urlscan.io logo urlscan.io
SecurityTrails logo

squadcovidstudy.com Open in urlscan Pro
13.224.195.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://squadcovidstudy.com/
Effective URL: https://squadcovidstudy.com/
Submission Tags: falconsandbox
Submission: On May 25 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 36 HTTP transactions. The main IP is 13.224.195.20, located in United States and belongs to AMAZON-02, US. The main domain is squadcovidstudy.com.
TLS certificate: Issued by Amazon on December 8th 2020. Valid for: a year.
This is the only time squadcovidstudy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    13.224.195.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-20.fra2.r.cloudfront.net
squadcovidstudy.com
1    2606:4700:20::681a:164 (United States)

ASN13335 (CLOUDFLARENET, US)
get.geojs.io
7    35.158.156.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-156-43.eu-central-1.compute.amazonaws.com
research-eu1.leapcure.com
4    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:10::6816:39f5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.inspectlet.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f030:13:face:b00c:0:3 (France)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
4    2.16.186.145 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-145.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    3.224.194.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-194-150.compute-1.amazonaws.com
q.quora.com
1    2a03:2880:f130:83:face:b00c:0:25de (France)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    3.220.114.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-114-126.compute-1.amazonaws.com
hn.inspectlet.com
Domain Requested by
7 research-eu1.leapcure.com squadcovidstudy.com
research-eu1.leapcure.com
4 analytics.tiktok.com squadcovidstudy.com
analytics.tiktok.com
4 maps.googleapis.com research-eu1.leapcure.com
maps.googleapis.com
3 bat.bing.com squadcovidstudy.com
bat.bing.com
research-eu1.leapcure.com
3 squadcovidstudy.com 1 redirects squadcovidstudy.com
2 hn.inspectlet.com cdn.inspectlet.com
2 s.yimg.com squadcovidstudy.com
s.yimg.com
2 connect.facebook.net squadcovidstudy.com
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com research-eu1.leapcure.com
1 www.facebook.com research-eu1.leapcure.com
1 q.quora.com research-eu1.leapcure.com
1 www.google-analytics.com www.googletagmanager.com
1 cdn.inspectlet.com research-eu1.leapcure.com
1 fonts.googleapis.com research-eu1.leapcure.com
1 get.geojs.io squadcovidstudy.com
36 16

This site contains no links.

Subject Issuer Validity Valid
squadcovidstudy.com
Amazon		 2020-12-08 -
2022-01-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-09 -
2021-07-09		 a year crt.sh
*.leapcure.com
Amazon		 2020-10-28 -
2021-11-26		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-04-12 -
2021-10-12		 6 months crt.sh
*.tiktok.com
RapidSSL RSA CA 2018		 2019-11-14 -
2022-01-12		 2 years crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-03 -
2021-06-23		 2 months crt.sh
*.quora.com
R3		 2021-05-09 -
2021-08-07		 3 months crt.sh
hn.inspectlet.com
R3		 2021-03-06 -
2021-06-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://squadcovidstudy.com/
Frame ID: 7FFD228210B6F5818504D41D1ACB7598
Requests: 3 HTTP requests in this frame

Frame: https://research-eu1.leapcure.com/studies/squadcovidstudy
Frame ID: 284986B19877DF7ED0D2695F9BFC2397
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://squadcovidstudy.com/ HTTP 301
    https://squadcovidstudy.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^GitHub\.com$/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^GitHub\.com$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^GitHub\.com$/i

