refertcfederal.com Open in urlscan Pro
13.82.175.96  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set emailoptout Show response refertcfederal.com/	6 KB 3 KB	800ms 270ms	Document text/html	13.82.175.96 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://refertcfederal.com/emailoptout Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash bb61054ae4265e8b8b4bc8a2f2784abaf431a1c9e87a18b8d0f07d9419422f6a Request headers Host refertcfederal.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Cache-Control private Content-Length 2596 Content-Type text/html; charset=utf-8 Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/10.0 Set-Cookie ASP.NET_SessionId=jqu5ddk2f0g2e105grznaqgf; path=/; HttpOnly; SameSite=Lax ARRAffinity=92cd4fe625b795203bb7e7c84f82f619ecbffa54e7f5a779ae4fbd88706cad2f;Path=/;HttpOnly;Secure;Domain=refertcfederal.com ARRAffinitySameSite=92cd4fe625b795203bb7e7c84f82f619ecbffa54e7f5a779ae4fbd88706cad2f;Path=/;HttpOnly;SameSite=None;Secure;Domain=refertcfederal.com X-AspNetMvc-Version 5.2 X-AspNet-Version 4.0.30319 Request-Context appId=cid-v1:bc2404d8-e269-41a4-b767-bab16cab3ef7 Access-Control-Expose-Headers Request-Context X-Powered-By ASP.NET Date Mon, 25 Jan 2021 20:02:06 GMT
GET H/1.1	200 OK	bootstrap.css refertcfederal.com/Content/	203 KB 26 KB	210ms 199ms	Stylesheet text/css	13.82.175.96 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://refertcfederal.com/Content/bootstrap.css Requested by Host: refertcfederal.com URL: https://refertcfederal.com/emailoptout Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 6ac3cfaae4ec74e7e74d180ef0154743b47feaf8b41f8ad2e71c884e854eab6c Request headers Referer https://refertcfederal.com/emailoptout User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 Jan 2021 20:02:06 GMT Content-Encoding gzip ETag "00cf1482e4d61:0" Last-Modified Wed, 06 Jan 2021 23:17:20 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Access-Control-Expose-Headers Request-Context Accept-Ranges bytes Content-Length 26199 Request-Context appId=cid-v1:bc2404d8-e269-41a4-b767-bab16cab3ef7
GET H2	200	css fonts.googleapis.com/	3 KB 554 B	21ms 14ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:400,700,900,400italic Requested by Host: refertcfederal.com URL: https://refertcfederal.com/emailoptout Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 82a18c09a49d3c1cc14369efb83858753be80567e897174c7255ba9558753489 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://refertcfederal.com/emailoptout User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 25 Jan 2021 20:02:07 GMT server ESF date Mon, 25 Jan 2021 20:02:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 25 Jan 2021 20:02:07 GMT
GET H/1.1	200 OK	all.css refertcfederal.com/Content/B/css/	22 KB 5 KB	530ms 190ms	Stylesheet text/css	13.82.175.96 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://refertcfederal.com/Content/B/css/all.css Requested by Host: refertcfederal.com URL: https://refertcfederal.com/emailoptout Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 01abbf3ba3d8b8b10d34a2aa6b139e02d879b48b9cfc6446b948be3865e6ea61 Request headers Referer https://refertcfederal.com/emailoptout User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 Jan 2021 20:02:07 GMT Content-Encoding gzip ETag "00cf1482e4d61:0" Last-Modified Wed, 06 Jan 2021 23:17:20 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Access-Control-Expose-Headers Request-Context Accept-Ranges bytes Content-Length 4775 Request-Context appId=cid-v1:bc2404d8-e269-41a4-b767-bab16cab3ef7
GET H/1.1	200 OK	551_stylesheet.css haberfeldtaf.blob.core.windows.net/css/	2 KB 3 KB	814ms 195ms	Stylesheet text/css	13.77.115.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://haberfeldtaf.blob.core.windows.net/css/551_stylesheet.css Requested by Host: refertcfederal.com URL: https://refertcfederal.com/emailoptout Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.77.115.36 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 59156be713c2b76c5db33422618255584ff2fbe9fb03ee3baf4cb683c97796c7 Request headers Referer https://refertcfederal.com/emailoptout User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 25 Jan 2021 20:02:08 GMT Last-Modified Thu, 14 Mar 2019 13:04:16 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 2T4Y0ZCx7gCSpBTlLqGx1Q== ETag 0x8D6A87D902B1995 Content-Type text/css x-ms-request-id ade06e95-501e-0007-2754-f3abbe000000 x-ms-version 2009-09-19 Content-Length 2174
