publichealthinsurance.xyz Open in urlscan Pro
104.243.38.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://p5tzcqaaqbaj.gloo.pw/
Effective URL:
http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Submission: On May 11 via manual (May 11th 2020, 11:38:41 pm UTC) from AU

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 13 domains to perform 37 HTTP transactions. The main IP is 104.243.38.20, located in Miami, United States and belongs to RELIABLESITE, US. The main domain is publichealthinsurance.xyz.

This is the only time publichealthinsurance.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.243.38.22 104.243.38.22	23470 (RELIABLESITE) (RELIABLESITE)
12	104.243.38.20 104.243.38.20	23470 (RELIABLESITE) (RELIABLESITE)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
2	104.22.53.65 104.22.53.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
1	192.99.0.58 192.99.0.58	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
37	15

1 104.243.38.22 (Miami, United States) 1 redirects

ASN23470 (RELIABLESITE, US)

p5tzcqaaqbaj.gloo.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.243.38.20 (Miami, United States)

ASN23470 (RELIABLESITE, US)

publichealthinsurance.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.53.65 (United States)

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.0.58 (Toronto, Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	publichealthinsurance.xyz publichealthinsurance.xyz	71 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	133 KB
4	gstatic.com fonts.gstatic.com	93 KB
3	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	151 B
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
2	google.de www.google.de adservice.google.de	1003 B
2	google.com 1 redirects www.google.com adservice.google.com	1 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	statcounter.com www.statcounter.com c.statcounter.com	12 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	googletagmanager.com www.googletagmanager.com	30 KB
1	gloo.pw 1 redirects p5tzcqaaqbaj.gloo.pw	221 B
37	13

	Domain	Requested by
12	publichealthinsurance.xyz	publichealthinsurance.xyz
4	fonts.gstatic.com	publichealthinsurance.xyz
4	pagead2.googlesyndication.com	publichealthinsurance.xyz pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	fonts.googleapis.com	publichealthinsurance.xyz
1	www.googletagservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	c.statcounter.com	www.statcounter.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.google.de	publichealthinsurance.xyz
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	s10.histats.com	publichealthinsurance.xyz
1	www.statcounter.com	publichealthinsurance.xyz
1	ajax.googleapis.com	publichealthinsurance.xyz
1	www.googletagmanager.com	publichealthinsurance.xyz
1	p5tzcqaaqbaj.gloo.pw	1 redirects
37	20

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-22` - `2020-10-29`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
histats.com Let's Encrypt Authority X3	`2020-03-25` - `2020-06-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Frame ID: B9904F6E62538F672B7AC63E7A730220
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200506/r20190131/zrt_lookup.html
Frame ID: 7C57FAE835621093810D585EDC961B1F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3181373112926235&output=html&adk=1812271804&adf=3025194257&lmt=1589240284&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fp5tzcqaaqbaj%2F&ea=0&flash=0&pra=5&wgl=1&dt=1589240284199&bpp=15&bdt=631&idt=92&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8744174697687&frm=20&pv=2&ga_vid=1896887375.1589240284&ga_sid=1589240284&ga_hid=1088395799&ga_fc=0&iag=0&icsg=134787056&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=4167995734561966&pem=197&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=114
Frame ID: A789931BAA6AC2B72CABA43C22897E5C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 2A8C92EB8D0DA74C5073AF2E3C2BD7F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://p5tzcqaaqbaj.gloo.pw/ HTTP 302
http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

37
Requests

51 %
HTTPS

72 %
IPv6

13
Domains

20
Subdomains

15
IPs

5
Countries

426 kB
Transfer

1109 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://p5tzcqaaqbaj.gloo.pw/ HTTP 302
http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1088395799&t=pageview&_s=1&dl=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fp5tzcqaaqbaj%2F&ul=en-us&de=UTF-8&dt=Downloads%20PDF%20The%20Seal%20of%20Surya%20Amritanshu%20Pandey%20Pirates%20Books&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=116550628&gjid=797135059&cid=1896887375.1589240284&tid=UA-37281609-1&_gid=978985805.1589240284&_r=1&gtm=2ou4t0&z=1975073168 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37281609-1&cid=1896887375.1589240284&jid=116550628&_gid=978985805.1589240284&gjid=797135059&_v=j82&z=1975073168 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37281609-1&cid=1896887375.1589240284&jid=116550628&_v=j82&z=1975073168 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37281609-1&cid=1896887375.1589240284&jid=116550628&_v=j82&z=1975073168&slf_rd=1&random=1475182760

