cuofco.prismacampaigns.com Open in urlscan Pro
2606:4700:3037::6815:5a2b  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 18f68fe0-1193-4e69-8487-a53795b62a47 Show response cuofco.prismacampaigns.com/api/campaigns/referral/	146 KB 18 KB	846ms 813ms	Document text/html	2606:4700:3037::6815:5a2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:5a2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9eb0dee31224a5e87825260e40bc81a6b8aa6194f4724dc9067ed781362b00fd Request headers :method GET :authority cuofco.prismacampaigns.com :scheme https :path /api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 18:48:06 GMT content-type text/html; charset=UTF-8 set-cookie global-prisma-customer-id=60a40be6-41c1-4fec-97c7-16d40cc142b0;Max-Age=31536000;Path=/;Domain=prismacampaigns.com prisma-trace-id=60a40be6-b6d4-4bd2-a3b7-a896f7c6aaa6;Max-Age=2591999;Path=/;Domain=prismacampaigns.com prisma-trail-id=60a40be6-0319-48ce-be13-cd0ada54e06d;Max-Age=2591999;Path=/;Domain=prismacampaigns.com cf-cache-status DYNAMIC cf-request-id 0a2267931e0000176e10ada000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9T1FR5m7S34hNlauzLkTuBIu19oBOmqsqaFDM%2Fg4gsOdWV5uAeUuxBTanOinIOjA3w4zLHRfGJQq5ry%2FC0V3MQWr1XOPlb8LyW2Axf4qk4c3x2TgAkWPNpJDBftQNRFg2OE2CBPoYQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 651741fe989e176e-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	css2 fonts.googleapis.com/	2 KB 610 B	15ms 15ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=PT+Sans:wght@400&family=Sanchez&display=swap Requested by Host: cuofco.prismacampaigns.com URL: https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 433ad3734fe1374e2b5d814474d87fc871fd69e882cd9d07c52d6ed481bfd3ef Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://cuofco.prismacampaigns.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 18 May 2021 18:48:06 GMT server ESF date Tue, 18 May 2021 18:48:06 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 18 May 2021 18:48:06 GMT
GET H3-29	200	prisma.js Show response cuofco.prismacampaigns.com/sdk/javascript/	148 KB 28 KB	858ms 828ms	Script text/javascript	2606:4700:3037::6815:5a2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cuofco.prismacampaigns.com/sdk/javascript/prisma.js Requested by Host: cuofco.prismacampaigns.com URL: https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:5a2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c0a302f6f5da0731af85a71907ffa367ddaf2bbc95291c1019e2f0e534d59d2 Request headers :path /sdk/javascript/prisma.js pragma no-cache cookie global-prisma-customer-id=60a40be6-41c1-4fec-97c7-16d40cc142b0; prisma-trace-id=60a40be6-b6d4-4bd2-a3b7-a896f7c6aaa6; prisma-trail-id=60a40be6-0319-48ce-be13-cd0ada54e06d accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority cuofco.prismacampaigns.com referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 :scheme https sec-fetch-site same-origin :method GET Referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache no-cache date Tue, 18 May 2021 18:48:07 GMT content-encoding br cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QrEsf4Z3x8YL3SBUeagoDnG4S9q%2F%2B53hXOiYsAU8L4o0WOJpGYp6U9LERsyky22HsP3t6bcaVlfRVfzEwFwxsCmyzL%2FYIvndeUH4DLqbM2Gi4tpTapMYcDVoK8kbDOUuXkQ%2Ful5I%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control no-cache, no-store, must-revalidate no-cache, no-store cf-ray 65174203ed6bd6b1-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a2267966e0000d6b1f4148000000001 expires 0 0
