-8c8e-28c3cf311f09
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nsightrecovery.com
referer
https://nsightrecovery.com/covid-testing-for-travel/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsightrecovery.com/covid-testing-for-travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:37 GMT
last-modified
Fri, 23 Oct 2020 22:49:17 GMT
server
nginx
vary
Accept,Accept-Encoding
content-type
image/webp
x-nocache
1
cache-control
max-age=10368000
x-webp-express
Redirected directly to existing webp
set-cookie
_nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges
bytes
content-length
16200
expires
Wed, 24 Nov 2021 11:22:37 GMT
anchor
www.google.com/recaptcha/api2/ Frame AFFE 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezxbUZAAAAAD9dYVrfDIEqGD9QgIwnI0mc-p60&co=aHR0cHM6Ly9uc2lnaHRyZWNvdmVyeS5jb206NDQz&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&size=normal&cb=t46gn53ad26
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b6f5e5d7e02741d987451df0310564e3b097b9c54eee907df3747b70002bd7ec
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R8fgmKM0ElJyia9Ge9cExQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LezxbUZAAAAAD9dYVrfDIEqGD9QgIwnI0mc-p60&co=aHR0cHM6Ly9uc2lnaHRyZWNvdmVyeS5jb206NDQz&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&size=normal&cb=t46gn53ad26
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nsightrecovery.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nsightrecovery.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 27 Jul 2021 11:22:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-R8fgmKM0ElJyia9Ge9cExQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
21568
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-70446907-1&cid=2011433294.1627384957&jid=2006918761&_u=YADAAUAAAAAAAC~&z=511870991
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 11:22:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-70446907-1&cid=2011433294.1627384957&jid=2006918761&_u=YADAAUAAAAAAAC~&z=511870991
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nsightrecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 11:22:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5f6f94233329c941c03ab98b
intakeq.com/bookingwidget/ Frame F8E6 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
Requested by
Host: intakeq.com
URL: https://intakeq.com/js/widget.min.js?1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.21.12.26 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
216-21-12-26.customer.totaluptime.net
Software
/
Resource Hash
271a3e5fdbc542047d38125cf533fd8bdd6469703d4ce459f95de6e54431a906
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

:method
GET
:authority
intakeq.com
:scheme
https
:path
/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nsightrecovery.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nsightrecovery.com/

Response headers

cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
x-frame-options
AllowAll
request-context
appId=cid-v1:f4cfc828-921e-4b72-8b81-919cbab3f4f8
access-control-expose-headers
Request-Context
date
Tue, 27 Jul 2021 11:22:37 GMT
content-length
2155
styles__ltr.css
www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/ Frame AFFE 		52 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezxbUZAAAAAD9dYVrfDIEqGD9QgIwnI0mc-p60&co=aHR0cHM6Ly9uc2lnaHRyZWNvdmVyeS5jb206NDQz&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&size=normal&cb=t46gn53ad26
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:00:25 GMT
vary
Accept-Encoding
last-modified
Mon, 19 Jul 2021 04:06:17 GMT
server
sffe
x-content-type-options
nosniff
age
1332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52867
x-xss-protection
0
expires
Wed, 27 Jul 2022 11:00:25 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/ Frame AFFE 		341 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezxbUZAAAAAD9dYVrfDIEqGD9QgIwnI0mc-p60&co=aHR0cHM6Ly9uc2lnaHRyZWNvdmVyeS5jb206NDQz&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&size=normal&cb=t46gn53ad26
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edb6f1ba6e05bf7ceac236730c44bbd3bd10dfc3dbe6758e66d297c63358c64a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 10:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136001
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 04:06:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 10:36:54 GMT
truncated
/ Frame AFFE 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AFFE 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AFFE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 23:34:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
42512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Mon, 02 Aug 2021 23:34:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AFFE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezxbUZAAAAAD9dYVrfDIEqGD9QgIwnI0mc-p60&co=aHR0cHM6Ly9uc2lnaHRyZWNvdmVyeS5jb206NDQz&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&size=normal&cb=t46gn53ad26
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 21:27:21 GMT
x-content-type-options
nosniff
age
50116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 21:27:21 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame AFFE 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K
Requested by
Host: nsightrecovery.com
URL: https://nsightrecovery.com/covid-testing-for-travel/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ed4b06b4fbf7117c1910a1480845b4880615606bb4f399cb5df51583889fdc27
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezxbUZAAAAAD9dYVrfDIEqGD9QgIwnI0mc-p60&co=aHR0cHM6Ly9uc2lnaHRyZWNvdmVyeS5jb206NDQz&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&size=normal&cb=t46gn53ad26
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 27 Jul 2021 11:22:37 GMT
bframe
www.google.com/recaptcha/api2/ Frame 3D90 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6LezxbUZAAAAAD9dYVrfDIEqGD9QgIwnI0mc-p60&cb=bo8n4pqtiib2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e02dc11c02e6f50117ce879dd2912076a8d040bff193a273a98d6deb1a8ff3a0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dUD2MwVUyEFCTkgt5HuxBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6LezxbUZAAAAAD9dYVrfDIEqGD9QgIwnI0mc-p60&cb=bo8n4pqtiib2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nsightrecovery.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nsightrecovery.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 27 Jul 2021 11:22:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-dUD2MwVUyEFCTkgt5HuxBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
widget
intakeq.com/Content/ Frame F8E6 		233 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intakeq.com/Content/widget?v=_QZA6Qdhap8gMZ3JWe7cOYWclmcKOgmSKuV57pmO8h81
Requested by
Host: intakeq.com
URL: https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.21.12.26 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
216-21-12-26.customer.totaluptime.net
Software
/
Resource Hash
e5809d5cd17bc983fc9eeac1969cde8f9120d3a88523de44f250b00303d39439
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:37 GMT
content-encoding
gzip
last-modified
Tue, 27 Jul 2021 11:22:38 GMT
x-frame-options
SAMEORIGIN
vary
User-Agent,Accept-Encoding
content-type
text/css; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
request-context
appId=cid-v1:f4cfc828-921e-4b72-8b81-919cbab3f4f8
content-length
57350
expires
Wed, 27 Jul 2022 11:22:38 GMT
tracker.js
d2zah9y47r7bi2.cloudfront.net/releases/current/ Frame F8E6 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Requested by
Host: intakeq.com
URL: https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-88.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b083af11bff8f6237c9b83a2910ccb07625602e3c386de94daeedb8dab2b195d