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Redirect Chain

http://p5tzcqaaqbaj.gloo.pw/
http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/

19 KB
5 KB

232ms
197ms

Document
text/html

104.243.38.20
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Protocol: HTTP/1.1
Server: 104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx / PHP/5.6.40-12+ubuntu18.04.1+deb.sury.org+1
Resource Hash: d822644e5517ed62d7822da6bb27b607f203a6f06a31f50d9103b7db6abdbf52

Request headers

Host: publichealthinsurance.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Mon, 11 May 2020 23:38:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40-12+ubuntu18.04.1+deb.sury.org+1
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Mon, 11 May 2020 23:38:03 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 81 KB
30 KB 36ms
25ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-37281609-1

Requested by

Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90101732dd4790cf784c47a0316b695bf4323406e1757096edd3eb00c53dc8e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 23:38:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30431
x-xss-protection: 0
expires: Mon, 11 May 2020 23:38:03 GMT

GET
H/1.1 200
OK bootstrap.min.css
publichealthinsurance.xyz/material/css/ 118 KB
20 KB 112ms
103ms Stylesheet
text/css 104.243.38.20
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: http://publichealthinsurance.xyz/material/css/bootstrap.min.css
Requested by: Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Protocol: HTTP/1.1
Server: 104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 1eeb40951c715bd128277746af336f5f4ad88b869cc89776081bd25d8f3bf23c

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 23:38:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 23:01:28 GMT
Server: nginx
ETag: W/"5cd9f748-1d999"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK bootstrap-material-design.css
publichealthinsurance.xyz/material/css/ 103 KB
12 KB 206ms
176ms Stylesheet
text/css 104.243.38.20
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: http://publichealthinsurance.xyz/material/css/bootstrap-material-design.css
Requested by: Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Protocol: HTTP/1.1
Server: 104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: fcd864a50f33500ef8f049006c6d7d79094b7b33f41f72430721c7d415d9d501

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 23:38:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 23:01:28 GMT
Server: nginx
ETag: W/"5cd9f748-19bf0"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK ripples.css
publichealthinsurance.xyz/material/css/ 1 KB
713 B 205ms
174ms Stylesheet
text/css 104.243.38.20
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: http://publichealthinsurance.xyz/material/css/ripples.css
Requested by: Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Protocol: HTTP/1.1
Server: 104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d615b29ea8624e9aa292d00ec9b501ed05334013d2b0606cbe90dff1138e54a

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 23:38:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 23:01:28 GMT
Server: nginx
ETag: W/"5cd9f748-514"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery.dropdown.css
publichealthinsurance.xyz/material/css/ 2 KB
992 B 203ms
172ms Stylesheet
text/css 104.243.38.20
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: http://publichealthinsurance.xyz/material/css/jquery.dropdown.css
Requested by: Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Protocol: HTTP/1.1
Server: 104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 79538cdcec10e98be945f339e08fe7dba1871fed358d83649b8a699586a2b250

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 23:38:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 23:01:28 GMT
Server: nginx
ETag: W/"5cd9f748-83c"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK style.css
publichealthinsurance.xyz/ 14 KB
4 KB 206ms
176ms Stylesheet
text/css 104.243.38.20
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: http://publichealthinsurance.xyz/style.css
Requested by: Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Protocol: HTTP/1.1
Server: 104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ee593e35b5a326cde4f67ad1fd91263a48b039c4cc2c9400c45b820271c3f74

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 23:38:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 23:01:28 GMT
Server: nginx
ETag: W/"5cd9f748-38d0"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK css
fonts.googleapis.com/ 7 KB
1 KB 31ms
17ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto:300,400,500

Requested by

Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55358d6caf431bde2a03ce1438a4d7630c804976fa0422c8eaad1cf5799c603c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 23:38:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 May 2020 23:38:03 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Mon, 11 May 2020 23:38:03 GMT