Page Statistics

36
Requests

100 %
HTTPS

69 %
IPv6

14
Domains

16
Subdomains

16
IPs

4
Countries

1325 kB
Transfer

4793 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://squadcovidstudy.com/ HTTP 301
    https://squadcovidstudy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
squadcovidstudy.com/
Redirect Chain
  • http://squadcovidstudy.com/
  • https://squadcovidstudy.com/
877 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://squadcovidstudy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-20.fra2.r.cloudfront.net
Software
GitHub.com /
Resource Hash
1263873281d4b491561c971e8bbfdc9ed3efff22ebec4d8cc93fa5bc67b4f46b
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:method
GET
:authority
squadcovidstudy.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
content-length
499
server
GitHub.com
permissions-policy
interest-cohort=()
strict-transport-security
max-age=31556952
last-modified
Mon, 23 Nov 2020 23:21:40 GMT
access-control-allow-origin
*
content-encoding
gzip
x-proxy-cache
MISS
x-github-request-id
3AC2:D442:25ADD4B:26B5864:60ABF4C9
accept-ranges
bytes
via
1.1 varnish, 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
x-served-by
cache-fra19165-FRA
x-cache-hits
0
x-timer
S1621882058.562602,VS0,VE94
x-fastly-request-id
bb125f7ade162d8e274f4c84fbf1cdabcf6f0a3b
date
Tue, 25 May 2021 19:25:42 GMT
cache-control
max-age=600
expires
Tue, 25 May 2021 19:35:42 GMT
etag
W/"5fbc4404-36d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
ZzMJ70hTHsN-qx82iIwugf3Y2k4pcdo6lJrW0jzjKwSwyUn_pmxfZg==

Redirect headers

Server
CloudFront
Date
Tue, 25 May 2021 19:25:41 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://squadcovidstudy.com/
X-Cache
Redirect from cloudfront
Via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
qUY1WdWcxB4jqGiq3twNGKvSGfzsuZCILNG3FiwQIgVAK4o1qbDNZw==
main.css
squadcovidstudy.com/ 		97 B
749 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://squadcovidstudy.com/main.css
Requested by
Host: squadcovidstudy.com
URL: https://squadcovidstudy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-20.fra2.r.cloudfront.net
Software
GitHub.com /
Resource Hash
2137a352a69ffcefc013b136214ec2a5011758684ec6c3bad0735ce34bb5a95a
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/main.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
squadcovidstudy.com
referer
https://squadcovidstudy.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://squadcovidstudy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
19256aa3a8a2cdc8b0006e81ed188438d5567caf
strict-transport-security
max-age=31556952
via
1.1 varnish, 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
etag
"5fbc4404-61"
age
0
x-cache
Miss from cloudfront
content-length
97
x-served-by
cache-fra19144-FRA
last-modified
Mon, 23 Nov 2020 23:21:40 GMT
server
GitHub.com
x-github-request-id
27A0:5DCE:FF0F55:10988AC:60AD4F36
x-timer
S1621970742.485103,VS0,VE90
date
Tue, 25 May 2021 19:25:42 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
expires
Tue, 25 May 2021 19:35:42 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
x-proxy-cache
MISS
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
eCnxruyp4joorN9ZzCUl63jvXm_sE5ZuNIwGV-ci_M3n6heag2M0HQ==
x-cache-hits
0
geo.js
get.geojs.io/v1/ip/ 		320 B
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://get.geojs.io/v1/ip/geo.js
Requested by
Host: squadcovidstudy.com
URL: https://squadcovidstudy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bce5c5127b32b5c2973f08893d8e267faaf9e8707d14f5c6c5f30e1d1e885a5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://squadcovidstudy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 19:25:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a46968463000016e694807000000001
x-request-id
f340096e0eb02905b3196a94e5fa41d0-AMS
x-geojs-location
AMS
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=30iKBi3C5Prjo3qTntmMF23cgS8B%2BJT%2B2PaKY%2FB%2BaqeYTgV0B%2BFGulWh8Btwvmtyf0FMeUBESylZ5mlRJAC9Dm21m3RUEIplFgYtqf%2BnToiF9ZGSMSmP94nSuJZAIxvy3%2F%2B0rTw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-ray
655126b3dbf416e6-FRA
squadcovidstudy
research-eu1.leapcure.com/studies/ Frame 2849 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://research-eu1.leapcure.com/studies/squadcovidstudy
Requested by
Host: squadcovidstudy.com
URL: https://squadcovidstudy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.156.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-156-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
041d14e4ad5430ff2f0cb10afb3045e2456ef40bd691558eaa7efc1de415f1ed
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

:method
GET
:authority
research-eu1.leapcure.com
:scheme
https
:path
/studies/squadcovidstudy
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://squadcovidstudy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://squadcovidstudy.com/