GET H2	200	salemove_integration.js Show response api.glia.com/	7 KB 8 KB	73ms 8ms	Script application/javascript	2600:9000:20eb:5c00:17:4c3f:1b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.glia.com/salemove_integration.js Requested by Host: cuofco.prismacampaigns.com URL: https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:5c00:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dea2f0b111a218ba5a78367d3f8eede24f5173c321a55a0aa53c54668afccdff Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers Referer https://cuofco.prismacampaigns.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubdomains; preload via 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront) last-modified Tue, 11 May 2021 08:32:06 GMT server AmazonS3 age 762 etag "97b86b378708e8324532afe11649ff1c" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin x-cache Hit from cloudfront content-type application/javascript date Tue, 18 May 2021 18:40:18 GMT x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 7655 x-amz-cf-id XLlGVNbZg0l0Wih_Fa5z1g2Oh_DUW8ZhGK8ZGQZJlp2DuDzm8TjQWg==
GET H2	200	render.js Show response js.poshdevelopment.com/glia/	7 KB 3 KB	104ms 28ms	Script application/javascript	13.225.74.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.poshdevelopment.com/glia/render.js Requested by Host: cuofco.prismacampaigns.com URL: https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.74.90 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-74-90.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 97fa5f3bafeeab859c6d03b4e80b0617f9456e53b9255b9070701d54cfa9c1b8 Request headers Referer https://cuofco.prismacampaigns.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id null content-encoding gzip etag W/"c7c1c4b2d8055fe6c81505d6ff0e8dfb" last-modified Thu, 29 Apr 2021 14:55:10 GMT server AmazonS3 age 53097 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront) date Tue, 18 May 2021 04:03:11 GMT x-amz-cf-pop FRA2-C2 x-amz-cf-id TwFxqurWNAfCujPghqwggNfASWIWGYJGLorPgYWkTR103l07OSrZMw==
GET H3-29	200	prismaWeb.css cuofco.prismacampaigns.com/sdk/stylesheets/	121 KB 15 KB	827ms 827ms	Stylesheet text/css	2606:4700:3037::6815:5a2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cuofco.prismacampaigns.com/sdk/stylesheets/prismaWeb.css?v=6.0.759&_=1620672765 Requested by Host: cuofco.prismacampaigns.com URL: https://cuofco.prismacampaigns.com/sdk/javascript/prisma.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:5a2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8553956514407baad00c6450af20eee8d1ce1e07e2123d1a0cd6743dfc4426dd Request headers :path /sdk/stylesheets/prismaWeb.css?v=6.0.759&_=1620672765 pragma no-cache cookie global-prisma-customer-id=60a40be6-41c1-4fec-97c7-16d40cc142b0; prisma-trace-id=60a40be6-b6d4-4bd2-a3b7-a896f7c6aaa6; prisma-trail-id=60a40be6-0319-48ce-be13-cd0ada54e06d accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority cuofco.prismacampaigns.com referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 :scheme https sec-fetch-site same-origin :method GET Referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 18:48:08 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 10 May 2021 19:20:17 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tFz0gzgWd3J0qWEpvmT3s5p00357jOJPNm96GfpaX2qIRQ8FV5wiup6byn%2F8tnXGJOE%2FYzjByIZ1z7zMWTyjC8G4HchDAIrK1wH2LxyckowlNdH0acgJeTLTfR5C%2Bq%2BVZ7as0Zh%2BCA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 651742092fbbd6b1-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a226799bb0000d6b1c2102000000001
GET H3-29	200	easyXDM.min.js Show response cuofco.prismacampaigns.com/scripts/	20 KB 7 KB	672ms 672ms	Script text/javascript	2606:4700:3037::6815:5a2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cuofco.prismacampaigns.com/scripts/easyXDM.min.js?v=6.0.759&_=1620672765 Requested by Host: cuofco.prismacampaigns.com URL: https://cuofco.prismacampaigns.com/sdk/javascript/prisma.