GET
H2 200 icon
fonts.googleapis.com/ 574 B
465 B 24ms
15ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 May 2020 23:38:03 GMT
server: ESF
date: Mon, 11 May 2020 23:38:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 May 2020 23:38:03 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 14ms
5ms Script
text/javascript 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Apr 2020 15:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3226916
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Apr 2021 15:16:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
39 KB 47ms
26ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

975ee123b2e5a299c8a857798c11049fdf09f88fe363254a90ab99263b874cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 23:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 39186
x-xss-protection: 0
server: cafe
etag: 3465331680960370250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 May 2020 23:38:03 GMT

GET
H/1.1 200
OK logo.png
publichealthinsurance.xyz/images/ 4 KB
4 KB 110ms
109ms Image
image/png 104.243.38.20
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://publichealthinsurance.xyz/images/logo.png
Requested by: Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Protocol: HTTP/1.1
Server: 104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 3183ea3bad9999bcecc91378d61955fe1b3de5bad1653d0ff0892ea7792475e0

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 23:38:03 GMT
Last-Modified: Mon, 13 May 2019 23:01:28 GMT
Server: nginx
ETag: "5cd9f748-e0f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3599

GET
H/1.1 200
OK the-seal-of-surya-amritanshu-pandey-amritanshu-pandey-pirates-p5TzCQAAQBAJ.jpg
publichealthinsurance.xyz/img/ 9 KB
9 KB 195ms
172ms Image
image/jpeg 104.243.38.20
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://publichealthinsurance.xyz/img/the-seal-of-surya-amritanshu-pandey-amritanshu-pandey-pirates-p5TzCQAAQBAJ.jpg
Requested by: Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Protocol: HTTP/1.1
Server: 104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 788668778a78208174cf88920ba279b4040c86e79e810b459abf0ae892ecc2a6

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 23:38:03 GMT
Last-Modified: Fri, 21 Dec 2018 13:42:02 GMT
Server: nginx
ETag: "5c1cedaa-228d"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8845
Expires: Mon, 18 May 2020 23:38:03 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
publichealthinsurance.xyz/material/js/ 36 KB
10 KB 101ms
101ms Script
application/x-javascript 104.243.38.20
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: http://publichealthinsurance.xyz/material/js/bootstrap.min.js
Requested by: Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Protocol: HTTP/1.1
Server: 104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 23:38:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 23:01:28 GMT
Server: nginx
ETag: W/"5cd9f748-9004"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK ripples.min.js Show response
publichealthinsurance.xyz/material/js/ 3 KB
1 KB 100ms
99ms Script
application/x-javascript 104.243.38.20
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: http://publichealthinsurance.xyz/material/js/ripples.min.js
Requested by: Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Protocol: HTTP/1.1
Server: 104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 4d8fc43bffbe520fcff9f4818daaa59adba984204ac253fb4ce9d2f921a737c8

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 23:38:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 23:01:28 GMT
Server: nginx
ETag: W/"5cd9f748-af9"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK material.min.js Show response
publichealthinsurance.xyz/material/js/ 5 KB
2 KB 110ms
109ms Script
application/x-javascript 104.243.38.20
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: http://publichealthinsurance.xyz/material/js/material.min.js
Requested by: Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Protocol: HTTP/1.1
Server: 104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a2770268fb74d2f9c0463b4b836e2764c553e1ad4e914ae2bc1c31a9230ab78

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 23:38:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 23:01:28 GMT
Server: nginx
ETag: W/"5cd9f748-152e"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery.dropdown.js Show response
publichealthinsurance.xyz/material/js/ 12 KB
4 KB 100ms
98ms Script
application/x-javascript 104.243.38.20
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: http://publichealthinsurance.xyz/material/js/jquery.dropdown.js
Requested by: Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Protocol: HTTP/1.1
Server: 104.243.38.20 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 86f7523fd3bff5a6464ace1e296b6e5c864b4a444d833b4decd992da40f658cd

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 23:38:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 23:01:28 GMT
Server: nginx
ETag: W/"5cd9f748-3056"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 34 KB
11 KB 113ms
41ms Script
application/x-javascript 104.22.53.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.53.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6318fa2ca0204fa6b4af3e7dcf15e9c463a0ae55fd53c8317f43f0252e37cf2b