Response headers

date
Tue, 25 May 2021 19:25:43 GMT
content-type
text/html; charset=utf-8
x-frame-options
ALLOWALL
x-request-id
99dd11d5-bc0d-419a-96af-a15ed76af7ae
x-runtime
0.052027
paper-dashboard-cea0f9ad.css
research-eu1.leapcure.com/packs/css/ Frame 2849 		479 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://research-eu1.leapcure.com/packs/css/paper-dashboard-cea0f9ad.css
Requested by
Host: research-eu1.leapcure.com
URL: https://research-eu1.leapcure.com/studies/squadcovidstudy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.156.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-156-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ae2d4d6887bff6f54dbee0f82fbde784b16b693f75521e8f0fac18ff50c585a9

Request headers

Referer
https://research-eu1.leapcure.com/studies/squadcovidstudy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 19:25:43 GMT
content-encoding
gzip
last-modified
Thu, 03 Dec 2020 18:23:23 GMT
content-length
82558
vary
Accept-Encoding
content-type
text/css
paper-dashboard-734f35ec0dd3df144ec0.js
research-eu1.leapcure.com/packs/js/ Frame 2849 		2 MB
403 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://research-eu1.leapcure.com/packs/js/paper-dashboard-734f35ec0dd3df144ec0.js
Requested by
Host: research-eu1.leapcure.com
URL: https://research-eu1.leapcure.com/studies/squadcovidstudy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.156.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-156-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bba409bed2b280d5c3c50f57c45c22908b741079ee90d89fd00261d5df284e13

Request headers

Referer
https://research-eu1.leapcure.com/studies/squadcovidstudy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 19:25:43 GMT
content-encoding
gzip
last-modified
Thu, 03 Dec 2020 18:23:23 GMT
content-length
412025
vary
Accept-Encoding
content-type
application/javascript
lc_classic-3dee3876.css
research-eu1.leapcure.com/packs/css/ Frame 2849 		2 KB
944 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://research-eu1.leapcure.com/packs/css/lc_classic-3dee3876.css
Requested by
Host: research-eu1.leapcure.com
URL: https://research-eu1.leapcure.com/studies/squadcovidstudy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.156.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-156-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7df2956ed00db03398ece8701993ffe197533d1750d3cb1e64f9bcec0ea7ca95

Request headers

Referer
https://research-eu1.leapcure.com/studies/squadcovidstudy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 19:25:43 GMT
content-encoding
gzip
last-modified
Thu, 03 Dec 2020 18:23:23 GMT
content-length
810
vary
Accept-Encoding
content-type
text/css
lc_classic-8be78cc082a7afd666fc.js
research-eu1.leapcure.com/packs/js/ Frame 2849 		1 MB
282 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://research-eu1.leapcure.com/packs/js/lc_classic-8be78cc082a7afd666fc.js
Requested by
Host: research-eu1.leapcure.com
URL: https://research-eu1.leapcure.com/studies/squadcovidstudy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.156.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-156-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b3d21b9765efb4cd82acb83ee2696bb4cd6c0599d9fe885ce4238335ffa4c7ef

Request headers

Referer
https://research-eu1.leapcure.com/studies/squadcovidstudy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 19:25:43 GMT
content-encoding
gzip
last-modified
Thu, 03 Dec 2020 18:23:23 GMT
content-length
288551
vary
Accept-Encoding
content-type
application/javascript
js
maps.googleapis.com/maps/api/ Frame 2849 		136 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?libraries=places,visualization&key=AIzaSyDWAEnySFx_ksPL-n40I1Tq59Riz6lfHRY&callback=dispatchMapsEvent
Requested by
Host: research-eu1.leapcure.com
URL: https://research-eu1.leapcure.com/studies/squadcovidstudy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
1867714b05665c95f78a1f1f48a1209f8fd70a21726f02f137346f1c4e24e829
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 19:25:43 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=28
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45387
x-xss-protection
0
expires
Tue, 25 May 2021 19:55:43 GMT
js
www.googletagmanager.com/gtag/ Frame 2849 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-68342800-2
Requested by
Host: research-eu1.leapcure.com
URL: https://research-eu1.leapcure.com/studies/squadcovidstudy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ddcf0c64f4a82f34ab32cc0f9873e9e20b4dc61ae26bd12b9f5c6baa532e438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 19:25:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35817
x-xss-protection
0
last-modified
Tue, 25 May 2021 18:02:12 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 May 2021 19:25:43 GMT
logo-6d5c430ee182da8c5ba5ee8cc7f2e1af.png
research-eu1.leapcure.com/packs/media/images/ Frame 2849 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research-eu1.leapcure.com/packs/media/images/logo-6d5c430ee182da8c5ba5ee8cc7f2e1af.png
Requested by
Host: research-eu1.leapcure.com
URL: https://research-eu1.leapcure.com/studies/squadcovidstudy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.156.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-156-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
324887467981cfbb809150babb1bc03f5ae434a39aabf73790d14976b8c20a75

