truthinit.lpages.co Open in urlscan Pro
35.202.21.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.totalprofession.com/redir/5aba51b34284efde60baba9d/eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsI...
Effective URL:
https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
Submission: On March 29 via manual (March 29th 2018, 2:33:34 pm UTC) from US

Summary HTTP 22 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 11 domains to perform 22 HTTP transactions. The main IP is 35.202.21.90, located in Ann Arbor, United States and belongs to GOOGLE - Google LLC, US. The main domain is truthinit.lpages.co.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on March 23rd 2017. Valid for: 3 years.

This is the only time truthinit.lpages.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	178.62.60.172 178.62.60.172	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
1 2	35.202.21.90 35.202.21.90	15169 (GOOGLE) (GOOGLE - Google LLC)
2	108.161.189.121 108.161.189.121	54104 (AS-STACKPATH) (AS-STACKPATH - netDNA)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE - Google LLC)
3	51.140.49.131 51.140.49.131	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
6	216.58.206.1 216.58.206.1	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.19.194.102 104.19.194.102	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	216.58.206.19 216.58.206.19	15169 (GOOGLE) (GOOGLE - Google LLC)
2	130.211.20.100 130.211.20.100	15169 (GOOGLE) (GOOGLE - Google LLC)
4	216.58.206.3 216.58.206.3	15169 (GOOGLE) (GOOGLE - Google LLC)
22	10

3 178.62.60.172 (London, United Kingdom) 2 redirects

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: zweb.smartemail.co

links.totalprofession.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.smartemail.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.202.21.90 (Ann Arbor, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 90.21.202.35.bc.googleusercontent.com

truthinit.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.161.189.121 (Los Angeles, United States)

ASN54104 (AS-STACKPATH - netDNA, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.140.49.131 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

secure.leadforensics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.1 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f1.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.194.102 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.19 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f19.1e100.net

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.20.100 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 100.20.211.130.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.3 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	googleusercontent.com lh3.googleusercontent.com	231 KB
4	gstatic.com fonts.gstatic.com	39 KB
3	leadforensics.com secure.leadforensics.com	1 KB
2	leadpages.io api.leadpages.io	658 B
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	78 KB
2	lpages.co 1 redirects truthinit.lpages.co	33 KB
2	smartemail.co 1 redirects app.smartemail.co	2 KB
1	center.io js.center.io	5 KB
1	cloudflare.com cdnjs.cloudflare.com	20 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	totalprofession.com 1 redirects links.totalprofession.com	417 B
22	11

	Domain	Requested by
6	lh3.googleusercontent.com	truthinit.lpages.co
4	fonts.gstatic.com	truthinit.lpages.co
3	secure.leadforensics.com	truthinit.lpages.co secure.leadforensics.com
2	api.leadpages.io	js.center.io
2	maxcdn.bootstrapcdn.com	truthinit.lpages.co
2	truthinit.lpages.co	1 redirects
2	app.smartemail.co	1 redirects
1	js.center.io	truthinit.lpages.co
1	cdnjs.cloudflare.com	truthinit.lpages.co
1	fonts.googleapis.com	truthinit.lpages.co
1	links.totalprofession.com	1 redirects
22	11

This site contains links to these domains. Also see Links.

Domain
www.ostermanresearch.com
www.agari.com
www.knowbe4.com
www.truthinit.com
www.linkedin.com
www.twitter.com
www.facebook.com
plus.google.com

Subject Issuer	Validity	Valid
app.smartemail.co Let's Encrypt Authority X3	`2018-02-20` - `2018-05-21`	3 months	crt.sh
*.lpages.co COMODO RSA Domain Validation Secure Server CA	`2017-03-23` - `2020-03-22`	3 years	crt.sh

This page contains 1 frames:

Primary Page: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
Frame ID: ECD32EEF329C0CF84B185570E4E302CA
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://links.totalprofession.com/redir/5aba51b34284efde60baba9d/eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwY... HTTP 301
https://app.smartemail.co/redir/5aba51b34284efde60baba9d/eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwY... Page URL
https://app.smartemail.co/link/5aba51b34284efde60baba9d/eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYm... HTTP 302
https://truthinit.lpages.co/agari-bec?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_nam... HTTP 302
https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_na... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^moment$/i

Page Statistics

22
Requests

9 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

10
IPs

2
Countries

410 kB
Transfer

617 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ostermanresearch.com/
Title: Osterman Research

Search URL Search Domain Scan URL

URL: https://www.agari.com/
Title: Agari Systems

Search URL Search Domain Scan URL

URL: http://www.knowbe4.com/

Search URL Search Domain Scan URL

URL: https://www.truthinit.com/

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Search URL Search Domain Scan URL

URL: http://www.twitter.com/intent/tweet?url=https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.totalprofession.com/redir/5aba51b34284efde60baba9d/eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsInNjIjoiNWFiY2M3YjkyMDE3MDA2MTNiOWYyMzE0IiwidSI6IjU3ZWVjNzdkOTQyNzMzMWI1YTRiZGFiOSJ9?_ze=jeffrey_hofius@uhc.com&affid=ir/ HTTP 301
https://app.smartemail.co/redir/5aba51b34284efde60baba9d/eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsInNjIjoiNWFiY2M3YjkyMDE3MDA2MTNiOWYyMzE0IiwidSI6IjU3ZWVjNzdkOTQyNzMzMWI1YTRiZGFiOSJ9?_ze=jeffrey_hofius@uhc.com&affid=ir/ Page URL
https://app.smartemail.co/link/5aba51b34284efde60baba9d/eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsInNjIjoiNWFiY2M3YjkyMDE3MDA2MTNiOWYyMzE0IiwidSI6IjU3ZWVjNzdkOTQyNzMzMWI1YTRiZGFiOSJ9?_ze=jeffrey_hofius@uhc.com&affid=ir/ HTTP 302
https://truthinit.lpages.co/agari-bec?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius HTTP 302
https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://links.totalprofession.com/redir/5aba51b34284efde60baba9d/eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsInNjIjoiNWFiY2M3YjkyMDE3MDA2MTNiOWYyMzE0IiwidSI6IjU3ZWVjNzdkOTQyNzMzMWI1YTRiZGFiOSJ9?_ze=jeffrey_hofius@uhc.com&affid=ir/ HTTP 301
https://app.smartemail.co/redir/5aba51b34284efde60baba9d/eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsInNjIjoiNWFiY2M3YjkyMDE3MDA2MTNiOWYyMzE0IiwidSI6IjU3ZWVjNzdkOTQyNzMzMWI1YTRiZGFiOSJ9?_ze=jeffrey_hofius@uhc.com&affid=ir/

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsInNjIjoiNWFiY2M3YjkyMDE3MDA2MTNiOWYyMzE0IiwidSI6IjU3ZWVjNzdkOTQyNzMzMWI1YTRiZGFiOSJ9 Show response
app.smartemail.co/redir/5aba51b34284efde60baba9d/
Redirect Chain

http://links.totalprofession.com/redir/5aba51b34284efde60baba9d/eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsInNjIjoiNWFiY2M3YjkyMDE3MDA2MTNiOWYyMzE0IiwidSI6IjU3ZWVjNzdkOTQyNzMzM...
https://app.smartemail.co/redir/5aba51b34284efde60baba9d/eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsInNjIjoiNWFiY2M3YjkyMDE3MDA2MTNiOWYyMzE0IiwidSI6IjU3ZWVjNzdkOTQyNzMzMWI1YTRi...