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 645 B	21ms 16ms	Script text/javascript	2a00:1450:4001:818::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: refertcfederal.com URL: https://refertcfederal.com/emailoptout Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f30b839135d3da575cd1c26ace834ee5c59fd197adcbdef19fa1c1d5e85adf55 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://refertcfederal.com/emailoptout User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 25 Jan 2021 20:02:07 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 553 x-xss-protection 1; mode=block expires Mon, 25 Jan 2021 20:02:07 GMT
GET H/1.1	200 OK	551_logo.png haberfeldtaf.blob.core.windows.net/logos/	7 KB 7 KB	205ms 204ms	Image image/png	13.77.115.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://haberfeldtaf.blob.core.windows.net/logos/551_logo.png Requested by Host: refertcfederal.com URL: https://refertcfederal.com/emailoptout Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.77.115.36 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash d1df413f21796f12d181d43b08c6990c329392795083b155de55fc055186e09b Request headers Referer https://refertcfederal.com/emailoptout User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 25 Jan 2021 20:02:08 GMT Last-Modified Thu, 14 Mar 2019 13:03:44 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 wkx+mVhzyGv8K0kEiWmLBg== ETag 0x8D6A87D7D487082 Content-Type image/png x-ms-request-id ade06f0b-501e-0007-0854-f3abbe000000 x-ms-version 2009-09-19 Content-Length 6979
GET H/1.1	200 OK	fdic_white.png refertcfederal.com/Content/	1 KB 2 KB	175ms 173ms	Image image/png	13.82.175.96 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://refertcfederal.com/Content/fdic_white.png Requested by Host: refertcfederal.com URL: https://refertcfederal.com/emailoptout Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash cfde8b4ee2aa4c431d060ac91182cefaaf98f7bf842f639f67368704e5d2e645 Request headers Referer https://refertcfederal.com/emailoptout User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 Jan 2021 20:02:08 GMT ETag "00cf1482e4d61:0" Last-Modified Wed, 06 Jan 2021 23:17:20 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Content-Type image/png Access-Control-Expose-Headers Request-Context Accept-Ranges bytes Content-Length 1393 Request-Context appId=cid-v1:bc2404d8-e269-41a4-b767-bab16cab3ef7
GET H/1.1	200 OK	equalhousing_white.png refertcfederal.com/Content/	1 KB 2 KB	292ms 178ms	Image image/png	13.82.175.96 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://refertcfederal.com/Content/equalhousing_white.png Requested by Host: refertcfederal.com URL: https://refertcfederal.com/emailoptout Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 2a26a6c0f818bced8b7af749f503c12fa5a5ccfa7068619d5762a757764383b5 Request headers Referer https://refertcfederal.com/emailoptout User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 Jan 2021 20:02:07 GMT ETag "00cf1482e4d61:0" Last-Modified Wed, 06 Jan 2021 23:17:20 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Content-Type image/png Access-Control-Expose-Headers Request-Context Accept-Ranges bytes Content-Length 1429 Request-Context appId=cid-v1:bc2404d8-e269-41a4-b767-bab16cab3ef7
GET H/1.1	200 OK	jquery-3.4.1.min.js Show response refertcfederal.com/Scripts/	86 KB 30 KB	178ms 178ms	Script application/x-javascript	13.82.175.96 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://refertcfederal.com/Scripts/jquery-3.4.1.min.js Requested by Host: refertcfederal.com URL: https://refertcfederal.com/emailoptout Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb Request headers Referer https://refertcfederal.com/emailoptout User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 Jan 2021 20:02:07 GMT Content-Encoding gzip ETag "00cf1482e4d61:0" Last-Modified Wed, 06 Jan 2021 23:17:20 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Expose-Headers Request-Context Accept-Ranges bytes Content-Length 30747 Request-Context appId=cid-v1:bc2404d8-e269-41a4-b767-bab16cab3ef7