Request headers

Referer
https://research-eu1.leapcure.com/studies/squadcovidstudy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 19:25:44 GMT
last-modified
Thu, 03 Dec 2020 18:23:22 GMT
content-length
4815
content-type
image/png
css
fonts.googleapis.com/ Frame 2849 		9 KB
937 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:100,300,400
Requested by
Host: research-eu1.leapcure.com
URL: https://research-eu1.leapcure.com/packs/css/paper-dashboard-cea0f9ad.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c96d4c95b85e1884665415a0ff4d68e6a2f97810d3a4b0ebf9b3ef4cd8164437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 May 2021 19:25:43 GMT
server
ESF
date
Tue, 25 May 2021 19:25:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 May 2021 19:25:43 GMT
gtm.js
www.googletagmanager.com/ Frame 2849 		160 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NV4ZXH
Requested by
Host: research-eu1.leapcure.com
URL: https://research-eu1.leapcure.com/studies/squadcovidstudy
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb483c51adc7c3f1d798b1c23a5e37a4b5e42b033d55c30675c0713227fa0f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 19:25:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54003
x-xss-protection
0
last-modified
Tue, 25 May 2021 18:02:12 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 May 2021 19:25:43 GMT
background-pattern-e5e95496c7c5d6cfa3bad77ea2b34967.png
research-eu1.leapcure.com/packs/media/images/ Frame 2849 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research-eu1.leapcure.com/packs/media/images/background-pattern-e5e95496c7c5d6cfa3bad77ea2b34967.png
Requested by
Host: research-eu1.leapcure.com
URL: https://research-eu1.leapcure.com/packs/css/lc_classic-3dee3876.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.156.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-156-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7bda39a33b013558a4589e1a2e30ceb6de8c1e5d77681da10f25ca84f953f126

Request headers

Referer
https://research-eu1.leapcure.com/packs/css/lc_classic-3dee3876.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 19:25:44 GMT
last-modified
Thu, 03 Dec 2020 18:23:22 GMT
content-length
25355
content-type
image/png
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 2849 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:100,300,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://research-eu1.leapcure.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 22:04:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
age
595291
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
expires
Wed, 18 May 2022 22:04:12 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 2849 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:100,300,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://research-eu1.leapcure.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 May 2021 04:11:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
227653
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
expires
Mon, 23 May 2022 04:11:30 GMT
inspectlet.js
cdn.inspectlet.com/ Frame 2849 		209 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inspectlet.com/inspectlet.js?wid=1353353679&r=450547
Requested by
Host: research-eu1.leapcure.com
URL: https://research-eu1.leapcure.com/studies/squadcovidstudy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:39f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee1782ccfcb87e7ee54cccaaf7085a40c43ccffa25a1c8096f589ae666fef7c

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
655126be3f4e4e37-FRA
date
Tue, 25 May 2021 19:25:44 GMT
via
1.1 vegur
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
s-maxage=60, max-age=14400
content-encoding
gzip
cf-request-id
0a46968ae100004e3722375000000001
analytics.js
www.google-analytics.com/ Frame 2849 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-68342800-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6948
date
Tue, 25 May 2021 17:29:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 25 May 2021 19:29:56 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 2849 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: squadcovidstudy.com
URL: https://squadcovidstudy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24156
x-fb-rlafr
0
pragma
public
x-fb-debug
Fsh3jSjW3ao3vCrwtZKZD51RtZoGBjEPq2vikWIPzUbqRge4w0oRKCcqR/4e5h/reEwtFHa1lJzZXs76CsFCYg==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Tue, 25 May 2021 19:25:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ Frame 2849 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: squadcovidstudy.com
URL: https://squadcovidstudy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6e44b9596bd11c9d0332e7f9a729f2488b67d3f458c4297e079b3e96c7011296