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 19:05:42 GMT
Content-Encoding
gzip
Age
404216
x-amz-meta-cache-control
s-max-age=3600, max-age=604800, public
X-Cache
Hit from cloudfront
x-amz-meta-content-type
application/javascript
Connection
keep-alive
Last-Modified
Thu, 13 Sep 2018 19:10:28 GMT
Server
AmazonS3
ETag
W/"160874c6a444216fd269e7e0e2370aa7"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 63cf97e5788a160a76e89d4e12e2ca29.cloudfront.net (CloudFront)
Cache-Control
s-max-age=3600, max-age=604800, public
Transfer-Encoding
chunked
X-Amz-Cf-Pop
AMS50-C1
X-Amz-Cf-Id
5VLksQFbph1BGxm98otm4GMjgUY_nsIZQbXPP7JnvxmfIdJvBjk9fg==
modernizr
intakeq.com/bundles/ Frame F8E6 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intakeq.com/bundles/modernizr?v=K-FFpFNtIXPUlQamnX3qHX_A5r7TM2xbAgcuEmpm3O41
Requested by
Host: intakeq.com
URL: https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.21.12.26 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
216-21-12-26.customer.totaluptime.net
Software
/
Resource Hash
9f0fab72c8a1fea1df1d6c5d128115031a8c44ccbc7f37e314acee6acb98779b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:38 GMT
content-encoding
gzip
last-modified
Tue, 27 Jul 2021 11:22:38 GMT
x-frame-options
SAMEORIGIN
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
request-context
appId=cid-v1:f4cfc828-921e-4b72-8b81-919cbab3f4f8
content-length
5284
expires
Wed, 27 Jul 2022 11:22:38 GMT
paymentform
js.squareup.com/v2/ Frame F8E6 		162 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.squareup.com/v2/paymentform
Requested by
Host: intakeq.com
URL: https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
c846cb36d91a4282e1cb743ff2aea8119c1ff6923dbc89a7607ecf330f4701c0
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 11:22:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
js.stripe.com/v3/ Frame F8E6 		227 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: intakeq.com
URL: https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-113.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e21877533c764faac02d6c6919a655139685ff9e49ebf0e9cfc94f888d31c8d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:18:36 GMT
content-encoding
gzip
vary
Accept-Encoding
age
243
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
T0707YGXEWMJKE0D
x-amz-id-2
Sc/Nd4BX4y8wJxVwPvv9gEs8+J2QVZ38A42HF0Qk7MdqvQtEt8Jzs8uXBC5dKYasKkyLD0jEQYY=
last-modified
Mon, 26 Jul 2021 22:40:55 GMT
server
AmazonS3
etag
W/"e68b38b9c8ad007a7e24a3856d53907f"
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
MAD50-C1
timing-allow-origin
*
x-amz-cf-id
OxykxLzCEUC6ct4CXm09cu0PA9kjCnTlFzMIIQs6qn3avDW5cs_JRg==
fattmerchant.js
fattjs.fattpay.com/js/ Frame F8E6 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fattjs.fattpay.com/js/fattmerchant.js
Requested by
Host: intakeq.com
URL: https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14b6b99fb0ef26bfe5e142e70ac35bd33802b595d161b92fa0f639a1b5188b38