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 23:38:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Apr 2020 11:05:55 GMT
server: cloudflare
age: 1144
etag: W/"5e9d8213-883a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=43200
cf-ray: 591fbb3e5f38cd8f-CDG
cf-request-id: 02a7b35af60000cd8fe227e200000001
expires: Tue, 12 May 2020 11:18:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-37281609-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 3568
date: Mon, 11 May 2020 22:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Tue, 12 May 2020 00:38:35 GMT

GET
H/1.1 200
OK KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 13ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto:300,400,500
Origin: http://publichealthinsurance.xyz

Response headers

Date: Wed, 06 May 2020 03:12:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Jul 2019 01:18:50 GMT
Server: sffe
Age: 505517
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 11016
X-XSS-Protection: 0
Expires: Thu, 06 May 2021 03:12:46 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 12ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto:300,400,500
Origin: http://publichealthinsurance.xyz

Response headers

Date: Tue, 05 May 2020 23:14:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Jul 2019 01:18:52 GMT
Server: sffe
Age: 519811
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 11180
X-XSS-Protection: 0
Expires: Wed, 05 May 2021 23:14:32 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v50/ 59 KB
60 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v50/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/icon?family=Material+Icons
Origin: http://publichealthinsurance.xyz

Response headers

date: Mon, 11 May 2020 17:34:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 01:57:25 GMT
server: sffe
age: 21831
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60840
x-xss-protection: 0
expires: Tue, 11 May 2021 17:34:12 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto:300,400,500
Origin: http://publichealthinsurance.xyz

Response headers

Date: Thu, 09 Apr 2020 20:27:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Jul 2019 01:18:48 GMT
Server: sffe
Age: 2776257
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 11056
X-XSS-Protection: 0
Expires: Fri, 09 Apr 2021 20:27:06 GMT

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 68ms
35ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 23:32:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Apr 2020 10:44:16 GMT
X-CDN-Pop-IP: 51.254.41.128/26
ETag: "-375139978"
X-Cacheable: Matched cache
Vary: Accept-Encoding
X-IPLB-Instance: 32945
Content-Type: text/javascript
X-CDN-Pop: rbx1
Accept-Ranges: bytes
Content-Length: 4547
X-Request-ID: 272793671

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1088395799&t=pageview&_s=1&dl=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fp5tzcqaaqbaj%2F&ul=en-us&de=UTF-8&dt=Downloads%20PDF%20The%20...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37281609-1&cid=1896887375.1589240284&jid=116550628&_gid=978985805.1589240284&gjid=797135059&_v=j82&z=1975073168
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37281609-1&cid=1896887375.1589240284&jid=116550628&_v=j82&z=1975073168
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37281609-1&cid=1896887375.1589240284&jid=116550628&_v=j82&z=1975073168&slf_rd=1&random=1475182760

42 B
109 B

35ms
22ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37281609-1&cid=1896887375.1589240284&jid=116550628&_v=j82&z=1975073168&slf_rd=1&random=1475182760

Requested by

Host: publichealthinsurance.xyz
URL: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 May 2020 23:38:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 May 2020 23:38:04 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37281609-1&cid=1896887375.1589240284&jid=116550628&_v=j82&z=1975073168&slf_rd=1&random=1475182760
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
894 B 36ms
16ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=publichealthinsurance.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 May 2020 23:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
894 B 53ms
32ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=publichealthinsurance.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 May 2020 23:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/ 217 KB
82 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4008c399421c2f1282faf06b2631a925629c9fb9bdfa56b972bb8754d829be47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 23:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83827
x-xss-protection: 0
server: cafe
etag: 14851109439880523126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 May 2020 23:38:04 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200506/r20190131/ Frame 7C57 0
0 7ms
7ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200506/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200506/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 07 May 2020 02:45:36 GMT
expires: Thu, 21 May 2020 02:45:36 GMT
content-type: text/html; charset=UTF-8
etag: 4094386822458569044
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4444
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 420748
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 t.php Show response
c.statcounter.com/ 162 B
709 B 858ms
833ms XHR
application/json 104.22.53.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=11109587&java=1&security=aef6ae22&u1=B673482A9E614FEDB608083CCA79B824&sc_rum_f_s=0&sc_rum_f_e=834&sc_rum_e_s=1121&sc_rum_e_e=1132&sc_random=0.4589195364254568&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//publichealthinsurance.xyz/booker/p5tzcqaaqbaj/&t=Downloads%20PDF%20The%20Seal%20of%20Surya%20Amritanshu%20Pandey%20Pirates%20Books&rcat=d&rdom=d&rdomg=new&bb=1&sc_snum=1&sess=0a9987&p=0&invisible=1&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.53.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0564d20c6662fa83c89b22ef3e1185cede3d6e4dfbc1525e936930e8ea58fb13