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 19:25:43 GMT
content-encoding
gzip
last-modified
Fri, 21 May 2021 00:51:47 GMT
x-msedge-ref
Ref A: A90085B12A224EB9AE920A37CB094BB7 Ref B: FRAEDGE1316 Ref C: 2021-05-25T19:25:44Z
etag
"8013f579db4dd71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8911
events.js
analytics.tiktok.com/i18n/pixel/ Frame 2849 		113 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0R8QVHURMH959SBQKHG&lib=ttq
Requested by
Host: squadcovidstudy.com
URL: https://squadcovidstudy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
12c6778483f156dc6b52fb70601be43f21a09ae04fafdf977b5d3b2aff7b8ea3

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id
5adc4e39.3c4549d7
date
Tue, 25 May 2021 19:25:44 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-44-5-4.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
x-parent-response-time
159,2.16.186.141
server-timing
cdn-cache; desc=MISS, edge; dur=154, origin; dur=5, inner; dur=0
pragma
no-cache
server
nginx
x-tt-logid
202105251925440102360410974310C1B2
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.44.5.4
expires
Tue, 25 May 2021 19:25:44 GMT
ytc.js
s.yimg.com/wi/ Frame 2849 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: squadcovidstudy.com
URL: https://squadcovidstudy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
7cbcc9a1cb64e9a1ea2d4199c27be0eaf60a3b0326b37365e7a216f92905ce1b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Tue, 25 May 2021 19:14:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
698
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5624
x-amz-id-2
a4uNrGrCPG2OFTqblx/h3MdQ/BeF5C9Yau9Kj65jOpBoxTOQL4Ai6OWnWcAx/xqSqlUSQbdfg98=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 30 Jun 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 25 May 2021 09:31:55 GMT
server
ATS
etag
"54d46bc583b4180deba7f94a3a3f8332-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
0CCVPPQS6SCB4WJF
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
5oZbLGBvU.0yXU_2OrnP7Ny.zDj.6iTs
accept-ranges
bytes
content-type
application/javascript
pixel
q.quora.com/_/ad/2919f3e6ac8a4eb389c17dc307742741/ Frame 2849 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/2919f3e6ac8a4eb389c17dc307742741/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fresearch-eu1.leapcure.com%2Fstudies%2Fsquadcovidstudy
Requested by
Host: research-eu1.leapcure.com
URL: https://research-eu1.leapcure.com/studies/squadcovidstudy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.194.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-194-150.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 25 May 2021 19:25:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Q-Stat
,606927dbb0959dadcae8aaf82a5f738a,10.0.0.64,52782,84.17.53.67,,89828863797,1,1621970744.863,0.001,,.,0,0,0.004,0.004,-,0,0,203,292,146,10,26847,,,,,,-,
Content-Type
image/gif
10147724.json
s.yimg.com/wi/config/ Frame 2849 		2 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10147724.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 19:25:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
DFZMEVK2M1FC4H7X
x-amz-id-2
xnALHKF1rbZXPvk3/wG9LlNclNivi9lqs2+bVoZKJrbuZ8SYzCH19nttswe5PNjtTHMb2uMPQ0k=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
22
1623523057908413
connect.facebook.net/signals/config/ Frame 2849 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1623523057908413?v=2.9.40&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8d39eefd67db444950a133a02086692066db6941974c8567cd3a279af7a8e13b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
K53/f7DerOn2h04z5JknuOjKk3m8ElrcNqtVqC7bjGrDxjEGSW5QgGJTXHdIt74M4Fm7iiRrhdlb2bT+hd3VIg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 25 May 2021 19:25:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
26342626
bat.bing.com/p/action/ Frame 2849 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/26342626
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 25 May 2021 19:25:43 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: 0DC724E337F54ED38B5B62DA066DB2CF Ref B: FRAEDGE1316 Ref C: 2021-05-25T19:25:44Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 2849 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=26342626&Ver=2&mid=e2284345-ef76-4c60-9f1e-c35fc73913a3&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Leapcure&p=https%3A%2F%2Fsquadcovidstudy.com%2F&r=&lt=1389&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=781595
Requested by
Host: research-eu1.leapcure.com
URL: https://research-eu1.leapcure.com/studies/squadcovidstudy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 25 May 2021 19:25:43 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: D27B13601ACA4A86B8946AB30D5E3C97 Ref B: FRAEDGE1316 Ref C: 2021-05-25T19:25:44Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 2849 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1623523057908413&ev=PageView&dl=https%3A%2F%2Fresearch-eu1.leapcure.com%2Fstudies%2Fsquadcovidstudy&rl=https%3A%2F%2Fsquadcovidstudy.com%2F&if=true&ts=1621970744223&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=28&it=1621970744149&coo=false&exp=l1&rqm=GET
Requested by
Host: research-eu1.leapcure.com
URL: https://research-eu1.leapcure.com/studies/squadcovidstudy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 19:25:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 25 May 2021 19:25:44 GMT
identify.js
analytics.tiktok.com/i18n/pixel/ Frame 2849 		140 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0R8QVHURMH959SBQKHG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
420d31548250b39e9e360cdf56a6fe9b8c3143c2c09d739c4e9ae60ee22319e1