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4518
x-amz-request-id
57W54RNAB9P99Z6G
x-amz-id-2
ZUkpyktcGql2sAqLWHSPfA/GbWUoB3qf8390+/k0TSS/3+i3IkJQVREV31yrMgF5QrX4z65TsVQ=
last-modified
Mon, 28 Sep 2020 18:57:54 GMT
server
cloudflare
etag
W/"74ac59194f76a5cd39e34a6a319b7025"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugOcLyn%2FVEB%2BOOpwPU60%2Buqimh0sTB%2FTR5E%2FjR6xo7esalt5TphSutZHhNXbdqfgHfeAvYcZvu9VEf1rK%2BU32UhtUoc%2F5FgdlvpQ%2Bw8DO3HobbyzLANN43XAb3NScfC1qw%2F8Jy%2BQEB74XmTbMmymCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
67557db30c3c4ed4-FRA
js
maps.googleapis.com/maps/api/ Frame F8E6 		140 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyAM-W55gvbsv6nY_pOSq6vwihoseGQNw40
Requested by
Host: intakeq.com
URL: https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
56281cb3329ccc01566c7eddb21158d3204b9abd732943052ec25b014bbfa3c3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:37 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=20
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46530
x-xss-protection
0
expires
Tue, 27 Jul 2021 11:52:37 GMT
widget-bundle.js
intakeq.com/dist/ Frame F8E6 		1 MB
376 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intakeq.com/dist/widget-bundle.js?v=0
Requested by
Host: intakeq.com
URL: https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.21.12.26 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
216-21-12-26.customer.totaluptime.net
Software
/
Resource Hash
e87a8d067980ed7ce828fdcc1577ca409c9bbdebd4cddd10b09fb028243aa084

Request headers

Referer
https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:37 GMT
content-encoding
gzip
last-modified
Tue, 27 Jul 2021 01:37:12 GMT
accept-ranges
bytes
etag
"ceeecec8782d71:0"
vary
Accept-Encoding
content-type
application/javascript
js
www.googletagmanager.com/gtag/ Frame F8E6 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-70446907-1
Requested by
Host: intakeq.com
URL: https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f82b48d22dd53c89d2f67314b75c1737b8b16be4146ff7c378ed503e10c29c17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:38 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40897
x-xss-protection
0
expires
Tue, 27 Jul 2021 11:22:38 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/ Frame 3D90 		52 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6LezxbUZAAAAAD9dYVrfDIEqGD9QgIwnI0mc-p60&cb=bo8n4pqtiib2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:00:25 GMT
vary
Accept-Encoding
last-modified
Mon, 19 Jul 2021 04:06:17 GMT
server
sffe
x-content-type-options
nosniff
age
1332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52867
x-xss-protection
0
expires
Wed, 27 Jul 2022 11:00:25 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/ Frame 3D90 		341 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6LezxbUZAAAAAD9dYVrfDIEqGD9QgIwnI0mc-p60&cb=bo8n4pqtiib2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edb6f1ba6e05bf7ceac236730c44bbd3bd10dfc3dbe6758e66d297c63358c64a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 10:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136001
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 04:06:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 10:36:54 GMT
m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
js.stripe.com/v3/ Frame D15A 		215 B
952 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-113.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f90c4b8fb3b8afbf228232c4afb00f5a1d0efab1c7f7ebf313d730d3cd050f3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://intakeq.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://intakeq.com/