396 B
983 B

89ms
24ms

Document
text/html

178.62.60.172
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://app.smartemail.co/redir/5aba51b34284efde60baba9d/eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsInNjIjoiNWFiY2M3YjkyMDE3MDA2MTNiOWYyMzE0IiwidSI6IjU3ZWVjNzdkOTQyNzMzMWI1YTRiZGFiOSJ9?_ze=jeffrey_hofius@uhc.com&affid=ir/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.62.60.172 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS: zweb.smartemail.co
Software: nginx/1.12.2 + Phusion Passenger / Phusion Passenger
Resource Hash: 8f0eff26e25e9ef3de828c6c38cfaa942d3cbfcb2e666cdea595cca7cee628df

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app.smartemail.co
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Thu, 29 Mar 2018 14:33:07 GMT
Content-Encoding: gzip
X-Powered-By: Phusion Passenger
Transfer-Encoding: chunked
Status: 200 OK
Connection: keep-alive
Server: nginx/1.12.2 + Phusion Passenger
ETag: W/"18c-8PCoQdyOAFOh2HeGGe5erw"
Vary: Accept-Encoding
Access-Control-Allow-Methods
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin
Access-Control-Expose-Headers
Access-Control-Allow-Credentials
Set-Cookie: zsid=s%3AXQmgIeoqAbcXlaVP7iM_4u8Pup6rFN0S.0lU9MnPlienyjz%2B4b5U51qxYEB7lTQAnCoJ4qbJ23WE; Path=/; HttpOnly
Access-Control-Allow-Headers

Redirect headers

Location: https://app.smartemail.co/redir/5aba51b34284efde60baba9d/eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsInNjIjoiNWFiY2M3YjkyMDE3MDA2MTNiOWYyMzE0IiwidSI6IjU3ZWVjNzdkOTQyNzMzMWI1YTRiZGFiOSJ9?_ze=jeffrey_hofius@uhc.com&affid=ir/
Date: Thu, 29 Mar 2018 14:33:07 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 185
Content-Type: text/html

GET
H2

200

Primary Request / Show response
truthinit.lpages.co/agari-bec/
Redirect Chain

https://app.smartemail.co/link/5aba51b34284efde60baba9d/eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsInNjIjoiNWFiY2M3YjkyMDE3MDA2MTNiOWYyMzE0IiwidSI6IjU3ZWVjNzdkOTQyNzMzMWI1YTRiZ...
https://truthinit.lpages.co/agari-bec?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

164 KB
33 KB

240ms
240ms

Document
text/html

35.202.21.90
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.202.21.90 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

58689852d0d23307264e5443443d9035e1d1f7a1f001bdcb59c7862dde31d9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:path: /agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
pragma: no-cache
accept-encoding: gzip, deflate
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control: no-cache
:authority: truthinit.lpages.co
referer: https://app.smartemail.co/redir/5aba51b34284efde60baba9d/eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsInNjIjoiNWFiY2M3YjkyMDE3MDA2MTNiOWYyMzE0IiwidSI6IjU3ZWVjNzdkOTQyNzMzMWI1YTRiZGFiOSJ9?_ze=jeffrey_hofius@uhc.com&affid=ir/
:scheme: https
:method: GET
Referer: https://app.smartemail.co/redir/5aba51b34284efde60baba9d/eyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsInNjIjoiNWFiY2M3YjkyMDE3MDA2MTNiOWYyMzE0IiwidSI6IjU3ZWVjNzdkOTQyNzMzMWI1YTRiZGFiOSJ9?_ze=jeffrey_hofius@uhc.com&affid=ir/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 29 Mar 2018 14:33:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Mar 2018 09:54:58 GMT
server: Leadpages
etag: W/"db8c36286e86a8aa9afd6f7d7de8d4da"
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/html
status: 200
strict-transport-security: max-age=15768000

Redirect headers

status: 302
date: Thu, 29 Mar 2018 14:33:22 GMT
server: Leadpages
location: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
content-length: 158
strict-transport-security: max-age=15768000
content-type: text/html