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:5a2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9c6e7ef515eb401a7d49a76715e345c0cde96fa85a01886c89b17512f3177b9 Request headers :path /scripts/easyXDM.min.js?v=6.0.759&_=1620672765 pragma no-cache cookie global-prisma-customer-id=60a40be6-41c1-4fec-97c7-16d40cc142b0; prisma-trace-id=60a40be6-b6d4-4bd2-a3b7-a896f7c6aaa6; prisma-trail-id=60a40be6-0319-48ce-be13-cd0ada54e06d accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority cuofco.prismacampaigns.com referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 :scheme https sec-fetch-site same-origin :method GET Referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 18:48:08 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 10 May 2021 19:20:17 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MmU%2FaHhhXd3AmigvUppeb1NF5PSUW05j7WPRSkqkOUDCvU4KC%2FyDwm0QYAn4Q5c7oX2ETfvtGCma2B%2FTBYOremVyGktZx%2FFfBwSni%2B0LNZPOeKEHcoCRqDN4ionlx3Qu5lf9tcW1%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 651742092fbdd6b1-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a226799bb0000d6b1c738b000000001
GET H3-29	200	jsedn.js Show response cuofco.prismacampaigns.com/scripts/	43 KB 10 KB	825ms 825ms	Script text/javascript	2606:4700:3037::6815:5a2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cuofco.prismacampaigns.com/scripts/jsedn.js?v=6.0.759&_=1620672765 Requested by Host: cuofco.prismacampaigns.com URL: https://cuofco.prismacampaigns.com/sdk/javascript/prisma.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:5a2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c1c379df7268d796bfa0f07682f0a5a136757d9fa9e3595f144bff04a2f376c Request headers :path /scripts/jsedn.js?v=6.0.759&_=1620672765 pragma no-cache cookie global-prisma-customer-id=60a40be6-41c1-4fec-97c7-16d40cc142b0; prisma-trace-id=60a40be6-b6d4-4bd2-a3b7-a896f7c6aaa6; prisma-trail-id=60a40be6-0319-48ce-be13-cd0ada54e06d accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority cuofco.prismacampaigns.com referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 :scheme https sec-fetch-site same-origin :method GET Referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 18:48:09 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 10 May 2021 19:20:17 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nYxUL%2FS%2FDBe4lzGtXHH3ZX9JpqcLgPeqKHXqgfI6CC%2B59PvXUj3nI35OtQGoaghwk0EYDpVlkA27LVuhp%2BvNYXhbuXM6Lj57iP5igZIJd2Xbg51uM9phFZr9jxHFWhAVC5flf8SEbA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6517420d6899d6b1-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a22679c660000d6b1c73c9000000001
GET H3-29	200	api.js Show response cuofco.prismacampaigns.com/sdk/javascript/	2 KB 1 KB	651ms 651ms	Script text/javascript	2606:4700:3037::6815:5a2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cuofco.prismacampaigns.com/sdk/javascript/api.js?v=6.0.759&_=1620672765 Requested by Host: cuofco.prismacampaigns.com URL: https://cuofco.prismacampaigns.com/sdk/javascript/prisma.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:5a2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2955ff3465797f14096566765721738bb945cc71626e900c863669c8c87f8018 Request headers :path /sdk/javascript/api.js?v=6.0.759&_=1620672765 pragma no-cache cookie global-prisma-customer-id=60a40be6-41c1-4fec-97c7-16d40cc142b0; prisma-trace-id=60a40be6-b6d4-4bd2-a3b7-a896f7c6aaa6; prisma-trail-id=60a40be6-0319-48ce-be13-cd0ada54e06d accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority cuofco.prismacampaigns.com referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 :scheme https sec-fetch-site same-origin :method GET Referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 18:48:10 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 10 May 2021 19:20:17 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pu8pd2NF7fJScP8VHKRHSAuvLoSRCPPEm6iNRI73AbOya4Wcabn57nPbYi3iMPlfClTGS2FMd0ypAPNrsRF0gmgO%2Fzo1IFd0UprirDmtRZd2P3wBUADwdsafPnFYfUsR3w0zGZ7QrA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 65174212ab37d6b1-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a22679fac0000d6b1c700f000000001