Response headers

content-type
text/html; charset=utf-8
content-length
215
x-amz-id-2
OXraxR+iC7iTO3sAmGV6kl0fnEoUGpmQ6LoEq2w2LoT1TPZSGNGWFwXM7TAORkGPrLYgO/J5obE=
x-amz-request-id
0H6JBQGT28EWPG92
last-modified
Tue, 29 Jun 2021 17:25:38 GMT
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
access-control-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date
Tue, 27 Jul 2021 11:18:40 GMT
cache-control
public, max-age=300
etag
"5564a2ae650989ada0dc7f7250ae34e9"
x-cache
Hit from cloudfront
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
-qR4WRbx-EupZK2246lnvyHccj8iJIEENnco3KluYQGNLvhugBjDpg==
age
238
index.html
intakeq.com/app/widget/ Frame F8E6 		2 KB
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intakeq.com/app/widget/index.html?v=7
Requested by
Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.21.12.26 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
216-21-12-26.customer.totaluptime.net
Software
/
Resource Hash
378c12000b11ff7a007fc2a001ff7f5c989d61d719d3851b01cac76389f6d3d2

Request headers

Accept
application/json, text/plain, */*
Referer
https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clinicId
5f6f94233329c941c03ab98b

Response headers

date
Tue, 27 Jul 2021 11:22:38 GMT
content-encoding
gzip
last-modified
Tue, 27 Jul 2021 01:44:32 GMT
etag
"7b827f28882d71:0"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
790
js
www.googletagmanager.com/gtag/ Frame F8E6 		127 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PX4LFYF9B0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70446907-1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd32bf7c8f16fa1ccb556d382b4c34ca7293290c8edfe5fe1fca87c1609976a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:38 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50884
x-xss-protection
0
expires
Tue, 27 Jul 2021 11:22:38 GMT
m-outer-60c368c1e1eddba7bd149e4b4f5408df.js
js.stripe.com/v3/fingerprinted/js/ Frame D15A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-60c368c1e1eddba7bd149e4b4f5408df.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-113.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"78581b5abad6c4e7b59c0f8ee45a8134"
age
277
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
AVAYQFA4RHJ0K8C6
x-amz-id-2
32u7uYKxdaEdoSlu2+FDg6fw+9UerS3Vbe8xgrkDJMHHW36WkT1brHFa+kPQObmGi3xP+2gFV6s=
last-modified
Tue, 29 Jun 2021 17:25:39 GMT
server
AmazonS3
date
Tue, 27 Jul 2021 11:18:02 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
MAD50-C1
timing-allow-origin
*
x-amz-cf-id
LTU0iaO9Wy21nvAF5fW97oGlQLGr0oMVrZYTDBo5Vk_1ybrd11s60Q==
inner.html
m.stripe.network/ Frame 3EE5 		932 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-60c368c1e1eddba7bd149e4b4f5408df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-86.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
m.stripe.network
:scheme
https
:path
/inner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.stripe.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
server
nginx
last-modified
Fri, 18 Jun 2021 21:35:08 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding
gzip
date
Tue, 27 Jul 2021 11:20:58 GMT
cache-control
public, max-age=300
etag
W/"60cd118c-3a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 9bac09758c086d613f2c0a80dd66c7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
4bGOxZiC34bj77Ksyp23XdJATJ4CC4QJ5A1OywpfWdrVipMKe2NUCw==
age
101
public
intakeq.com/api/widgetTerms/ Frame F8E6 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intakeq.com/api/widgetTerms/public?id=5f6f94233329c941c03ab98b
Requested by
Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.21.12.26 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
216-21-12-26.customer.totaluptime.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clinicId
5f6f94233329c941c03ab98b

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 11:22:38 GMT
x-frame-options
SAMEORIGIN
access-control-expose-headers
Request-Context
cache-control
no-cache
request-context
appId=cid-v1:f4cfc828-921e-4b72-8b81-919cbab3f4f8
content-length
0
expires
-1
spinner.gif
intakeq.com/images/ Frame F8E6 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intakeq.com/images/spinner.gif
Requested by
Host: intakeq.com
URL: https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.21.12.26 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
216-21-12-26.customer.totaluptime.net
Software
/
Resource Hash
e902cff6ebae8bbf36f68a28d37f8fdd2cecff1b24edc35147740a499c4d662b

Request headers

Referer
https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:39 GMT
last-modified
Tue, 27 Jul 2021 01:27:23 GMT
accept-ranges
bytes
etag
"df22cd8c8682d71:0"
content-length
33053
content-type
image/gif
fa-regular-400.woff2
intakeq.com/content/fa/webfonts/ Frame F8E6 		156 KB
157 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://intakeq.com/content/fa/webfonts/fa-regular-400.woff2
Requested by
Host: intakeq.com
URL: https://intakeq.com/Content/widget?v=_QZA6Qdhap8gMZ3JWe7cOYWclmcKOgmSKuV57pmO8h81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.21.12.26 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
216-21-12-26.customer.totaluptime.net
Software
/
Resource Hash
42d979d54a12b76d10c5f34709c774b14aedcbf25f268f332a7e9163011b658b