GET
S 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 28 KB
7 KB 6ms
6ms Stylesheet
text/css 108.161.189.121
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Requested by: Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
Protocol: SPDY
Server: 108.161.189.121 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Referer: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 29 Mar 2018 14:33:23 GMT
content-encoding: gzip
last-modified: Sat, 17 Feb 2018 21:46:17 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"4083f5d376eb849a458cc790b53ba080"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31104000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
expires: Sun, 24 Mar 2019 14:33:23 GMT

GET
S 200 css
fonts.googleapis.com/ 16 KB
1 KB 16ms
16ms Stylesheet
text/css 172.217.18.10
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Open%20Sans:300,400,500,700|Roboto:300,400,500,700

Requested by

Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Protocol

SPDY

Server

172.217.18.10 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s28-in-f10.1e100.net

Software

ESF /

Resource Hash

f70197830e0029cf5122c25295b36bf82380ff8a708ffe9ee3e9bb20ef3e0f59

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 29 Mar 2018 14:33:23 GMT
content-encoding: gzip
last-modified: Thu, 29 Mar 2018 14:33:23 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
x-xss-protection: 1; mode=block
expires: Thu, 29 Mar 2018 14:33:23 GMT

GET
H/1.1 200
OK 99208.js Show response
secure.leadforensics.com/js/ 1 KB
913 B 474ms
115ms Script
text/javascript 51.140.49.131
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.leadforensics.com/js/99208.js
Requested by: Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
Protocol: HTTP/1.1
Server: 51.140.49.131 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: ba2f64bc83ddb563810b25e0807e31bf1939b6d332d5fd8265f285b15861a8cf

Request headers

Referer: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Thu, 29 Mar 2018 14:33:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Kestrel
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
S 200 YRo0geFYl2ag9yiL492KwNXjyQzs-sInqjiyc7_nQLKeG8HN_nJSsU61f1vBpDiI5EWtpU7cys1dawM-3yOKtTc=w1024
lh3.googleusercontent.com/ 31 KB
31 KB 38ms
17ms Image
image/png 216.58.206.1
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/YRo0geFYl2ag9yiL492KwNXjyQzs-sInqjiyc7_nQLKeG8HN_nJSsU61f1vBpDiI5EWtpU7cys1dawM-3yOKtTc=w1024

Requested by

Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Protocol

SPDY

Server

216.58.206.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f1.1e100.net

Software

fife /

Resource Hash

953cc453d66dac2e0b14f6f233354fb8979e9d0c7f10489678a0f8e262ce6759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 29 Mar 2018 14:33:23 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length: 31622
x-xss-protection: 1; mode=block
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 30 Mar 2018 14:33:23 GMT

GET
S 200 EGXEGYhitvaSAX8CRSFvVibT4gF4Q2n-w4aFZIMawMd_lji_xyOji8CU4xL5L69z37oR5-pvbnrDZsW9hlyT=w1024
lh3.googleusercontent.com/ 44 KB
44 KB 31ms
30ms Image
image/png 216.58.206.1
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/EGXEGYhitvaSAX8CRSFvVibT4gF4Q2n-w4aFZIMawMd_lji_xyOji8CU4xL5L69z37oR5-pvbnrDZsW9hlyT=w1024

Requested by

Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Protocol

SPDY

Server

216.58.206.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f1.1e100.net

Software

fife /

Resource Hash

ed58d63d143616030d551ce519f4b121da0a70ddcb01f9eff5c43cf2a98811c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 29 Mar 2018 14:33:23 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length: 45359
x-xss-protection: 1; mode=block
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 30 Mar 2018 14:33:23 GMT