GET H3-29	200	textinput-mask.js Show response cuofco.prismacampaigns.com/sdk/javascript/	28 KB 6 KB	666ms 666ms	Script text/javascript	2606:4700:3037::6815:5a2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cuofco.prismacampaigns.com/sdk/javascript/textinput-mask.js?v=6.0.759&_=1620672765 Requested by Host: cuofco.prismacampaigns.com URL: https://cuofco.prismacampaigns.com/sdk/javascript/prisma.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:5a2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f0789a355bc0d030b0ba72db3666c41de59b7a5a809283ffc29fd807ee09a236 Request headers :path /sdk/javascript/textinput-mask.js?v=6.0.759&_=1620672765 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority cuofco.prismacampaigns.com referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 :scheme https sec-fetch-site same-origin :method GET Referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 18:48:10 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 10 May 2021 19:20:17 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SAAnrSWlDdvDPRMXSG29ufNu6zMrxKOKPEidbCytYixxMksE5VsRmHiR7wzBIWkLYKkWyJW%2Bm3zGnyY8ChNeuoKOjXe0OzT%2Bh%2F5TTJK3NSAdKtS99QeaebfrFOkdxsqeyS844NWzhQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 65174216cb70d6b1-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a2267a2400000d6b1f830d000000001
GET H3-29	200	plugins.js Show response cuofco.prismacampaigns.com/sdk/javascript/	231 KB 33 KB	841ms 840ms	Script text/javascript	2606:4700:3037::6815:5a2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cuofco.prismacampaigns.com/sdk/javascript/plugins.js?v=6.0.759&_=1620672765 Requested by Host: cuofco.prismacampaigns.com URL: https://cuofco.prismacampaigns.com/sdk/javascript/prisma.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:5a2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f49713e7ed49f027b37f6162f603872b4146a5d0c44dd807bdd6ae6e489056e Request headers :path /sdk/javascript/plugins.js?v=6.0.759&_=1620672765 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority cuofco.prismacampaigns.com referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 :scheme https sec-fetch-site same-origin :method GET Referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 18:48:11 GMT content-encoding br cf-cache-status EXPIRED nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EnL8a%2FMo9KS3xdEByxGKxf3NFstXZCHJ7tzd%2FiMIXJUJoqz3fgUYUiYPWfaSNvu1c82SCKfM%2Fk8WpzT2RWzkhlW1t0acpPPDB4C%2FPibqRwtiqnli6%2FJ%2FyCxsaqwZQKwZKZEBdbJHHg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 6517421b1c22d6b1-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a2267a4ea0000d6b1c21f5000000001
GET H3-29	200	index.html Show response cuofco.prismacampaigns.com/scripts/cors/ Frame 469D	9 KB 3 KB	661ms 661ms	Document text/html	2606:4700:3037::6815:5a2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cuofco.prismacampaigns.com/scripts/cors/index.html?xdm_e=https%3A%2F%2Fcuofco.prismacampaigns.com%2Fapi%2Fcampaigns%2Freferral%2F18f68fe0-1193-4e69-8487-a53795b62a47&xdm_c=default6754&xdm_p=4 Requested by Host: cuofco.prismacampaigns.com URL: https://cuofco.prismacampaigns.com/scripts/easyXDM.min.js?v=6.0.759&_=1620672765 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:5a2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2d5179060b085d9a723682e841a72cecde077b063c5e0fcbc062de269a7d85e Request headers :method GET :authority cuofco.prismacampaigns.com :scheme https :path /scripts/cors/index.html?xdm_e=https%3A%2F%2Fcuofco.prismacampaigns.com%2Fapi%2Fcampaigns%2Freferral%2F18f68fe0-1193-4e69-8487-a53795b62a47&xdm_c=default6754&xdm_p=4 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 Response headers date Tue, 