Request headers

Origin
https://intakeq.com
Referer
https://intakeq.com/Content/widget?v=_QZA6Qdhap8gMZ3JWe7cOYWclmcKOgmSKuV57pmO8h81
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:39 GMT
last-modified
Tue, 27 Jul 2021 01:44:49 GMT
accept-ranges
bytes
etag
"f9f04cfc8882d71:0"
content-length
159884
content-type
application/font-woff2
out-4.5.35.js
m.stripe.network/ Frame 3EE5 		85 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.35.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-86.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"60cd118c-153a9"
age
227
x-cache
Hit from cloudfront
last-modified
Fri, 18 Jun 2021 21:35:08 GMT
server
nginx
date
Tue, 27 Jul 2021 11:18:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 9bac09758c086d613f2c0a80dd66c7a6.cloudfront.net (CloudFront)
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
MAD50-C1
timing-allow-origin
*
x-amz-cf-id
kmEbW7U-DW8TmlSohFZdLcNSfaMac2bRYZ3pKPjhqfW5hU0KtkSVAA==
6
m.stripe.com/ Frame 3EE5 		156 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.35.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.191.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-191-133.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
eb5e0f2728e7b924e2d99dff7da970a2c1192bece16011d62251261a785f733e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Jul 2021 11:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-headers
Content-Type
usage.gif
usage.trackjs.com/ Frame F8E6 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usage.trackjs.com/usage.gif?token=e9543ae5fb3249dd824fa63e970a5783&correlationId=0f8bf904-21b2-4f21-9f30-3edf54cdb74e&application=&x=2dd27584-a6c5-478f-a654-40a8d6374c06&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.114.119.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
prd-usage-2.tjsint.net
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 11:22:40 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
analytics.js
www.google-analytics.com/ Frame F8E6 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70446907-1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
1901
date
Tue, 27 Jul 2021 10:50:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Tue, 27 Jul 2021 12:50:59 GMT
practitioners
intakeq.com/api/widget/ Frame F8E6 		581 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intakeq.com/api/widget/practitioners?memberId=5f6f94233329c941c03ab98b
Requested by
Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.21.12.26 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
216-21-12-26.customer.totaluptime.net
Software
/
Resource Hash
7799a7dc9cc836096a8d19d13e01551c4e90949e2ec889df9f2613f8fe933fed
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clinicId
5f6f94233329c941c03ab98b

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 11:22:39 GMT
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
no-cache
request-context
appId=cid-v1:f4cfc828-921e-4b72-8b81-919cbab3f4f8
content-length
581
expires
-1
collect
www.google-analytics.com/j/ Frame F8E6 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1259750478&t=pageview&_s=1&dl=https%3A%2F%2Fintakeq.com%2Fbookingwidget%2F5f6f94233329c941c03ab98b%3Fxdm_e%3Dhttps%253A%252F%252Fnsightrecovery.com%26xdm_c%3Ddefault818%26xdm_p%3D1&dr=https%3A%2F%2Fnsightrecovery.com%2F&ul=en-us&de=UTF-8&dt=IntakeQ%20Widget&sd=24-bit&sr=1600x1200&vp=720x250&je=0&_u=YEBAAUABAAAAAC~&jid=1240274357&gjid=1849446361&cid=1009569615.1627384960&tid=UA-70446907-1&_gid=1349366904.1627384960&_r=1&gtm=2ou7l1&z=1729706074
Requested by
Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 11:22:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://intakeq.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame F8E6 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1259750478&t=event&_s=2&dl=https%3A%2F%2Fintakeq.com%2Fbookingwidget%2F5f6f94233329c941c03ab98b%3Fxdm_e%3Dhttps%253A%252F%252Fnsightrecovery.com%26xdm_c%3Ddefault818%26xdm_p%3D1&dr=https%3A%2F%2Fnsightrecovery.com%2F&ul=en-us&de=UTF-8&dt=IntakeQ%20Widget&sd=24-bit&sr=1600x1200&vp=720x250&je=0&ec=IntakeQ&ea=session_started&el=&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1009569615.1627384960&tid=UA-70446907-1&_gid=1349366904.1627384960&gtm=2ou7l1&z=651704629
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 04:29:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24781
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame F8E6 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-70446907-1&cid=1009569615.1627384960&jid=1240274357&gjid=1849446361&_gid=1349366904.1627384960&_u=YEBAAUAAAAAAAC~&z=306391403
Requested by
Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 27 Jul 2021 11:22:40 GMT
content-type
text/plain
access-control-allow-origin
https://intakeq.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ Frame F8E6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-70446907-1&cid=1009569615.1627384960&jid=1240274357&_u=YEBAAUAAAAAAAC~&z=1081147512
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 11:22:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame F8E6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-70446907-1&cid=1009569615.1627384960&jid=1240274357&_u=YEBAAUAAAAAAAC~&z=1081147512
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 11:22:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
intakeq.com/api/widget/ Frame F8E6 		53 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://intakeq.com/api/widget/settings?id=5f6f94233329c941c03ab98b
Requested by
Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.21.12.26 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
216-21-12-26.customer.totaluptime.net
Software
/
Resource Hash
1374864a9b0a8596dc6585d384c7ffa40558a8ac91d0c8095a5d5c7f33a77feb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://intakeq.com/bookingwidget/5f6f94233329c941c03ab98b?xdm_e=https%3A%2F%2Fnsightrecovery.com&xdm_c=default818&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clinicId
5f6f94233329c941c03ab98b