GET
S 200 J9TPFFq-fi-YL34j_7BqVrB1RqtbsAuZKqxyTC5KdQEAQrWHfpJflAOhp_fKBxHUMrfhuCHcVMjbhdSk5WJTFnA=w1024
lh3.googleusercontent.com/ 56 KB
56 KB 37ms
37ms Image
image/png 216.58.206.1
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/J9TPFFq-fi-YL34j_7BqVrB1RqtbsAuZKqxyTC5KdQEAQrWHfpJflAOhp_fKBxHUMrfhuCHcVMjbhdSk5WJTFnA=w1024

Requested by

Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Protocol

SPDY

Server

216.58.206.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f1.1e100.net

Software

fife /

Resource Hash

a7606b1c582395a506cded0799b5d9cb6fb4628bb382ed29aa50b4bb8d627649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 29 Mar 2018 14:33:23 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length: 57606
x-xss-protection: 1; mode=block
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 30 Mar 2018 14:33:23 GMT

GET
S 200 f327G24St6A1_ElmoAaaTit09U4FXeW-QixgkPidsR8CRM3-l4nWJJFxU7BqxdGPQKJKQo2G_phf86VCZCyS=w1024
lh3.googleusercontent.com/ 85 KB
86 KB 29ms
29ms Image
image/png 216.58.206.1
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/f327G24St6A1_ElmoAaaTit09U4FXeW-QixgkPidsR8CRM3-l4nWJJFxU7BqxdGPQKJKQo2G_phf86VCZCyS=w1024

Requested by

Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Protocol

SPDY

Server

216.58.206.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f1.1e100.net

Software

fife /

Resource Hash

f6818d0c6c832cf862771dbbcc6f2b1306c56b06f4c2a6109107598e6d465035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 29 Mar 2018 14:33:23 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length: 87517
x-xss-protection: 1; mode=block
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 30 Mar 2018 14:33:23 GMT

GET
S 200 tLcsYv_NnXmNksz-MntpTMenPSwrLCc72BSG-xBUv93YevjmrLHOcoI3pS_Ip6HDig5rZSpKA_qi-0KC9pk9YA=w1024
lh3.googleusercontent.com/ 2 KB
2 KB 19ms
18ms Image
image/png 216.58.206.1
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/tLcsYv_NnXmNksz-MntpTMenPSwrLCc72BSG-xBUv93YevjmrLHOcoI3pS_Ip6HDig5rZSpKA_qi-0KC9pk9YA=w1024

Requested by

Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Protocol

SPDY

Server

216.58.206.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f1.1e100.net

Software

fife /

Resource Hash

08138117be32d8d4524ca71553301611f55eb8e89a28755ea42e510492f918e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 29 Mar 2018 14:33:23 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length: 1827
x-xss-protection: 1; mode=block
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 30 Mar 2018 14:33:23 GMT

GET
S 200 1K4qr1cYi94ajdfe-dBuKjhpoIFUDZ678znWwLdHqROFsJgwBhL0Lctgq-_Z6RGRUYz6Y_ggWN3H6mNqlh-QJgo=w1024
lh3.googleusercontent.com/ 11 KB
11 KB 30ms
29ms Image
image/png 216.58.206.1
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/1K4qr1cYi94ajdfe-dBuKjhpoIFUDZ678znWwLdHqROFsJgwBhL0Lctgq-_Z6RGRUYz6Y_ggWN3H6mNqlh-QJgo=w1024

Requested by

Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Protocol

SPDY

Server

216.58.206.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f1.1e100.net

Software

fife /

Resource Hash

e74b145b3176b9d758fa6d7ce5a855853cc5ff886f670ece0b679662b8602af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 29 Mar 2018 14:33:23 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length: 11597
x-xss-protection: 1; mode=block
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 30 Mar 2018 14:33:23 GMT

GET
S 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.14.1/ 57 KB
20 KB 11ms
11ms Script
application/javascript 104.19.194.102
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.14.1/moment.min.js

Requested by

Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Protocol

SPDY

Server

104.19.194.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0defdc819a00920beaa312fdc89a49ccf1f2a335044c59d2bfb11019f416438a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 29 Mar 2018 14:33:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 04 Jul 2016 09:01:02 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 40330d1f9f24278c-FRA
expires: Tue, 19 Mar 2019 14:33:23 GMT