18 May 2021 18:48:12 GMT content-type text/html last-modified Mon, 10 May 2021 19:20:17 GMT cf-cache-status DYNAMIC cf-request-id 0a2267a84e0000d6b1ab094000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Yeyc6mUVr5%2FXeeY65%2BlLA%2B5nuxF2n4QU9424Yez8DwIPUOsyj7%2BHCxRZIAsDYxDFAYpRV5i8Up6M2Ur5WS0t4uzJTicy%2F05Ve9f7FzFKBgrbhSVI3Srem%2BIl1fIayaXVchoRlNdRmw%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 651742207f7cd6b1-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3-29	200	easyXDM.min.js Show response cuofco.prismacampaigns.com/scripts/ Frame 469D	20 KB 7 KB	665ms 664ms	Script text/javascript	2606:4700:3037::6815:5a2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cuofco.prismacampaigns.com/scripts/easyXDM.min.js Requested by Host: cuofco.prismacampaigns.com URL: https://cuofco.prismacampaigns.com/scripts/cors/index.html?xdm_e=https%3A%2F%2Fcuofco.prismacampaigns.com%2Fapi%2Fcampaigns%2Freferral%2F18f68fe0-1193-4e69-8487-a53795b62a47&xdm_c=default6754&xdm_p=4 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:5a2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9c6e7ef515eb401a7d49a76715e345c0cde96fa85a01886c89b17512f3177b9 Request headers :path /scripts/easyXDM.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority cuofco.prismacampaigns.com referer https://cuofco.prismacampaigns.com/scripts/cors/index.html?xdm_e=https%3A%2F%2Fcuofco.prismacampaigns.com%2Fapi%2Fcampaigns%2Freferral%2F18f68fe0-1193-4e69-8487-a53795b62a47&xdm_c=default6754&xdm_p=4 :scheme https sec-fetch-site same-origin :method GET Referer https://cuofco.prismacampaigns.com/scripts/cors/index.html?xdm_e=https%3A%2F%2Fcuofco.prismacampaigns.com%2Fapi%2Fcampaigns%2Freferral%2F18f68fe0-1193-4e69-8487-a53795b62a47&xdm_c=default6754&xdm_p=4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 18:48:12 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 10 May 2021 19:20:17 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AT%2BG4Sk9t1b5ISl%2BVYPL90rZ13pvNxmbkFJsY3MOGXqLWTpcUfzYoCPGOjTLyD%2FIwnMtQYDhdxX3r9q1%2FLyzIbpaglP7NC9mUwulMGd2elgawg23ucXTq5zselwgw5nNN8DlVheagQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 65174224aeeed6b1-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a2267aae80000d6b19c096000000001
GET H3-29	200	jsedn.js Show response cuofco.prismacampaigns.com/scripts/ Frame 469D	43 KB 10 KB	807ms 806ms	Script text/javascript	2606:4700:3037::6815:5a2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cuofco.prismacampaigns.com/scripts/jsedn.js Requested by Host: cuofco.prismacampaigns.com URL: https://cuofco.prismacampaigns.com/scripts/cors/index.html?xdm_e=https%3A%2F%2Fcuofco.prismacampaigns.com%2Fapi%2Fcampaigns%2Freferral%2F18f68fe0-1193-4e69-8487-a53795b62a47&xdm_c=default6754&xdm_p=4 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:5a2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c1c379df7268d796bfa0f07682f0a5a136757d9fa9e3595f144bff04a2f376c Request headers :path /scripts/jsedn.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority cuofco.prismacampaigns.com referer https://cuofco.prismacampaigns.com/scripts/cors/index.html?xdm_e=https%3A%2F%2Fcuofco.prismacampaigns.com%2Fapi%2Fcampaigns%2Freferral%2F18f68fe0-1193-4e69-8487-a53795b62a47&xdm_c=default6754&xdm_p=4 :scheme https sec-fetch-site same-origin :method GET Referer https://cuofco.prismacampaigns.com/scripts/cors/index.html?xdm_e=https%3A%2F%2Fcuofco.prismacampaigns.com%2Fapi%2Fcampaigns%2Freferral%2F18f68fe0-1193-4e69-8487-a53795b62a47&xdm_c=default6754&xdm_p=4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 18:48:13 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 10 May 2021 19:20:17 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mpssFb%2BjKA2JP1wQ1pogz0ehSp2kcTUEB1JUu5ioN0SBApKK4Ce%2BDl7pHbJ72blLFPo%2BfCnjE3ZxVCJpc0bZHLXg5wk0zDkMVo31FaRX89S2lzEWY8rKmo7XdzXoCK6gb4kgWsOLMA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 65174224aef1d6b1-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a2267aae80000d6b1f52da000000001