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 11:22:40 GMT
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
no-cache
request-context
appId=cid-v1:f4cfc828-921e-4b72-8b81-919cbab3f4f8
content-length
54223
expires
-1
fa-solid-900.woff2
intakeq.com/content/fa/webfonts/ Frame F8E6 		127 KB
128 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://intakeq.com/content/fa/webfonts/fa-solid-900.woff2
Requested by
Host: intakeq.com
URL: https://intakeq.com/Content/widget?v=_QZA6Qdhap8gMZ3JWe7cOYWclmcKOgmSKuV57pmO8h81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.21.12.26 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
216-21-12-26.customer.totaluptime.net
Software
/
Resource Hash
0c103ae844c36c58f5947f4ffac0ef3edf1d447d0650fe33437071d3e13645ca

Request headers

Origin
https://intakeq.com
Referer
https://intakeq.com/Content/widget?v=_QZA6Qdhap8gMZ3JWe7cOYWclmcKOgmSKuV57pmO8h81
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 11:22:40 GMT
last-modified
Tue, 27 Jul 2021 01:41:57 GMT
accept-ranges
bytes
etag
"ab4b45968882d71:0"
content-length
129832
content-type
application/font-woff2
6
m.stripe.com/ Frame 3EE5 		156 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.35.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.191.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-191-133.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d93c80b3864332aedd393a38ca70d8d9c1c819e6fb7bcf44c442327563e4f6c0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Jul 2021 11:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-headers
Content-Type
common.js
maps.googleapis.com/maps-api-v3/api/js/45/7/ Frame F8E6 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/45/7/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyAM-W55gvbsv6nY_pOSq6vwihoseGQNw40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53ffe5dbee31fcbaedea8c12c89a23d015c360ffd52486bcb8500b1fe940f9c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 05:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22538
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32182
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 19:07:36 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 05:07:05 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/45/7/ Frame F8E6 		289 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/45/7/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyAM-W55gvbsv6nY_pOSq6vwihoseGQNw40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30728c0c2dd627173a2fe7110f42a303f6256e88d1cf2c2a405529c4b9ceb985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 01:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90376
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 19:07:36 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 01:16:39 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame F8E6 		62 B
84 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fintakeq.com%2Fbookingwidget%2F5f6f94233329c941c03ab98b%3Fxdm_e%3Dhttps%253A%252F%252Fnsightrecovery.com%26xdm_c%3Ddefault818%26xdm_p%3D1&4sAIzaSyAM-W55gvbsv6nY_pOSq6vwihoseGQNw40&callback=_xdc_._v2d4nn&key=AIzaSyAM-W55gvbsv6nY_pOSq6vwihoseGQNw40&token=16251
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/45/7/common.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
a17aa26153aa69329056290f0ddd256776ac07b818c8a77fbaad8924c183c006
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://intakeq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 11:22:43 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=27
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google_tag_manager object| dataLayer string| em_version boolean| em_track_user string| em_no_track_reason string| disableStr function| __gtagTrackerIsOptedOut function| __gtagTrackerOptout function| gaOptout function| __gtagTracker function| gtag function| __gaTracker object| exactmetrics_frontend function| ExactMetrics object| ExactMetricsObject undefined| $ function| jQuery object| _EPYT_ object| _EPADashboard_ function| onYouTubeIframeAPIReady object| _atrk_opts object| root function| setREVStartSize string| intakeq string| url object| $us object| RS_MODULES object| google_tag_data object| gaGlobal string| GoogleAnalyticsObject function| ga object| gsapVersions object| tpGS object| punchgs object| RSANYID object| RSANYID_sliderID boolean| _R_is_Editor function| pow function| EvEmitter function| imagesLoaded function| USAnimate function| epdofitvids object| lwptoc function| flatpickr function| Inputmask function| default object| Mailcheck object| gaplugins object| gaData object| wpforms object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| wpformsDispatchEvent function| wpformsRecaptchaCallback function| wpformsRecaptchaLoad object| wpforms_settings object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| atrk boolean| _atrk_fired function| LazyLoad object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| recaptcha object| closure_lm_466781 object| easyXDM object| $elem