GET H/1.1	200 OK	TAF.Template.js Show response refertcfederal.com/Scripts/	12 KB 3 KB	180ms 178ms	Script application/x-javascript	13.82.175.96 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://refertcfederal.com/Scripts/TAF.Template.js Requested by Host: refertcfederal.com URL: https://refertcfederal.com/emailoptout Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 3006ca220eede9a7b8262ad1289cc38a69b1a09008632a10aca2ea5ae341b9fc Request headers Referer https://refertcfederal.com/emailoptout User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 Jan 2021 20:02:07 GMT Content-Encoding gzip ETag "00cf1482e4d61:0" Last-Modified Wed, 06 Jan 2021 23:17:20 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Expose-Headers Request-Context Accept-Ranges bytes Content-Length 2994 Request-Context appId=cid-v1:bc2404d8-e269-41a4-b767-bab16cab3ef7
GET H2	200	ai.0.js Show response az416426.vo.msecnd.net/scripts/a/	94 KB 22 KB	27ms 7ms	Script application/x-javascript	2606:2800:233:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://az416426.vo.msecnd.net/scripts/a/ai.0.js Requested by Host: refertcfederal.com URL: https://refertcfederal.com/emailoptout Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8FA5) / Resource Hash 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e Request headers Referer https://refertcfederal.com/emailoptout User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 25 Jan 2021 20:02:08 GMT content-encoding gzip x-ms-meta-lastmodified 2020-10-01 19:31:04 content-md5 HdY95yzx9wIyQkVEGES+Ew== age 780 x-cache HIT content-length 22495 x-ms-lease-status unlocked last-modified Fri, 23 Oct 2020 22:12:59 GMT server ECAcc (frc/8FA5) etag 0x8D877A0CD108633 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 1b6c8da9-401e-002d-2c53-f32415000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control public, max-age=1800 x-ms-version 2009-09-19 expires Mon, 25 Jan 2021 20:32:08 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/-nejAZ5my6jV0Fbx9re8ChMK/	331 KB 129 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-nejAZ5my6jV0Fbx9re8ChMK/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ded038181a2e72755fc4c0d57ec9e45725629888a038328e238ab07cdb8e8e11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://refertcfederal.com Referer https://refertcfederal.com/emailoptout User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 25 Jan 2021 18:55:07 GMT content-encoding gzip x-content-type-options nosniff age 4021 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 132160 x-xss-protection 0 last-modified Mon, 25 Jan 2021 05:07:21 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 25 Jan 2022 18:55:07 GMT
GET H2	200	S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v17/	13 KB 14 KB	9ms 6ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700,900,400italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://refertcfederal.com Referer https://fonts.googleapis.com/css?family=Lato:400,700,900,400italic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 22 Jan 2021 12:59:40 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:10:30 GMT server sffe age 284548 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13732 x-xss-protection 0 expires Sat, 22 Jan 2022 12:59:40 GMT
GET H2	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v17/	14 KB 14 KB	8ms 6ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700,900,400italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://refertcfederal.com Referer https://fonts.googleapis.com/css?family=Lato:400,700,900,400italic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 23 Jan 2021 06:30:25 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:12:59 GMT server sffe age 221503 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14044 x-xss-protection 0 expires Sun, 23 Jan 2022 06:30:25 GMT