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 591fbb40ab33cd8f-CDG
date: Mon, 11 May 2020 23:38:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: http://publichealthinsurance.xyz
access-control-allow-credentials: true
content-type: application/json
cf-request-id: 02a7b35c660000cd8fe2294200000001
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
322 B 354ms
119ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4267576&@f16&@g1&@h1&@i1&@j1589240284253&@k0&@l1&@mDownloads%20PDF%20The%20Seal%20of%20Surya%20Amritanshu%20Pandey%20Pirates%20Books&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-184722247&@b3:1589240284&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fp5tzcqaaqbaj%2F&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 Toronto, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: 82d95bb12744d4c048529621aae72d6b9d55ca6a1b82b7ce26e7a2b852536f9d

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 23:38:04 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame A789 0
0 54ms
41ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3181373112926235&output=html&adk=1812271804&adf=3025194257&lmt=1589240284&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fp5tzcqaaqbaj%2F&ea=0&flash=0&pra=5&wgl=1&dt=1589240284199&bpp=15&bdt=631&idt=92&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8744174697687&frm=20&pv=2&ga_vid=1896887375.1589240284&ga_sid=1589240284&ga_hid=1088395799&ga_fc=0&iag=0&icsg=134787056&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=4167995734561966&pem=197&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=114

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3181373112926235&output=html&adk=1812271804&adf=3025194257&lmt=1589240284&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fpublichealthinsurance.xyz%2Fbooker%2Fp5tzcqaaqbaj%2F&ea=0&flash=0&pra=5&wgl=1&dt=1589240284199&bpp=15&bdt=631&idt=92&shv=r20200506&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8744174697687&frm=20&pv=2&ga_vid=1896887375.1589240284&ga_sid=1589240284&ga_hid=1088395799&ga_fc=0&iag=0&icsg=134787056&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=4167995734561966&pem=197&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=114
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 11 May 2020 23:38:04 GMT
server: cafe
content-length: 856
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 11-May-2020 23:53:04 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 11 May 2020 23:38:04 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 84ms
42ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bb5347fd356ae8863aeb2695b9f2125a42b90449cd729e3527456dd1f20897b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 23:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588975424504927"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27855
x-xss-protection: 0
expires: Mon, 11 May 2020 23:38:04 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 37ms
18ms XHR
application/json 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200506&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7b91249e1e58cd9745b532bada71d75bbbf477ad7bac508aa8becd6c0a5f4a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 May 2020 23:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5479
x-xss-protection: 0