8 Cookies

Domain/Path Name / Value
.nsightrecovery.com/ Name: __auc
Value: dc312e2e17ae7b3ca7c87920436
.nsightrecovery.com/ Name: __asc
Value: dc312e2e17ae7b3ca7c87920436
.nsightrecovery.com/ Name: _ga
Value: GA1.2.2011433294.1627384957
.nsightrecovery.com/ Name: _gid
Value: GA1.2.835430358.1627384957
nsightrecovery.com/ Name: _nx-nocache
Value: 1
.nsightrecovery.com/ Name: _gat_gtag_UA_70446907_1
Value: 1
nsightrecovery.com/ Name: _wpfuuid
Value: 2d9b2dde-955c-42f6-8c8e-28c3cf311f09
.nsightrecovery.com/ Name: _ga_PX4LFYF9B0
Value: GS1.1.1627384956.1.0.1627384956.0

4 Console Messages

Source Level URL
Text
console-api log URL: https://nsightrecovery.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.3(Line 2)
Message:
YT API init check
console-api log URL: https://nsightrecovery.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.3(Line 2)
Message:
YT API init check
console-api log URL: https://nsightrecovery.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.3(Line 2)
Message:
YT API init check
console-api log URL: https://nsightrecovery.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.3(Line 2)
Message:
YT API init check