GET H2	200	S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2 fonts.gstatic.com/s/lato/v17/	15 KB 15 KB	8ms 5ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700,900,400italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://refertcfederal.com Referer https://fonts.googleapis.com/css?family=Lato:400,700,900,400italic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 09:53:37 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:12:59 GMT server sffe age 468511 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14864 x-xss-protection 0 expires Thu, 20 Jan 2022 09:53:37 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v17/	14 KB 14 KB	9ms 7ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700,900,400italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://refertcfederal.com Referer https://fonts.googleapis.com/css?family=Lato:400,700,900,400italic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 22 Jan 2021 06:27:50 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:12:25 GMT server sffe age 308058 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14176 x-xss-protection 0 expires Sat, 22 Jan 2022 06:27:50 GMT
OPTIONS H2	200	track dc.services.visualstudio.com/v2/	0 0	293ms 100ms	Other	51.105.67.161 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Protocol H2 Server 51.105.67.161 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,sdk-context Origin https://refertcfederal.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-methods POST access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context access-control-allow-origin * access-control-max-age 3600 x-content-type-options nosniff date Mon, 25 Jan 2021 20:02:09 GMT content-length 0
POST H2	200	track Show response dc.services.visualstudio.com/v2/	96 B 236 B	1400ms 1400ms	XHR application/json	51.105.67.161 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Requested by Host: az416426.vo.msecnd.net URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.105.67.161 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c613db1b66f6df44e05005e8318bb5741833b4529daf15b93cc3752ac49c9a14 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://refertcfederal.com/emailoptout Sdk-Context appId User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-type application/json Response headers x-ms-session-id DF0D26A7-539D-4025-9F7B-1556136AC70D strict-transport-security max-age=31536000 x-content-type-options nosniff date Mon, 25 Jan 2021 20:02:10 GMT access-control-max-age 3600 content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context content-length 96

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| appInsights object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery object| AI object| Microsoft function| __extends function| _endsWith function| GrowlMsg function| onSubmit object| recaptcha

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			refertcfederal.com/	1970-01-20 00:25:40	Name: ai_user Value: YbI9j|2021-01-25T20:02:08.621Z
			.refertcfederal.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 92cd4fe625b795203bb7e7c84f82f619ecbffa54e7f5a779ae4fbd88706cad2f
			.refertcfederal.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 92cd4fe625b795203bb7e7c84f82f619ecbffa54e7f5a779ae4fbd88706cad2f
			refertcfederal.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: jqu5ddk2f0g2e105grznaqgf

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
haberfeldtaf.blob.core.windows.net
refertcfederal.com
www.google.com
www.gstatic.com
13.77.115.36
13.82.175.96
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:802::200a
2a00:1450:4001:812::2003
2a00:1450:4001:818::2004
51.105.67.161
01abbf3ba3d8b8b10d34a2aa6b139e02d879b48b9cfc6446b948be3865e6ea61
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
2a26a6c0f818bced8b7af749f503c12fa5a5ccfa7068619d5762a757764383b5
3006ca220eede9a7b8262ad1289cc38a69b1a09008632a10aca2ea5ae341b9fc
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
59156be713c2b76c5db33422618255584ff2fbe9fb03ee3baf4cb683c97796c7
6ac3cfaae4ec74e7e74d180ef0154743b47feaf8b41f8ad2e71c884e854eab6c
82a18c09a49d3c1cc14369efb83858753be80567e897174c7255ba9558753489
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
bb61054ae4265e8b8b4bc8a2f2784abaf431a1c9e87a18b8d0f07d9419422f6a
c613db1b66f6df44e05005e8318bb5741833b4529daf15b93cc3752ac49c9a14
cfde8b4ee2aa4c431d060ac91182cefaaf98f7bf842f639f67368704e5d2e645
d1df413f21796f12d181d43b08c6990c329392795083b155de55fc055186e09b
ded038181a2e72755fc4c0d57ec9e45725629888a038328e238ab07cdb8e8e11
f30b839135d3da575cd1c26ace834ee5c59fd197adcbdef19fa1c1d5e85adf55
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382