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id
6aae8ed8.3c454dcc
date
Tue, 25 May 2021 19:25:45 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-61-0-149.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
x-parent-response-time
164,2.16.186.141
server-timing
cdn-cache; desc=MISS, edge; dur=163, origin; dur=5, inner; dur=0
pragma
no-cache
server
nginx
x-tt-logid
202105251925440102360430824E117F53
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.61.0.149
expires
Tue, 25 May 2021 19:25:45 GMT
config.js
analytics.tiktok.com/i18n/pixel/ Frame 2849 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C0R8QVHURMH959SBQKHG
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0R8QVHURMH959SBQKHG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3b23aa28612e1639960515215b69eae30b7622b5d1e95549e4ba02bd10702e4a

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id
956406d6.3c454e0e
date
Tue, 25 May 2021 19:25:45 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-44-5-5.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
x-parent-response-time
192,2.16.186.141
server-timing
cdn-cache; desc=MISS, edge; dur=198, origin; dur=10, inner; dur=4
content-length
19371
pragma
no-cache
server
nginx
x-tt-logid
2021052519254401023604014862113206
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
10,23.44.5.5
expires
Tue, 25 May 2021 19:25:45 GMT
pixel
analytics.tiktok.com/api/v2/ Frame 2849 		0
559 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0R8QVHURMH959SBQKHG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
e1ca2b45.3c45521c
date
Tue, 25 May 2021 19:25:45 GMT
x-cache-remote
TCP_MISS from a23-61-0-115.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
upstream-caught
1621970745381510
x-cache
TCP_MISS from a2-16-186-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-parent-response-time
168,2.16.186.141
server-timing
cdn-cache; desc=MISS, edge; dur=155, origin; dur=14, inner; dur=12
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202105251925450102360430821A116C71
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
14,23.61.0.115
expires
Tue, 25 May 2021 19:25:45 GMT
1353353679
hn.inspectlet.com/ginit/ Frame 2849 		192 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hn.inspectlet.com/ginit/1353353679
Requested by
Host: cdn.inspectlet.com
URL: https://cdn.inspectlet.com/inspectlet.js?wid=1353353679&r=450547
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.114.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-114-126.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
62b2a297226700e5a7b34e2216f7e0d9c43d24f0afd7df3b09f05346a95ca34a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 25 May 2021 19:25:47 GMT
Via
1.1 vegur
Server
Cowboy
X-Powered-By
Express
Access-Control-Allow-Methods
GET, POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://research-eu1.leapcure.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
192
pdata
hn.inspectlet.com/ Frame 2849 		35 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hn.inspectlet.com/pdata?d=mr,1037,undefined,undefined,undefined,undefined)s,1037,0,0)&w=1353353679&r=1738211759&sid=964649410&pad=1&dn=dn&fadd=true&oid=94118124&lpt=0&rrtn=1621970747733
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.114.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-114-126.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 25 May 2021 19:25:47 GMT
Via
1.1 vegur
Server
Cowboy
Cache-Control
no-cache
X-Powered-By
Express
Content-Length
35
Connection
keep-alive
common.js
maps.googleapis.com/maps-api-v3/api/js/44/14/ Frame 2849 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places,visualization&key=AIzaSyDWAEnySFx_ksPL-n40I1Tq59Riz6lfHRY&callback=dispatchMapsEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 07:20:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 May 2021 18:12:04 GMT
server
sffe
age
43496
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31670
x-xss-protection
0
expires
Wed, 25 May 2022 07:20:53 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/44/14/ Frame 2849 		280 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/14/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places,visualization&key=AIzaSyDWAEnySFx_ksPL-n40I1Tq59Riz6lfHRY&callback=dispatchMapsEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 13:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 May 2021 18:12:04 GMT
server
sffe
age
21972
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87588
x-xss-protection
0
expires
Wed, 25 May 2022 13:19:37 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame 2849 		62 B
83 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fresearch-eu1.leapcure.com%2Fstudies%2Fsquadcovidstudy&4sAIzaSyDWAEnySFx_ksPL-n40I1Tq59Riz6lfHRY&callback=_xdc_._hlt0m0&key=AIzaSyDWAEnySFx_ksPL-n40I1Tq59Riz6lfHRY&token=70606
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
064dc1b3a9f05b63bd8fca4173a520b8c1f2414754150a28da705e7efc156bd9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://research-eu1.leapcure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 May 2021 19:25:49 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=33
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| geoip