GET
S 200 center.js Show response
js.center.io/ 11 KB
5 KB 61ms
14ms Script
application/javascript 216.58.206.19
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
Protocol: SPDY
Server: 216.58.206.19 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s20-in-f19.1e100.net
Software: Google Frontend /
Resource Hash: 3d00a57837a1f2d14b1b724ab6b87159b0ee5b387f67014f89826352da264959

Request headers

Referer: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 29 Mar 2018 14:32:58 GMT
content-encoding: gzip
server: Google Frontend
age: 25
etag: "4EmqKw"
content-type: application/javascript
status: 200
x-cloud-trace-context: ee4bc7d21a6663f9422ab53bf4268d60
cache-control: public, max-age=300
content-length: 4717
expires: Thu, 29 Mar 2018 14:37:58 GMT

GET
S 200 capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
489 B 197ms
143ms XHR
image/gif 130.211.20.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=B7DZGeGZiEhnKQ3BtAnKdF&v=&e=&pid=cKp5rNi8nh5SVTXH4ssiTA&uid=zxHRcFGoP3YoK6yEtxH78U&sid=BLfJGUniSJj3WsfrnDNnyQ&cid=lp-B7DZGeGZiEhnKQ3BtAnKdF&uri=https%3A%2F%2Ftruthinit.lpages.co%2Fagari-bec%2F%3Faffid%3Dir%2F%3Femail%3Djeffrey_hofius%40uhc.com%26first_name%3DJeffrey%26last_name%3DHofius&rf=https%3A%2F%2Fapp.smartemail.co%2Fredir%2F5aba51b34284efde60baba9d%2FeyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsInNjIjoiNWFiY2M3YjkyMDE3MDA2MTNiOWYyMzE0IiwidSI6IjU3ZWVjNzdkOTQyNzMzMWI1YTRiZGFiOSJ9%3F_ze%3Djeffrey_hofius%40uhc.com%26affid%3Dir%2F&rx=1600&ry=1200&tz=%2B00%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: SPDY
Server: 130.211.20.100 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 100.20.211.130.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
Origin: https://truthinit.lpages.co

Response headers

date: Thu, 29 Mar 2018 14:33:23 GMT
content-encoding: gzip
server: Stargate
status: 200
access-control-max-age: 600
x-forwarded-for: 148.251.45.254, 130.211.20.100, 130.211.2.190
content-type: image/gif
access-control-allow-origin: https://truthinit.lpages.co
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google
x-request-id: b2e8mn1ro9f3dvta37u0

GET
H/1.1 200
OK Capture.aspx Show response
secure.leadforensics.com/Track/ 0
123 B 119ms
118ms Script
text/javascript 51.140.49.131
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.leadforensics.com/Track/Capture.aspx?retType=js&trk_uid=&trk_user=99208&trk_sw=1600&trk_sh=1200&trk_ref=https%3A%2F%2Fapp.smartemail.co%2Fredir%2F5aba51b34284efde60baba9d%2FeyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsInNjIjoiNWFiY2M3YjkyMDE3MDA2MTNiOWYyMzE0IiwidSI6IjU3ZWVjNzdkOTQyNzMzMWI1YTRiZGFiOSJ9%3F_ze%3Djeffrey_hofius%40uhc.com%26affid%3Dir%2F&trk_tit=&trk_loc=https%3A%2F%2Ftruthinit.lpages.co%2Fagari-bec%2F%3Faffid%3Dir%2F%3Femail%3Djeffrey_hofius%40uhc.com%26first_name%3DJeffrey%26last_name%3DHofius&trk_agn=Netscape&trk_agv=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_12_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F63.0.3239.84%20Safari%2F537.36.lfcd24.lflngen-US&trk_dom=truthinit.lpages.co&trk_cookie=NA
Requested by: Host: secure.leadforensics.com
URL: https://secure.leadforensics.com/js/99208.js
Protocol: HTTP/1.1
Server: 51.140.49.131 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Thu, 29 Mar 2018 14:33:22 GMT
Server: Kestrel
Content-Length: 0
Content-Type: text/javascript