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 26ms
13ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200506/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 23:38:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1582746470043195"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5456
X-XSS-Protection: 0
Expires: Mon, 11 May 2020 23:38:04 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 2A8C 0
0 34ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Mon, 11 May 2020 22:47:52 GMT
expires: Tue, 11 May 2021 22:47:52 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3012
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
123 B 16ms
15ms Image
image/gif 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200506&jk=4167995734561966&bg=!nJ-ln4dY391hWOVbpIgCAAAATVIAAAAWmQGA3-xfILe5fHEyCiSlSoO484ywNYI7CC31CXXUgTtIB33nIBZUCNnJ3ZvFvvwUL_dLueid-JOfBS2Tzu8oK8TC6VT4HPZlB7RTS39I4g7lEBPcZpjjaEgjH4RDvjV_xpcaNE5m2rkBv0cvD3Dd68I88FHjjtbffeNTKb0Czcblt0ySxGe-qhmfxqv1uTnsnWLcQfXmBJsk9FKDz9BkeukbtOkj9edMYcCbd8AgJPgyEUtb2joFACQfPjqoDffO1Bvx68xKTKIYjQpTQN8FlFVrW8vlfBwiW6NkbZsHhzaXYk94WfGPTMJrIWL3Zv6hrepDV3hJenoUIuX2DFA7pNk0-SucX0e3SGxJSqRR7tAw58eqJ3Ktd-B3vnkxtT7x9SiUiK1rj7-w7yoZGKxfMYd1ppq2aFEAvfrfQd0SzrG0_UYKxeYPOerhp7FfOr0W9NeQvaDnCg3HkXxY48m5UL9wInQkgS80IOHbxNMpaluxvht0IqXehnf5vtL9oftfJ4jV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://publichealthinsurance.xyz/booker/p5tzcqaaqbaj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 May 2020 23:38:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 09:27:21	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
c.statcounter.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
p5tzcqaaqbaj.gloo.pw
pagead2.googlesyndication.com
publichealthinsurance.xyz
s10.histats.com
s4.histats.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
104.22.53.65
104.243.38.20
104.243.38.22
192.99.0.58
2a00:1450:4001:801::2003
2a00:1450:4001:808::2003
2a00:1450:4001:814::200a
2a00:1450:4001:816::2002
2a00:1450:4001:816::200a
2a00:1450:4001:817::200e
2a00:1450:4001:81a::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2008
2a00:1450:4001:81e::2004
2a00:1450:4001:821::200a
2a00:1450:4001:824::2002
2a00:1450:400c:c04::9c
46.105.201.240
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0564d20c6662fa83c89b22ef3e1185cede3d6e4dfbc1525e936930e8ea58fb13
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
1d615b29ea8624e9aa292d00ec9b501ed05334013d2b0606cbe90dff1138e54a
1eeb40951c715bd128277746af336f5f4ad88b869cc89776081bd25d8f3bf23c
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3183ea3bad9999bcecc91378d61955fe1b3de5bad1653d0ff0892ea7792475e0
3ee593e35b5a326cde4f67ad1fd91263a48b039c4cc2c9400c45b820271c3f74
4008c399421c2f1282faf06b2631a925629c9fb9bdfa56b972bb8754d829be47
4d8fc43bffbe520fcff9f4818daaa59adba984204ac253fb4ce9d2f921a737c8
55358d6caf431bde2a03ce1438a4d7630c804976fa0422c8eaad1cf5799c603c
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6318fa2ca0204fa6b4af3e7dcf15e9c463a0ae55fd53c8317f43f0252e37cf2b
788668778a78208174cf88920ba279b4040c86e79e810b459abf0ae892ecc2a6
79538cdcec10e98be945f339e08fe7dba1871fed358d83649b8a699586a2b250
82d95bb12744d4c048529621aae72d6b9d55ca6a1b82b7ce26e7a2b852536f9d
86f7523fd3bff5a6464ace1e296b6e5c864b4a444d833b4decd992da40f658cd
8a2770268fb74d2f9c0463b4b836e2764c553e1ad4e914ae2bc1c31a9230ab78
90101732dd4790cf784c47a0316b695bf4323406e1757096edd3eb00c53dc8e6
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
975ee123b2e5a299c8a857798c11049fdf09f88fe363254a90ab99263b874cda
9bb5347fd356ae8863aeb2695b9f2125a42b90449cd729e3527456dd1f20897b
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d822644e5517ed62d7822da6bb27b607f203a6f06a31f50d9103b7db6abdbf52
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b91249e1e58cd9745b532bada71d75bbbf477ad7bac508aa8becd6c0a5f4a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcd864a50f33500ef8f049006c6d7d79094b7b33f41f72430721c7d415d9d501

publichealthinsurance.xyz Open in urlscan Pro 104.243.38.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

51 %HTTPS

72 %IPv6

13 Domains

20 Subdomains

15 IPs

5 Countries

426 kBTransfer

1109 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

publichealthinsurance.xyz Open in urlscan Pro
104.243.38.20 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

51 %
HTTPS

72 %
IPv6

13
Domains

20
Subdomains

15
IPs

5
Countries

426 kB
Transfer

1109 kB
Size

1
Cookies

37 HTTP transactions
0 data transactions