POST H3-29	200	advance-funnel-step Show response cuofco.prismacampaigns.com/api/campaigns/ Frame 469D	23 KB 23 KB	774ms 774ms	XHR application/edn	2606:4700:3037::6815:5a2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cuofco.prismacampaigns.com/api/campaigns/advance-funnel-step Requested by Host: cuofco.prismacampaigns.com URL: https://cuofco.prismacampaigns.com/scripts/cors/index.html?xdm_e=https%3A%2F%2Fcuofco.prismacampaigns.com%2Fapi%2Fcampaigns%2Freferral%2F18f68fe0-1193-4e69-8487-a53795b62a47&xdm_c=default6754&xdm_p=4 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:5a2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9ecf24c9a2a91522991b079e5916fd577569e22db74d8cf12ef1231654c17bb Request headers sec-fetch-mode cors origin https://cuofco.prismacampaigns.com accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty x-requested-with XMLHttpRequest content-length 218 :path /api/campaigns/advance-funnel-step pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 prisma-version v6.0.759 content-type application/edn accept */* cache-control no-cache :authority cuofco.prismacampaigns.com referer https://cuofco.prismacampaigns.com/scripts/cors/index.html?xdm_e=https%3A%2F%2Fcuofco.prismacampaigns.com%2Fapi%2Fcampaigns%2Freferral%2F18f68fe0-1193-4e69-8487-a53795b62a47&xdm_c=default6754&xdm_p=4 :scheme https sec-fetch-site same-origin :method POST Referer https://cuofco.prismacampaigns.com/scripts/cors/index.html?xdm_e=https%3A%2F%2Fcuofco.prismacampaigns.com%2Fapi%2Fcampaigns%2Freferral%2F18f68fe0-1193-4e69-8487-a53795b62a47&xdm_c=default6754&xdm_p=4 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Prisma-Version v6.0.759 Content-Type application/edn Response headers cf-request-id 0a2267ae170000d6b1b18da000000001 cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare date Tue, 18 May 2021 18:48:13 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NO%2BX2vqoYtckKjgYLs8XXBubtGMK5dGKn6FWKOW0JjYc7yjsXqNOnUWjht%2FHq66Mcow1pKfOQFH2lm5LadaBkiK4q6sRoT5tLrJfAJn8ALMxC7Rynpinda%2F7G9hP%2FRYD6RI44S8j0A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/edn cf-ray 65174229b94ad6b1-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3-29	200	clss.js Show response cuofco.prismacampaigns.com/sdk/javascript/	15 KB 3 KB	649ms 649ms	Script text/javascript	2606:4700:3037::6815:5a2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cuofco.prismacampaigns.com/sdk/javascript/clss.js Requested by Host: cuofco.prismacampaigns.com URL: https://cuofco.prismacampaigns.com/sdk/javascript/prisma.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:5a2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6158484936eec7d76ecee7bc61ce04f907118ed97d929330054f8a88fdfa24f9 Request headers :path /sdk/javascript/clss.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority cuofco.prismacampaigns.com referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 :scheme https sec-fetch-site same-origin :method GET Referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 18:48:14 GMT content-encoding br cf-cache-status MISS last-modified Mon, 10 May 2021 19:20:17 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zYlzx8Ba1XGxxVyCmzw8QnTHLYmLJjgklEswsLjfjRAQW5Wjbc954drWaX2mciCgcOXZUSuEueFqCEoTKEiYOD4ZZ9MPly3orcPcxo6OX%2Fv2qbvXtGHJm0zgHKGEWJtcRjgRdr3EOQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6517422efb8ed6b1-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a2267b1560000d6b1c2acd000000001