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

certify.alexametrics.com
d2zah9y47r7bi2.cloudfront.net
d31qbv1cthcecs.cloudfront.net
fattjs.fattpay.com
fonts.googleapis.com
fonts.gstatic.com
intakeq.com
js.squareup.com
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
nsightcovidtesting.com
nsightrecovery.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
static.legitscript.com
stats.g.doubleclick.net
usage.trackjs.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
13.224.111.111
13.224.111.113
13.224.111.22
13.224.111.86
167.114.119.127
198.185.159.144
209.126.30.42
216.21.12.26
2606:4700:10::ac43:2a0c
2606:4700:20::ac43:4a40
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::2008
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9a
34.211.191.133
52.222.137.88
54.191.20.193
74.122.189.136
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0c103ae844c36c58f5947f4ffac0ef3edf1d447d0650fe33437071d3e13645ca
0d1bc1a2980aa12bb35c190b9e66f927c4e09d5c61bb6bec9d23bb92945a0720
122d190c17fb6860750f62345610fa9e636ca5f028a7129fc7205416501b7cb8
13179b651e6f6a20555a85e047197e8a1e763a8e41fe13c4181ec55e817e9bd6
1374864a9b0a8596dc6585d384c7ffa40558a8ac91d0c8095a5d5c7f33a77feb
13edf7af958312162729f15116d03ea2b4e9114b1b42dfd16e7d4c1497596922
14b6b99fb0ef26bfe5e142e70ac35bd33802b595d161b92fa0f639a1b5188b38
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
232922a5f1f9300b357c689abcfbf974c107aaf64ee5bb5d575fec47acefa474
271a3e5fdbc542047d38125cf533fd8bdd6469703d4ce459f95de6e54431a906
2b6557ba3189f285a60a833248f57383be2d79164e48f55b89f5a9f558ca54ed
2f617a099ba9e73c30624d09ec9c8cb90ae3e784e8f89d94be4574dfe1496266
2f90c4b8fb3b8afbf228232c4afb00f5a1d0efab1c7f7ebf313d730d3cd050f3
30728c0c2dd627173a2fe7110f42a303f6256e88d1cf2c2a405529c4b9ceb985
378c12000b11ff7a007fc2a001ff7f5c989d61d719d3851b01cac76389f6d3d2
3e0b9354a135e1d77f362289524f1dd0c903810863d6380970e8a4411ac5329c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40dd348a0a40e3117ce5a9b3d0fc49651749e4821c342e82b89039f4847b791d
42d979d54a12b76d10c5f34709c774b14aedcbf25f268f332a7e9163011b658b
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
4e21877533c764faac02d6c6919a655139685ff9e49ebf0e9cfc94f888d31c8d
52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d
53ffe5dbee31fcbaedea8c12c89a23d015c360ffd52486bcb8500b1fe940f9c5
54b16a534f27d39f8edb7dd908ecf182b4be466f86f28ac0f01f415f2ba9d1cf
54cc51499e874cd35e6c1c1ec285eb1d05aa8775ceec422f4ef6275432195694
56281cb3329ccc01566c7eddb21158d3204b9abd732943052ec25b014bbfa3c3
5772c5f69519e3507f335dbdf81a5145c7ed3be5ffc4fdc4c8fdaf4704d65fc8
5978d7eee4b0fb37c9409a3315f1ca722ebd7dfd476a42e9efa8cb016c076414
5bd0d7854a7023c7c6b485c69a042997e4cb2a893e413cc44b1f9d120edaab0b
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
63df681a6022779e786ee2f3c5c1c14c26efe17b54f5edfd76a9e05a052f44d8
661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
6d9b7e462c6cdc5dcb633358c84a5a24a02fe34c6dd89e6468fa22114aaf875e
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
7187d9182ad93910b496683b093ffa91c8a8d4a7973c2787da788b2d6f7eed6b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7799a7dc9cc836096a8d19d13e01551c4e90949e2ec889df9f2613f8fe933fed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
865aeaf4c7e625f4fb679640efab96bf62280eb8d0cef36b64dd4e8daca5b35e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
94a26b29a875d0a28901bfd52cc9e7980582b203359b523e0bfdb90fabc97a8a
995456f7211327129612b97dc0a2baa2288f1e3065d1d6ed1882a0eb89d6baac
9f0fab72c8a1fea1df1d6c5d128115031a8c44ccbc7f37e314acee6acb98779b
a17aa26153aa69329056290f0ddd256776ac07b818c8a77fbaad8924c183c006
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a5f70e90e97e6ac1952a1a116dba485b468fa98dca2977853768a946227c7bc0
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c
b083af11bff8f6237c9b83a2910ccb07625602e3c386de94daeedb8dab2b195d
b6f5e5d7e02741d987451df0310564e3b097b9c54eee907df3747b70002bd7ec
b7329365ccc143ea5e8fd5b016ec83530fcadb1ce7f3588a85cf5508f3ae4399
bd32bf7c8f16fa1ccb556d382b4c34ca7293290c8edfe5fe1fca87c1609976a7
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c192ece70aaaedb7a2dbb480c9b4e9fcd208d871bcab54aee7a5eae1641d3d17
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c846cb36d91a4282e1cb743ff2aea8119c1ff6923dbc89a7607ecf330f4701c0
c89abf70364f007b654195d3b9778c66edb0c88974196d61f1786a0bfe816a3b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0951fd18386924926abc3230115dca75b2bf20a8a1f0b5f1e684f386c5fea89
d8d0e4a3db20d04cfb3d038773f675bc3cca2ddf77e62f1d535f9ddae0669042
d93c80b3864332aedd393a38ca70d8d9c1c819e6fb7bcf44c442327563e4f6c0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e02dc11c02e6f50117ce879dd2912076a8d040bff193a273a98d6deb1a8ff3a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5809d5cd17bc983fc9eeac1969cde8f9120d3a88523de44f250b00303d39439
e87a8d067980ed7ce828fdcc1577ca409c9bbdebd4cddd10b09fb028243aa084
e902cff6ebae8bbf36f68a28d37f8fdd2cecff1b24edc35147740a499c4d662b
eb5e0f2728e7b924e2d99dff7da970a2c1192bece16011d62251261a785f733e
ed4b06b4fbf7117c1910a1480845b4880615606bb4f399cb5df51583889fdc27
ed646e63013e8f57e3f7c4d345d6802fa6345a4f6f9a011f3ec263974ed5a085
edb6f1ba6e05bf7ceac236730c44bbd3bd10dfc3dbe6758e66d297c63358c64a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14
f3389b338c49be173cb4e61f36c12aac083f332ffe0167188ed2a7f1d80e894d
f4e6251891823c794b0aa7d6149e6d0dff041cea15f779e7ef23a3eb84fbe62e
f82b48d22dd53c89d2f67314b75c1737b8b16be4146ff7c378ed503e10c29c17
fe2ac5219992a3608a5c9e2bc4759fac8fb2189b88d7a674d395ff6c435da536