GET
H/1.1 200
OK Capture.aspx Show response
secure.leadforensics.com/Track/ 0
123 B 239ms
121ms Script
text/javascript 51.140.49.131
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.leadforensics.com/Track/Capture.aspx?retType=js&trk_uid=&trk_user=99208&trk_sw=1600&trk_sh=1200&trk_ref=https%3A%2F%2Fapp.smartemail.co%2Fredir%2F5aba51b34284efde60baba9d%2FeyJjIjoiYTFjZDNiNGMxMzUwNDIyZmJmNGViOTFkZTMwYmJkNTgyMDIwZWI5MiIsInNjIjoiNWFiY2M3YjkyMDE3MDA2MTNiOWYyMzE0IiwidSI6IjU3ZWVjNzdkOTQyNzMzMWI1YTRiZGFiOSJ9%3F_ze%3Djeffrey_hofius%40uhc.com%26affid%3Dir%2F&trk_tit=Agari%20BEC&trk_loc=https%3A%2F%2Ftruthinit.lpages.co%2Fagari-bec%2F%3Faffid%3Dir%2F%3Femail%3Djeffrey_hofius%40uhc.com%26first_name%3DJeffrey%26last_name%3DHofius&trk_agn=Netscape&trk_agv=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_12_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F63.0.3239.84%20Safari%2F537.36.lfcd24.lflngen-US&trk_dom=truthinit.lpages.co&trk_cookie=NA
Requested by: Host: secure.leadforensics.com
URL: https://secure.leadforensics.com/js/99208.js
Protocol: HTTP/1.1
Server: 51.140.49.131 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Thu, 29 Mar 2018 14:33:22 GMT
Server: Kestrel
Content-Length: 0
Content-Type: text/javascript

GET
S 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
5ms Font
font/woff2 216.58.206.3
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Protocol

SPDY

Server

216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f3.1e100.net

Software

sffe /

Resource Hash

fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Open%20Sans:300,400,500,700|Roboto:300,400,500,700
Origin: https://truthinit.lpages.co

Response headers

date: Fri, 23 Feb 2018 23:12:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:39 GMT
server: sffe
age: 2906458
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length: 8800
x-xss-protection: 1; mode=block
expires: Sat, 23 Feb 2019 23:12:25 GMT

GET
S 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 11 KB
11 KB 5ms
5ms Font
font/woff2 216.58.206.3
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Protocol

SPDY

Server

216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f3.1e100.net

Software

sffe /

Resource Hash

1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Open%20Sans:300,400,500,700|Roboto:300,400,500,700
Origin: https://truthinit.lpages.co

Response headers

date: Mon, 19 Mar 2018 02:15:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:03 GMT
server: sffe
age: 908299
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length: 10764
x-xss-protection: 1; mode=block
expires: Tue, 19 Mar 2019 02:15:04 GMT

GET
S 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 10 KB
11 KB 6ms
5ms Font
font/woff2 216.58.206.3
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Protocol

SPDY

Server

216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f3.1e100.net

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Open%20Sans:300,400,500,700|Roboto:300,400,500,700
Origin: https://truthinit.lpages.co

Response headers

date: Mon, 12 Feb 2018 16:52:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 3879654
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length: 10748
x-xss-protection: 1; mode=block
expires: Tue, 12 Feb 2019 16:52:29 GMT

GET
S 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 70 KB
71 KB 19ms
5ms Font
application/font-woff2 108.161.189.121
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
Protocol: SPDY
Server: 108.161.189.121 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Origin: https://truthinit.lpages.co