GET H3-29	200	3b2fd03f-4fa2-4cdd-a497-7819d335bf7c cuofco.prismacampaigns.com/api/image/view/	61 KB 62 KB	653ms 652ms	Image image/png	2606:4700:3037::6815:5a2b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cuofco.prismacampaigns.com/api/image/view/3b2fd03f-4fa2-4cdd-a497-7819d335bf7c Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:5a2b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5eae8d205a918ae78c1c9864060198bd7ef5b2d2f4bdf6b8fb42a535cc1b81ed Request headers :path /api/image/view/3b2fd03f-4fa2-4cdd-a497-7819d335bf7c pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority cuofco.prismacampaigns.com referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 :scheme https sec-fetch-site same-origin :method GET Referer https://cuofco.prismacampaigns.com/api/campaigns/referral/18f68fe0-1193-4e69-8487-a53795b62a47 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cf-request-id 0a2267b1790000d6b10091a000000001 cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare date Tue, 18 May 2021 18:48:14 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LFF042IcgOTIO1tcXTz%2BEBqvzvvf5eXvAKm1mfm4q30dmTo3pA0z1wwPCacynzTjvcbsp89Rb8FYpSJoRwO8zZItUs6WGuUaSEYlNCVKn8wI5RslmSNld6bd0IFYjdzHnPCqS55yYg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cf-ray 6517422f2bf6d6b1-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jizaRExUiTo99u79D0KExQ.woff2 fonts.gstatic.com/s/ptsans/v12/	44 KB 44 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=PT+Sans:wght@400&family=Sanchez&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://cuofco.prismacampaigns.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 13 May 2021 15:44:08 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:20 GMT server sffe age 443045 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 45416 x-xss-protection 0 expires Fri, 13 May 2022 15:44:08 GMT
GET DATA	200 OK	truncated /	266 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated number| MODE_HORIZONTAL_SCROLL number| MODE_FADEIN_FADEOUT object| prisma function| prisma_prisma object| sm object| easyXDM object| jsedn function| prisma_api boolean| prisma_textinput_mask boolean| prisma_plugins number| maxSteps number| remainingSteps string| c

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.prismacampaigns.com/	1970-01-19 19:05:55	Name: prisma-trail-id Value: 60a40be6-0319-48ce-be13-cd0ada54e06d
			.prismacampaigns.com/	1970-01-19 19:05:55	Name: prisma-trace-id Value: 60a40be6-b6d4-4bd2-a3b7-a896f7c6aaa6
			.prismacampaigns.com/	1970-01-20 03:08:19	Name: global-prisma-customer-id Value: 60a40be6-41c1-4fec-97c7-16d40cc142b0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.glia.com
cuofco.prismacampaigns.com
fonts.googleapis.com
fonts.gstatic.com
js.poshdevelopment.com
13.225.74.90
2600:9000:20eb:5c00:17:4c3f:1b80:93a1
2606:4700:3037::6815:5a2b
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2955ff3465797f14096566765721738bb945cc71626e900c863669c8c87f8018
433ad3734fe1374e2b5d814474d87fc871fd69e882cd9d07c52d6ed481bfd3ef
5eae8d205a918ae78c1c9864060198bd7ef5b2d2f4bdf6b8fb42a535cc1b81ed
5f49713e7ed49f027b37f6162f603872b4146a5d0c44dd807bdd6ae6e489056e
6158484936eec7d76ecee7bc61ce04f907118ed97d929330054f8a88fdfa24f9
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
7c0a302f6f5da0731af85a71907ffa367ddaf2bbc95291c1019e2f0e534d59d2
7c1c379df7268d796bfa0f07682f0a5a136757d9fa9e3595f144bff04a2f376c
8553956514407baad00c6450af20eee8d1ce1e07e2123d1a0cd6743dfc4426dd
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
97fa5f3bafeeab859c6d03b4e80b0617f9456e53b9255b9070701d54cfa9c1b8
9eb0dee31224a5e87825260e40bc81a6b8aa6194f4724dc9067ed781362b00fd
a2d5179060b085d9a723682e841a72cecde077b063c5e0fcbc062de269a7d85e
dea2f0b111a218ba5a78367d3f8eede24f5173c321a55a0aa53c54668afccdff
f0789a355bc0d030b0ba72db3666c41de59b7a5a809283ffc29fd807ee09a236
f9c6e7ef515eb401a7d49a76715e345c0cde96fa85a01886c89b17512f3177b9
f9ecf24c9a2a91522991b079e5916fd577569e22db74d8cf12ef1231654c17bb