1 Cookies

Domain/Path Name / Value
.leapcure.com/ Name: __insp_dct
Value: 38

1 Console Messages

Source Level URL
Text
console-api log URL: https://squadcovidstudy.com/(Line 16)
Message:
CC: DE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
bat.bing.com
cdn.inspectlet.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
hn.inspectlet.com
maps.googleapis.com
q.quora.com
research-eu1.leapcure.com
s.yimg.com
squadcovidstudy.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.224.195.20
2.16.186.145
2606:4700:10::6816:39f5
2606:4700:20::681a:164
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:802::2003
2a00:1450:4001:803::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2008
2a00:1450:4001:82f::200a
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
3.220.114.126
3.224.194.150
35.158.156.43
041d14e4ad5430ff2f0cb10afb3045e2456ef40bd691558eaa7efc1de415f1ed
064dc1b3a9f05b63bd8fca4173a520b8c1f2414754150a28da705e7efc156bd9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1263873281d4b491561c971e8bbfdc9ed3efff22ebec4d8cc93fa5bc67b4f46b
12c6778483f156dc6b52fb70601be43f21a09ae04fafdf977b5d3b2aff7b8ea3
1867714b05665c95f78a1f1f48a1209f8fd70a21726f02f137346f1c4e24e829
1ddcf0c64f4a82f34ab32cc0f9873e9e20b4dc61ae26bd12b9f5c6baa532e438
2137a352a69ffcefc013b136214ec2a5011758684ec6c3bad0735ce34bb5a95a
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
324887467981cfbb809150babb1bc03f5ae434a39aabf73790d14976b8c20a75
3b23aa28612e1639960515215b69eae30b7622b5d1e95549e4ba02bd10702e4a
3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2
420d31548250b39e9e360cdf56a6fe9b8c3143c2c09d739c4e9ae60ee22319e1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5bce5c5127b32b5c2973f08893d8e267faaf9e8707d14f5c6c5f30e1d1e885a5
62b2a297226700e5a7b34e2216f7e0d9c43d24f0afd7df3b09f05346a95ca34a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e44b9596bd11c9d0332e7f9a729f2488b67d3f458c4297e079b3e96c7011296
6ee1782ccfcb87e7ee54cccaaf7085a40c43ccffa25a1c8096f589ae666fef7c
77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851
7bda39a33b013558a4589e1a2e30ceb6de8c1e5d77681da10f25ca84f953f126
7cbcc9a1cb64e9a1ea2d4199c27be0eaf60a3b0326b37365e7a216f92905ce1b
7df2956ed00db03398ece8701993ffe197533d1750d3cb1e64f9bcec0ea7ca95
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8d39eefd67db444950a133a02086692066db6941974c8567cd3a279af7a8e13b
ae2d4d6887bff6f54dbee0f82fbde784b16b693f75521e8f0fac18ff50c585a9
b3d21b9765efb4cd82acb83ee2696bb4cd6c0599d9fe885ce4238335ffa4c7ef
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
bba409bed2b280d5c3c50f57c45c22908b741079ee90d89fd00261d5df284e13
c96d4c95b85e1884665415a0ff4d68e6a2f97810d3a4b0ebf9b3ef4cd8164437
cb483c51adc7c3f1d798b1c23a5e37a4b5e42b033d55c30675c0713227fa0f94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855