Response headers

date: Thu, 29 Mar 2018 14:33:23 GMT
last-modified: Sat, 17 Feb 2018 21:46:23 GMT
server: NetDNA-cache/2.2
status: 200
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31104000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
content-length: 71896
expires: Sun, 24 Mar 2019 14:33:23 GMT

GET
S 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 5ms
5ms Font
font/woff2 216.58.206.3
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: truthinit.lpages.co
URL: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius

Protocol

SPDY

Server

216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f3.1e100.net

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Open%20Sans:300,400,500,700|Roboto:300,400,500,700
Origin: https://truthinit.lpages.co

Response headers

date: Mon, 05 Mar 2018 04:56:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
age: 2108216
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length: 8892
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2019 04:56:27 GMT

GET
S 200 capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
169 B 120ms
120ms XHR
image/gif 130.211.20.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&correlateBy=iYpWNwPWEW8LtWLgr2LGdJ&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=155.5000003427267,33.29999931156635,1,197.80000019818544
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: SPDY
Server: 130.211.20.100 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 100.20.211.130.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://truthinit.lpages.co/agari-bec/?affid=ir/?email=jeffrey_hofius@uhc.com&first_name=Jeffrey&last_name=Hofius
Origin: https://truthinit.lpages.co

Response headers

date: Thu, 29 Mar 2018 14:33:27 GMT
content-encoding: gzip
server: Stargate
status: 200
access-control-max-age: 600
x-forwarded-for: 148.251.45.254, 130.211.20.100, 130.211.2.229
content-type: image/gif
access-control-allow-origin: https://truthinit.lpages.co
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google
x-request-id: b2e8mo27nlndcsa3rlag

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| LeadPagesCenterObject function| center function| moment object| sup

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
app.smartemail.co
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
js.center.io
lh3.googleusercontent.com
links.totalprofession.com
maxcdn.bootstrapcdn.com
secure.leadforensics.com
truthinit.lpages.co
104.19.194.102
108.161.189.121
130.211.20.100
172.217.18.10
178.62.60.172
216.58.206.1
216.58.206.19
216.58.206.3
35.202.21.90
51.140.49.131
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
08138117be32d8d4524ca71553301611f55eb8e89a28755ea42e510492f918e0
0defdc819a00920beaa312fdc89a49ccf1f2a335044c59d2bfb11019f416438a
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
3d00a57837a1f2d14b1b724ab6b87159b0ee5b387f67014f89826352da264959
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
58689852d0d23307264e5443443d9035e1d1f7a1f001bdcb59c7862dde31d9e8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8f0eff26e25e9ef3de828c6c38cfaa942d3cbfcb2e666cdea595cca7cee628df
953cc453d66dac2e0b14f6f233354fb8979e9d0c7f10489678a0f8e262ce6759
a7606b1c582395a506cded0799b5d9cb6fb4628bb382ed29aa50b4bb8d627649
ba2f64bc83ddb563810b25e0807e31bf1939b6d332d5fd8265f285b15861a8cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74b145b3176b9d758fa6d7ce5a855853cc5ff886f670ece0b679662b8602af2
ed58d63d143616030d551ce519f4b121da0a70ddcb01f9eff5c43cf2a98811c5
f6818d0c6c832cf862771dbbcc6f2b1306c56b06f4c2a6109107598e6d465035
f70197830e0029cf5122c25295b36bf82380ff8a708ffe9ee3e9bb20ef3e0f59
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

truthinit.lpages.co Open in urlscan Pro 35.202.21.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

9 %HTTPS

0 %IPv6

11 Domains

11 Subdomains

10 IPs

2 Countries

410 kBTransfer

617 kBSize

0 Cookies

8 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

truthinit.lpages.co Open in urlscan Pro
35.202.21.90 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

9 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

10
IPs

2
Countries

410 kB
Transfer

617 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions