urlscan.io logo urlscan.io
SecurityTrails logo

initiatives.swordhealth.com Open in urlscan Pro
18.196.95.178  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mktg.swordhealth.com/t/103026/c/77c4a898-bd14-4d1c-bea7-419f4954b3f1/NB2HI4DTHIXS62LONF2GSYLUNF3GK4ZOON3W64TENBSWC3DU...
Effective URL: https://initiatives.swordhealth.com/cp-case-study-download/?utm_source=sto-sig&utm_medium=email&utm_campaign=cps-cs&sbrc=1zTYYdqbfrZ...
Submission: On May 12 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 24 domains to perform 31 HTTP transactions. The main IP is 18.196.95.178, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is initiatives.swordhealth.com.
TLS certificate: Issued by R3 on April 15th 2021. Valid for: 3 months.
This is the only time initiatives.swordhealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.193.154.185 14618 (AMAZON-AES)
1 1 52.22.212.120 14618 (AMAZON-AES)
1 18.196.95.178 16509 (AMAZON-02)
2 13.224.95.94 16509 (AMAZON-02)
2 2600:9000:21f... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 35.174.78.146 14618 (AMAZON-AES)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 13.224.89.221 16509 (AMAZON-02)
1 23.22.247.80 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
6 9 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
2 2 2620:119:50e3... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2 35.227.248.159 15169 (GOOGLE)
2 2 54.165.219.213 14618 (AMAZON-AES)
2 2 142.250.186.130 15169 (GOOGLE)
2 2 185.33.221.11 29990 (ASN-APPNEX)
1 2 35.156.223.207 16509 (AMAZON-02)
31 21
1    34.193.154.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-154-185.compute-1.amazonaws.com
mktg.swordhealth.com
1    52.22.212.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-212-120.compute-1.amazonaws.com
app.salesloft.com
1    18.196.95.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-95-178.eu-central-1.compute.amazonaws.com
initiatives.swordhealth.com
2    13.224.95.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-94.zrh50.r.cloudfront.net
builder-assets.unbounce.com
2    2600:9000:21f3:fe00:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    35.174.78.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-5-ue1.aws.pardot.com
mktg.sword.health.swordhealth.com
1    2600:9000:21f3:ac00:d:7e9b:1200:93a1 (United States)

ASN16509 (AMAZON-02, US)
storage.pardot.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    13.224.89.221 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-221.zrh50.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    23.22.247.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-247-80.compute-1.amazonaws.com
events.ub-analytics.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:6c00:2ab::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:20::ac43:4549 (United States)

ASN13335 (CLOUDFLARENET, US)
a.remarketstats.com
9    2606:4700:3039::6815:c074 (United States)

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:20eb:2c00:1f:f723:6fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sc.lfeeder.com
2    2620:119:50e3:101::6cae:b45 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
1    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    54.165.219.213 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-219-213.compute-1.amazonaws.com
i.liadm.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
2    185.33.221.11 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    35.156.223.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-223-207.eu-central-1.compute.amazonaws.com
x.bidswitch.net
Domain Requested by
9 a.clickcertain.com 6 redirects a.remarketstats.com
a.clickcertain.com
3 d9hhrg4mnvzow.cloudfront.net
2 x.bidswitch.net 1 redirects a.clickcertain.com
2 secure.adnxs.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 i.liadm.com 2 redirects
2 pixel.tapad.com 2 redirects
2 www.facebook.com
2 px.ads.linkedin.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net initiatives.swordhealth.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 d34qb8suadcc4g.cloudfront.net initiatives.swordhealth.com
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com initiatives.swordhealth.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 sc.lfeeder.com initiatives.swordhealth.com
1 a.remarketstats.com 1 redirects
1 snap.licdn.com www.googletagmanager.com
1 events.ub-analytics.com
1 fonts.googleapis.com builder-assets.unbounce.com
1 storage.pardot.com initiatives.swordhealth.com
1 mktg.sword.health.swordhealth.com 1 redirects
1 www.googletagmanager.com initiatives.swordhealth.com
1 initiatives.swordhealth.com
1 app.salesloft.com 1 redirects
1 mktg.swordhealth.com 1 redirects
31 30

This site contains links to these domains. Also see Links.

Domain
swordhealth.com
Subject Issuer Validity Valid
initiatives.swordhealth.com
R3		 2021-04-15 -
2021-07-14		 3 months crt.sh
*.unbounce.com
Amazon		 2021-03-10 -
2022-04-08		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
storage.pardot.com
DigiCert SHA2 Secure Server CA		 2020-12-09 -
2021-12-08		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.ub-analytics.com
Amazon		 2021-05-10 -
2022-06-08		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-04-30 -
2022-05-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-20 -
2021-07-20		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.lfeeder.com
Amazon		 2020-09-04 -
2021-10-06		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-04-15 -
2021-10-15		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh

This page contains 2 frames:

Frame: https://storage.pardot.com/877172/1605800108Ce8aVjnp/SWORD_Concordia_Plans_Case_Study.pdf
Frame ID: ECCD67B20D033009EF32304E47780FCD
Requests: 29 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=23d15560b94601e&ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b&cn=DE
Frame ID: 088DAA44282B4E344AA24E5EAD73FE38
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://mktg.swordhealth.com/t/103026/c/77c4a898-bd14-4d1c-bea7-419f4954b3f1/NB2HI4DTHIXS62LONF2GSYLUNF3G... HTTP 302
    https://app.salesloft.com/t/103026/c/77c4a898-bd14-4d1c-bea7-419f4954b3f1/NB2HI4DTHIXS62LONF2GSYLUNF3G... HTTP 302
    https://initiatives.swordhealth.com/cp-case-study-download/?utm_source=sto-sig&utm_medium=email&utm_campaign=cps... Page URL

Page Statistics

31
Requests

97 %
HTTPS

57 %
IPv6

24
Domains

30
Subdomains

21
IPs

4
Countries

337 kB
Transfer

1011 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mktg.swordhealth.com/t/103026/c/77c4a898-bd14-4d1c-bea7-419f4954b3f1/NB2HI4DTHIXS62LONF2GSYLUNF3GK4ZOON3W64TENBSWC3DUNAXGG33NF5RXALLDMFZWKLLTOR2WI6JNMRXXO3TMN5QWILZ7OV2G2X3TN52XEY3FHVZXI3ZNONUWOJTVORWV63LFMRUXK3J5MVWWC2LMEZ2XI3K7MNQW24DBNFTW4PLDOBZS2Y3TEZZWE4TDHUYXUVCZLFSHCYTGOJNEO4CGI52TMMBQKFHWWUJFGNCCKM2EEUZDI5DMM5EW2QKJJNZHGQ3LPEWWKMJRNVYDC6SBEUZUIJJTIQ======/initiatives-swordhealth-com-cp-case-study-download HTTP 302
    https://app.salesloft.com/t/103026/c/77c4a898-bd14-4d1c-bea7-419f4954b3f1/NB2HI4DTHIXS62LONF2GSYLUNF3GK4ZOON3W64TENBSWC3DUNAXGG33NF5RXALLDMFZWKLLTOR2WI6JNMRXXO3TMN5QWILZ7OV2G2X3TN52XEY3FHVZXI3ZNONUWOJTVORWV63LFMRUXK3J5MVWWC2LMEZ2XI3K7MNQW24DBNFTW4PLDOBZS2Y3TEZZWE4TDHUYXUVCZLFSHCYTGOJNEO4CGI52TMMBQKFHWWUJFGNCCKM2EEUZDI5DMM5EW2QKJJNZHGQ3LPEWWKMJRNVYDC6SBEUZUIJJTIQ======/initiatives-swordhealth-com-cp-case-study-download HTTP 302
    https://initiatives.swordhealth.com/cp-case-study-download/?utm_source=sto-sig&utm_medium=email&utm_campaign=cps-cs&sbrc=1zTYYdqbfrZGpFGu600QOkQ%3D%3D%24tlgImAIKrsCky-e11mp1zA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://mktg.sword.health.swordhealth.com/ConcordiaPlans_case-study HTTP 302
  • https://storage.pardot.com/877172/1605800108Ce8aVjnp/SWORD_Concordia_Plans_Case_Study.pdf
Request Chain 16
  • https://a.remarketstats.com/px/smart/?c=23d15560b94601e&seg=cp-case-study-download HTTP 302
  • https://a.clickcertain.com/px/smart/a/?c=23d15560b94601e&seg=cp%2dcase%2dstudy%2ddownload HTTP 302
  • https://a.clickcertain.com/px/?c=23d15560b94601e
Request Chain 20
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=787059&time=1620831861761&url=https%3A%2F%2Finitiatives.swordhealth.com%2Fcp-case-study-download%2F%3Futm_source%3Dsto-sig%26utm_medium%3Demail%26utm_campaign%3Dcps-cs%26sbrc%3D1zTYYdqbfrZGpFGu600QOkQ%3D%3D%24tlgImAIKrsCky-e11mp1zA%3D%3D HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D787059%26time%3D1620831861761%26url%3Dhttps%253A%252F%252Finitiatives.swordhealth.com%252Fcp-case-study-download%252F%253Futm_source%253Dsto-sig%2526utm_medium%253Demail%2526utm_campaign%253Dcps-cs%2526sbrc%253D1zTYYdqbfrZGpFGu600QOkQ%253D%253D%2524tlgImAIKrsCky-e11mp1zA%253D%253D%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=787059&time=1620831861761&url=https%3A%2F%2Finitiatives.swordhealth.com%2Fcp-case-study-download%2F%3Futm_source%3Dsto-sig%26utm_medium%3Demail%26utm_campaign%3Dcps-cs%26sbrc%3D1zTYYdqbfrZGpFGu600QOkQ%3D%3D%24tlgImAIKrsCky-e11mp1zA%3D%3D&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=787059&time=1620831861761&url=https%3A%2F%2Finitiatives.swordhealth.com%2Fcp-case-study-download%2F%3Futm_source%3Dsto-sig%26utm_medium%3Demail%26utm_campaign%3Dcps-cs%26sbrc%3D1zTYYdqbfrZGpFGu600QOkQ%3D%3D%24tlgImAIKrsCky-e11mp1zA%3D%3D&liSync=true&e_ipv6=AQLWYyOM6rUVMQAAAXlhG315DT81fpbqG7nyh5LsKVcowaYJLnACLG7s6k4P4KTN7ex5u9tW
Request Chain 29
  • https://a.clickcertain.com/px/ta/?ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=1db05e3c-881b-4935-a72b-4ea9f09b307b&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=1db05e3c-881b-4935-a72b-4ea9f09b307b&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
  • https://a.clickcertain.com/px/ta/?done=true&ta_id=84011ae6-bf00-41db-9e30-aacdc7ecb3e4
Request Chain 30
  • https://a.clickcertain.com/px/r/?ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b HTTP 302
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=1db05e3c-881b-4935-a72b-4ea9f09b307b&ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d1db05e3c%25252d881b%25252d4935%25252da72b%25252d4ea9f09b307b%252526anx_uId%25253d%252524UID HTTP 303
  • https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d1db05e3c%25252d881b%25252d4935%25252da72b%25252d4ea9f09b307b%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=1db05e3c-881b-4935-a72b-4ea9f09b307b&_li_chk=true&ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b&previous_uuid=5a54abd7c9e842629a24534ad9e26835 HTTP 303
  • https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d1db05e3c%252d881b%252d4935%252da72b%252d4ea9f09b307b%2526anx_uId%253d%2524UID&ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d1db05e3c%2d881b%2d4935%2da72b%2d4ea9f09b307b%26anx_uId%3d%24UID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D1db05e3c%2D881b%2D4935%2Da72b%2D4ea9f09b307b%26anx_uId%3D%24UID&google_tc= HTTP 302
  • https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D1db05e3c%2D881b%2D4935%2Da72b%2D4ea9f09b307b%26anx_uId%3D%24UID&google_gid=CAESEFpqTYK0DSJBnjE10P0Fa5Q&google_cver=1 HTTP 302
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b&anx_uId=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D1db05e3c-881b-4935-a72b-4ea9f09b307b%26anx_uId%3D%24UID HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b&anx_uId=5948960170861650542 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=1db05e3c-881b-4935-a72b-4ea9f09b307b&expires=5&user_group=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=1db05e3c-881b-4935-a72b-4ea9f09b307b&expires=5&user_group=0

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
initiatives.swordhealth.com/cp-case-study-download/
Redirect Chain
  • https://mktg.swordhealth.com/t/103026/c/77c4a898-bd14-4d1c-bea7-419f4954b3f1/NB2HI4DTHIXS62LONF2GSYLUNF3GK4ZOON3W64TENBSWC3DUNAXGG33NF5RXALLDMFZWKLLTOR2WI6JNMRXXO3TMN5QWILZ7OV2G2X3TN52XEY3FHVZXI3ZN...
  • https://app.salesloft.com/t/103026/c/77c4a898-bd14-4d1c-bea7-419f4954b3f1/NB2HI4DTHIXS62LONF2GSYLUNF3GK4ZOON3W64TENBSWC3DUNAXGG33NF5RXALLDMFZWKLLTOR2WI6JNMRXXO3TMN5QWILZ7OV2G2X3TN52XEY3FHVZXI3ZNONU...
  • https://initiatives.swordhealth.com/cp-case-study-download/?utm_source=sto-sig&utm_medium=email&utm_campaign=cps-cs&sbrc=1zTYYdqbfrZGpFGu600QOkQ%3D%3D%24tlgImAIKrsCky-e11mp1zA%3D%3D
28 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://initiatives.swordhealth.com/cp-case-study-download/?utm_source=sto-sig&utm_medium=email&utm_campaign=cps-cs&sbrc=1zTYYdqbfrZGpFGu600QOkQ%3D%3D%24tlgImAIKrsCky-e11mp1zA%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.196.95.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-95-178.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
cd2ca27063b11d0f7b10ca5ee1165cbe5bf99469c3bde81a94c195496f5c7c5c

Request headers

Host
initiatives.swordhealth.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:04:21 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
6e2369aa-f26b-4635-a217-f0a7ca5ab4ce
etag
"a:24bd0c3d49552e7b1a4a9c7630006a0c"
last-modified
Wed, 28 Apr 2021 16:54:27 GMT
x-unbounce-visitorid
43f85c59-03aa-4d9b-9a3e-b27ad2a9ebb5
x-unbounce-variant
a
content-location
https://initiatives.swordhealth.com/cp-case-study-download/
link
<https://initiatives.swordhealth.com/cp-case-study-download/>; rel="canonical"
set-cookie
ubpv=a%2C6e2369aa-f26b-4635-a217-f0a7ca5ab4ce; Max-Age=15897600; Expires=Fri, 12 Nov 2021 15:04:21 GMT; Path=/cp-case-study-download/; SameSite=Lax ubvs=43f85c59-03aa-4d9b-9a3e-b27ad2a9ebb5; Max-Age=15552000; Expires=Mon, 08 Nov 2021 15:04:21 GMT; Path=/; SameSite=Lax ubvt=43f85c59-03aa-4d9b-9a3e-b27ad2a9ebb5; Max-Age=259200; Expires=Sat, 15 May 2021 15:04:21 GMT; Path=/; Domain=swordhealth.com; SameSite=Lax
content-encoding
gzip
x-proxy-backend
page-server
connection
close

Redirect headers

Cache-Control
no-cache
Content-Type
text/html; charset=utf-8
Date
Wed, 12 May 2021 15:04:20 GMT
Location
https://initiatives.swordhealth.com/cp-case-study-download/?utm_source=sto-sig&utm_medium=email&utm_campaign=cps-cs&sbrc=1zTYYdqbfrZGpFGu600QOkQ%3D%3D%24tlgImAIKrsCky-e11mp1zA%3D%3D
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
Vary
Origin
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Request-Id
60fb52a52d38966c29f3060300c958b3
X-Runtime
0.042172
X-XSS-Protection
1; mode=block
Content-Length
259
Connection
keep-alive
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: initiatives.swordhealth.com
URL: https://initiatives.swordhealth.com/cp-case-study-download/?utm_source=sto-sig&utm_medium=email&utm_campaign=cps-cs&sbrc=1zTYYdqbfrZGpFGu600QOkQ%3D%3D%24tlgImAIKrsCky-e11mp1zA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-94.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 01:12:18 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:15 GMT
server
AmazonS3
age
8344324
etag
"387bd017c5b4c65e427e652174ec93b6"
x-cache
Hit from cloudfront
x-amz-version-id
g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
isnCl-HMpVkay2jtQZA0xd0xJVgQ0k2q6vULeOLLfTkjL65ywVOnHg==
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by
Host: initiatives.swordhealth.com
URL: https://initiatives.swordhealth.com/cp-case-study-download/?utm_source=sto-sig&utm_medium=email&utm_campaign=cps-cs&sbrc=1zTYYdqbfrZGpFGu600QOkQ%3D%3D%24tlgImAIKrsCky-e11mp1zA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fe00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 21:43:55 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:15:08 GMT
server
AmazonS3
age
2308827
etag
"f6420c864830b5860bfaadd47a2bb21b"
x-cache
Hit from cloudfront
x-amz-version-id
bKC28ufbc849z_LglraHgQe9TbPw1SIU
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
1856
x-amz-cf-id
s9sMAi-ibpM6ozqYCpkLamLOzJmGrvImrgPeVfNhwTQWQfe4B5I1GQ==
main.bundle-ab88e31.z.js
builder-assets.unbounce.com/published-js/ 		102 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-ab88e31.z.js
Requested by
Host: initiatives.swordhealth.com
URL: https://initiatives.swordhealth.com/cp-case-study-download/?utm_source=sto-sig&utm_medium=email&utm_campaign=cps-cs&sbrc=1zTYYdqbfrZGpFGu600QOkQ%3D%3D%24tlgImAIKrsCky-e11mp1zA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-94.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab88e31adb6c691cc5d7ec5ba186800947c1dd234cb5e56e2cbdfe5901d7e58c

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 23:15:19 GMT
content-encoding
gzip
last-modified
Mon, 26 Apr 2021 22:29:05 GMT
server
AmazonS3
age
1352943
etag
"5254c0c8307b4cd5db30a5aa0ba0f8ea"
x-cache
Hit from cloudfront
x-amz-version-id
9HCzIetZ2kylNEKmxtJNpCD.kLnf.GiZ
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
content-length
33086
x-amz-cf-id
M_dRnKFVTcKqb56yWSOMymRMg5Wu3MPKlLkzruSbM1PaqDylpkUf2g==
gtm.js
www.googletagmanager.com/ 		151 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDR4TMD
Requested by
Host: initiatives.swordhealth.com
URL: https://initiatives.swordhealth.com/cp-case-study-download/?utm_source=sto-sig&utm_medium=email&utm_campaign=cps-cs&sbrc=1zTYYdqbfrZGpFGu600QOkQ%3D%3D%24tlgImAIKrsCky-e11mp1zA%3D%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf0bda5f4e999cdd7a8bca818c135dfb79e7ef61124711e0e3b0e6c241bc8697
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:04:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51021
x-xss-protection
0
expires
Wed, 12 May 2021 15:04:21 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fe00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:20:35 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
5931827
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
PZ-tNRH8p2CHu9abV7eJ-NLH7G0lcBNBeqNjbPwjR8HQI5tX36H7nQ==
SWORD_Concordia_Plans_Case_Study.pdf
storage.pardot.com/877172/1605800108Ce8aVjnp/
Redirect Chain
  • https://mktg.sword.health.swordhealth.com/ConcordiaPlans_case-study
  • https://storage.pardot.com/877172/1605800108Ce8aVjnp/SWORD_Concordia_Plans_Case_Study.pdf
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.pardot.com/877172/1605800108Ce8aVjnp/SWORD_Concordia_Plans_Case_Study.pdf
Requested by
Host: initiatives.swordhealth.com
URL: https://initiatives.swordhealth.com/cp-case-study-download/?utm_source=sto-sig&utm_medium=email&utm_campaign=cps-cs&sbrc=1zTYYdqbfrZGpFGu600QOkQ%3D%3D%24tlgImAIKrsCky-e11mp1zA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ac00:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
storage.pardot.com
:scheme
https
:path
/877172/1605800108Ce8aVjnp/SWORD_Concordia_Plans_Case_Study.pdf
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://initiatives.swordhealth.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://initiatives.swordhealth.com/

Response headers

content-type
application/octet-stream
content-length
1664578
date
Wed, 12 May 2021 15:04:23 GMT
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Nov 2020 15:35:09 GMT
etag
"a5d1a01df568565697106e51a4c155fc"
x-robots-tag
none
content-disposition
attachment
x-amz-version-id
V7zi.NlxOTU2W0IP6GV1QmTP20LjOiYw
accept-ranges
bytes
server
AmazonS3
x-cache
Miss from cloudfront
via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
zJ7c0V1Go5aA26OljLcLmSIN1ELZFMIILkLKstoKN8paI9GLH1y-2g==

Redirect headers

Date
Wed, 12 May 2021 15:04:22 GMT
Set-Cookie
pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 visitor_id877172=329733539; expires=Sat, 10-May-2031 15:04:22 GMT; Max-Age=315360000; path=/; secure; SameSite=None visitor_id877172-hash=0c5b0b1beabd8d72c6a823086db7ca55877c366c2cf627024fb287ba738db0ba4fe2ee99a490b1b37e0cc8dc9d98aebd1bf7a4aa; expires=Sat, 10-May-2031 15:04:22 GMT; Max-Age=315360000; path=/; secure; SameSite=None
Location
https://storage.pardot.com/877172/1605800108Ce8aVjnp/SWORD_Concordia_Plans_Case_Study.pdf
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
X-Robots-Tag
none
Cache-Control
no-store
Expires
Wed, 12 May 2021 14:54:22 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
158
Content-Type
text/html; charset=UTF-8
X-Pardot-Route
cb482e8713caadba289bc279c1db8a1d
Server
PardotServer
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
Connection
keep-alive
e0e07e36-a8a2-458f-9b9d-f38af9ff597a
https://initiatives.swordhealth.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://initiatives.swordhealth.com/e0e07e36-a8a2-458f-9b9d-f38af9ff597a
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-ab88e31.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
5523
Content-Type
text/css
css
fonts.googleapis.com/ 		3 KB
723 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:700%7CMontserrat:regular
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-ab88e31.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
40197879d231cf1703915cb2d4f20385fcd804b97deb057a97fe8d1ef91a64dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 May 2021 15:04:21 GMT
server
ESF
date
Wed, 12 May 2021 15:04:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 May 2021 15:04:21 GMT
fbe87368-eir-lp-02_106901d000000000000028.png
d9hhrg4mnvzow.cloudfront.net/initiatives.swordhealth.com/cp-case-study-download/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/initiatives.swordhealth.com/cp-case-study-download/fbe87368-eir-lp-02_106901d000000000000028.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-221.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a9b3e65d4d3339d01572aaa4a7ef3c1f0fbc451a90650e567376b0c54a21a7b

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:04:23 GMT
via
1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
last-modified
Wed, 28 Apr 2021 16:54:27 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"f89822bb21ab14dd26e620e10e5cbb48"
x-cache
Miss from cloudfront
x-amz-version-id
dWCF0a7FfXJWbCOtRo0drqwEjYDDpsXd
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
1582
x-amz-cf-id
dO4nvRuuBfj1zhk7FmJQo6m-Dc7UZFYuG9l5qBsjTQWpcMGNDDpgug==
54cc6b5b-sword-mask-02_10bv0bv0b30bv00e000028.png
d9hhrg4mnvzow.cloudfront.net/initiatives.swordhealth.com/cp-case-study-download/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/initiatives.swordhealth.com/cp-case-study-download/54cc6b5b-sword-mask-02_10bv0bv0b30bv00e000028.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-221.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c09f7b240e7348984a0dddb417fddca6e062bd3fecabb969a92ef1718bfc90f

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:04:23 GMT
via
1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
last-modified
Wed, 28 Apr 2021 16:54:27 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"eb78767e8b19ea806dc04177b7468898"
x-cache
Miss from cloudfront
x-amz-version-id
5ZmeHFvu1c3ggPvtO5.pnjeOk0A29DaP
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
42359
x-amz-cf-id
Ucnu6zEXC-8a8zkLCGYqPvanVihYZUfucNyIG7Awy1m_a2N5OQvekw==
eb0585e6-done.svg
d9hhrg4mnvzow.cloudfront.net/initiatives.swordhealth.com/cp-case-study-download/ 		362 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/initiatives.swordhealth.com/cp-case-study-download/eb0585e6-done.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-221.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8d1b79035284aabf2f4a3a25b95679f701b90f3b63c2818aacd4359a6d923a6

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:04:23 GMT
via
1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
last-modified
Wed, 28 Apr 2021 16:54:27 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"4b49f9297f412a8f5eae5c4f0ba69f5e"
x-cache
Miss from cloudfront
x-amz-version-id
oMKIyOub0Dnoynq_SBatvkUQbbzeVW5w
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/svg+xml
content-length
362
x-amz-cf-id
W2DkGqhE94HTVzqYn-CGAYxyDHisherrQgtRsCnz-FFOSX4es9cjxQ==
i
events.ub-analytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1620831861734&e=pv&url=https%3A%2F%2Finitiatives.swordhealth.com%2Fcp-case-study-download%2F%3Futm_source%3Dsto-sig%26utm_medium%3Demail%26utm_campaign%3Dcps-cs%26sbrc%3D1zTYYdqbfrZGpFGu600QOkQ%253D%253D%2524tlgImAIKrsCky-e11mp1zA%253D%253D&page=Concordia%20Plans%20Case%20Study%20%7C%20SWORD%20Health&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&eid=6d3ddd7f-78a1-4300-9920-ddbc2ef9cebf&dtm=1620831861732&vp=1600x1200&ds=1600x1200&vid=1&sid=0901d6cb-be80-4ed0-8da8-5b1daa7d4000&duid=ee662f78-8b02-4777-82d6-2e4c13c027a3&uid=43f85c59-03aa-4d9b-9a3e-b27ad2a9ebb5&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNmUyMzY5YWEtZjI2Yi00NjM1LWEyMTctZjBhN2NhNWFiNGNlIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.247.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-247-80.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 12 May 2021 15:04:21 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDR4TMD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2249
date
Wed, 12 May 2021 14:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 12 May 2021 16:26:52 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDR4TMD
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2ab::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 15:04:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=17976
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
fbevents.js
connect.facebook.net/en_US/ 		103 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: initiatives.swordhealth.com
URL: https://initiatives.swordhealth.com/cp-case-study-download/?utm_source=sto-sig&utm_medium=email&utm_campaign=cps-cs&sbrc=1zTYYdqbfrZGpFGu600QOkQ%3D%3D%24tlgImAIKrsCky-e11mp1zA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1d7ec022c03f680ee0030df9213ff142f43f9159ccf9b283aba1273dda485e20
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
22474
x-fb-rlafr
0
pragma
public
x-fb-debug
VfFus8BTSxMCdnxX6rEOJSD7/MNVPGhfaJ1++BeMKMQFJ9Ld27hNkBtHG09LyjlpL2LXEDQkMq7K7MDLnaGplw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 12 May 2021 15:04:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
a.clickcertain.com/px/
Redirect Chain
  • https://a.remarketstats.com/px/smart/?c=23d15560b94601e&seg=cp-case-study-download
  • https://a.clickcertain.com/px/smart/a/?c=23d15560b94601e&seg=cp%2dcase%2dstudy%2ddownload
  • https://a.clickcertain.com/px/?c=23d15560b94601e
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.clickcertain.com/px/?c=23d15560b94601e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eea3997c2e7995040a996df1ae2adc9ecdab1d51cc5654e1367bb482bc46af9

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:04:23 GMT
content-encoding
br
x-frontend
9c56d3bf00a8:7d1f519059fb40bb90d1c63779511064
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
3c190b8b-444f-4002-a354-8eaaa11a2871
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HG%2BY9RH5M1Zh6%2Fgmdv6OEOO7wAR3Ve8fmhWbyN3TnEPH1wOXst2tlcoQvgcIc%2FfY9VSQzJM3U7WnKb8GDeZ6d4IsCw5jsydNJiPNnevfmm%2BbQ8tMEvifN%2B0K10yRnM0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
64e48a053f014e79-FRA
cf-request-id
0a02b4974000004e79cdab7000000001

Redirect headers

date
Wed, 12 May 2021 15:04:22 GMT
x-frontend
3e045b39933b:845fe34283114905b20edf53b81d90dd
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
f949fdff-4c10-4ce0-ad9f-b17c54226807
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bnr6tetK7P%2FTtxuVDRtMdX4jCDfhmDWQw8j9P9DBwAYkhynVBwK1qgBOTC0R2ncYAqbeUV%2BK3F8CoGoxuEfZrKphHC95JEGviXz7hyLJEtayLq4WG7r8Z0cw%2Br4DlJc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://a.clickcertain.com/px/?c=23d15560b94601e
cf-ray
64e48a020da94e79-FRA
cf-request-id
0a02b4954700004e79c3933000000001
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:700%7CMontserrat:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://initiatives.swordhealth.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
age
565279
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
expires
Fri, 06 May 2022 02:03:02 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:700%7CMontserrat:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://initiatives.swordhealth.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 22:04:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
age
61209
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
expires
Wed, 11 May 2022 22:04:12 GMT
lftracker_v1_3P1w24dnQz98mY5n.js
sc.lfeeder.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.lfeeder.com/lftracker_v1_3P1w24dnQz98mY5n.js
Requested by
Host: initiatives.swordhealth.com
URL: https://initiatives.swordhealth.com/cp-case-study-download/?utm_source=sto-sig&utm_medium=email&utm_campaign=cps-cs&sbrc=1zTYYdqbfrZGpFGu600QOkQ%3D%3D%24tlgImAIKrsCky-e11mp1zA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4dd1c658b3a4af9dd21f4a57171af4ea152a06bb094f013ce786907966cf02fc

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
kpmHFCrOQh17qH1O9l.NIH4DPOsWh1pX
content-encoding
gzip
last-modified
Mon, 26 Apr 2021 09:58:16 GMT
server
AmazonS3
age
1333
etag
W/"b85a3ee21a0ce5c9d2b86e1bbbabb6b3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Wed, 12 May 2021 14:42:08 GMT
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
UyhiLQW86sgwbbWFofnaQbmyXICYP59sfNNtDdq6ZdLhEzo3cE6nkg==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=787059&time=1620831861761&url=https%3A%2F%2Finitiatives.swordhealth.com%2Fcp-case-study-download%2F%3Futm_source%3Dsto-sig%26utm_medium%3Demail%26...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D787059%26time%3D1620831861761%26url%3Dhttps%253A%252F%252Finitiatives.swordhealth...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=787059&time=1620831861761&url=https%3A%2F%2Finitiatives.swordhealth.com%2Fcp-case-study-download%2F%3Futm_source%3Dsto-sig%26utm_medium%3Demail%26...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=787059&time=1620831861761&url=https%3A%2F%2Finitiatives.swordhealth.com%2Fcp-case-study-download%2F%3Futm_source%3Dsto-sig%26utm_medium%3Demail%2...
0
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=787059&time=1620831861761&url=https%3A%2F%2Finitiatives.swordhealth.com%2Fcp-case-study-download%2F%3Futm_source%3Dsto-sig%26utm_medium%3Demail%26utm_campaign%3Dcps-cs%26sbrc%3D1zTYYdqbfrZGpFGu600QOkQ%3D%3D%24tlgImAIKrsCky-e11mp1zA%3D%3D&liSync=true&e_ipv6=AQLWYyOM6rUVMQAAAXlhG315DT81fpbqG7nyh5LsKVcowaYJLnACLG7s6k4P4KTN7ex5u9tW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:04:22 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
ZYlAvv1ZfhYQKU43tyoAAA==

Redirect headers

date
Wed, 12 May 2021 15:04:22 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=787059&time=1620831861761&url=https%3A%2F%2Finitiatives.swordhealth.com%2Fcp-case-study-download%2F%3Futm_source%3Dsto-sig%26utm_medium%3Demail%26utm_campaign%3Dcps-cs%26sbrc%3D1zTYYdqbfrZGpFGu600QOkQ%3D%3D%24tlgImAIKrsCky-e11mp1zA%3D%3D&liSync=true&e_ipv6=AQLWYyOM6rUVMQAAAXlhG315DT81fpbqG7nyh5LsKVcowaYJLnACLG7s6k4P4KTN7ex5u9tW
x-li-proto
http/2
x-li-pop
prod-eda6
content-length
0
x-li-uuid
759ktv1ZfhZwC9w99CoAAA==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1177566459&t=pageview&_s=1&dl=https%3A%2F%2Finitiatives.swordhealth.com%2Fcp-case-study-download%2F%3Futm_source%3Dsto-sig%26utm_medium%3Demail%26utm_campaign%3Dcps-cs%26sbrc%3D1zTYYdqbfrZGpFGu600QOkQ%253D%253D%2524tlgImAIKrsCky-e11mp1zA%253D%253D&ul=en-us&de=UTF-8&dt=Concordia%20Plans%20Case%20Study%20%7C%20SWORD%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1479489363&gjid=833817695&cid=212109868.1620831862&tid=UA-156415747-3&_gid=928859133.1620831862&_r=1&gtm=2wg550PDR4TMD&z=140364814
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 12 May 2021 15:04:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://initiatives.swordhealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
2256300491283237
connect.facebook.net/signals/config/ 		356 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2256300491283237?v=2.9.5&r=c2
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87d101b35903efe6011008bbc772d730656e7cd2d22934fbdecc0c3f5ce2e13a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
ZWC7qk7heTdtnJTV8IvUnUpImMvzyxIBbex0+0Xc47Uq6TZ9q3eFQDuh5MLNqxZJi4wpKLj4GkdVEHgkKcMZIg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 12 May 2021 15:04:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-156415747-3&cid=212109868.1620831862&jid=1479489363&gjid=833817695&_gid=928859133.1620831862&_u=YEBAAEAAAAAAAC~&z=909868991
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 12 May 2021 15:04:21 GMT
content-type
text/plain
access-control-allow-origin
https://initiatives.swordhealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-156415747-3&cid=212109868.1620831862&jid=1479489363&_u=YEBAAEAAAAAAAC~&z=322178345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 15:04:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-156415747-3&cid=212109868.1620831862&jid=1479489363&_u=YEBAAEAAAAAAAC~&z=322178345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 15:04:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2256300491283237&ev=PageView&dl=https%3A%2F%2Finitiatives.swordhealth.com%2Fcp-case-study-download%2F%3Futm_source%3Dsto-sig%26utm_medium%3Demail%26utm_campaign%3Dcps-cs%26sbrc%3D1zTYYdqbfrZGpFGu600QOkQ%253D%253D%2524tlgImAIKrsCky-e11mp1zA%253D%253D&rl=&if=false&ts=1620831861892&sw=1600&sh=1200&v=2.9.5&r=c2&a=tmgoogletagmanager&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22131898808566315%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22426356218385903%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%2C%22productID%22%3A%22Terms%20of%20service%5Cn%5CnMade%20with%20%E2%9D%A4%EF%B8%8F%20by%20SWORD%20Health%5Cn%5CnNotice%20of%20Privacy%20Practices%5Cn%5CnPrivacy%20notice%5Cn%5CnCutting%20Surgery%20Intent%20and%20Pain%20in%20Half%20in%208%20Weeks%C2%A0%5CnLearn%20how%20SWORD%20has%20helped%20Concordia%20Plans%20members%20slash%20surgery%20intent%2C%20pain%20and%20medication%20use%2C%20and%20improve%20their%20mental%20health%20and%20productivity%2C%20in%20just%208%20weeks.%5Cn%5CnIf%20your%20download%20doesn%27t%20start%20immediately%2C%20please%20click%20the%20button%20below.%5Cn%5CnDOWNLOAD%20NOW%22%7D%7D&par[2]=%7B%22extractorID%22%3A%22426356218385903%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1620831861891.234273292&it=1620831861775&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:04:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 12 May 2021 15:04:21 GMT
/
www.facebook.com/tr/ 		44 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2256300491283237&ev=Microdata&dl=https%3A%2F%2Finitiatives.swordhealth.com%2Fcp-case-study-download%2F%3Futm_source%3Dsto-sig%26utm_medium%3Demail%26utm_campaign%3Dcps-cs%26sbrc%3D1zTYYdqbfrZGpFGu600QOkQ%253D%253D%2524tlgImAIKrsCky-e11mp1zA%253D%253D&rl=&if=false&ts=1620831862394&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Concordia%20Plans%20Case%20Study%20%7C%20SWORD%20Health%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Download%20our%20Concordia%20Plans%20Case%20Study%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Finitiatives.swordhealth.com%2Fconcordia-plans-case-study%2F%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fswordhealth.com%2Fwp-content%2Fuploads%2F2020%2F10%2FSWORD_Case_Study_MetaImage-scaled.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%221250%22%2C%22og%3Aimage%3Aheight%22%3A%22657%22%2C%22og%3Adescription%22%3A%22Learn%20how%20Concordia%20Plans%20cut%20pain%20and%20surgeries%20in%20half%20in%20just%208%20weeks%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.5&r=c2&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1620831862393.1991540342&it=1620831861775&coo=false&es=automatic&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://initiatives.swordhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:04:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 12 May 2021 15:04:22 GMT
/
a.clickcertain.com/px/cont/ Frame 088D 		787 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.clickcertain.com/px/cont/?c=23d15560b94601e&ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b&cn=DE
Requested by
Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=23d15560b94601e&seg=cp-case-study-download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b699e9d1e9de2de60b298b20f6a7a8bee4d2762f19cf1b6f557df57063a23fc

Request headers

:method
GET
:authority
a.clickcertain.com
:scheme
https
:path
/px/cont/?c=23d15560b94601e&ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b&cn=DE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_ccpx_u=1db05e3c%2d881b%2d4935%2da72b%2d4ea9f09b307b; _ccpx=23d15560b94601e; _ccpx_23d15560b94601e=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:04:23 GMT
content-type
text/html
etag
W/"MWRiMDVlM2NnODgxYmc0OTM1Z2E3MmJnNGVhOWYwOWIzMDdiLXow"
set-cookie
_ccpx_u=1db05e3c%2d881b%2d4935%2da72b%2d4ea9f09b307b; Expires=Thu, 12 May 2022 15:04:23 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend
6280c3b70cbb:c3336ad234ab4442bd1e912f177bbf60
x-requestid
ea869313-d651-424d-ae3c-9aaea11f73b6
cf-cache-status
DYNAMIC
cf-request-id
0a02b4991e00004e79bc8e5000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HGEJ2CYrMg3r22b44rsKiHwknIOB1Cp8LRS2WXrvqLR8%2FRW4AqyMYvmWSE%2FFqGAVrAj%2BRRAXdFD7fMweaFEYDb86TWYh1Iwcm0PnhtC%2FmOvduws26MQlSwF51oV03Qc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
64e48a083f6d4e79-FRA
content-encoding
br
/
a.clickcertain.com/px/ta/ Frame 088D
Redirect Chain
  • https://a.clickcertain.com/px/ta/?ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=1db05e3c-881b-4935-a72b-4ea9f09b307b&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=1db05e3c-881b-4935-a72b-4ea9f09b307b&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
  • https://a.clickcertain.com/px/ta/?done=true&ta_id=84011ae6-bf00-41db-9e30-aacdc7ecb3e4
0
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.clickcertain.com/px/ta/?done=true&ta_id=84011ae6-bf00-41db-9e30-aacdc7ecb3e4
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=23d15560b94601e&ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b&cn=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:04:23 GMT
x-frontend
3e045b39933b:845fe34283114905b20edf53b81d90dd
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
3b918dd0-4c20-4072-b1a8-87aa6014751e
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RU%2BLHzS8BUz5SHSdcucSdS2RVY17cMSqs1a%2FxkkzWidcjIBEBnOXdjF2fNlttxMafob43D1RXzqLsqcfGTNlcdtAILmCTJ6RpM4vBhmHJizSXkq9ANHoKLpjsYWAlqI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
64e48a0a8d0b4e79-FRA
cf-request-id
0a02b49a9700004e79e539c000000001

Redirect headers

date
Wed, 12 May 2021 15:04:23 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://a.clickcertain.com/px/ta/?done=true&ta_id=84011ae6-bf00-41db-9e30-aacdc7ecb3e4
alt-svc
clear
content-length
0
sync
x.bidswitch.net/ul_cb/ Frame 088D
Redirect Chain
  • https://a.clickcertain.com/px/r/?ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=1db05e3c-881b-4935-a72b-4ea9f09b307b&ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
  • https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%2...
  • https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2...
  • https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D1db05e3c%2D881b%2D493...
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b&anx_uId=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D1db05e3c-881b-4935-a72b-4ea9f09b307b%26anx_uId%3D%24UID
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b&anx_uId=5948960170861650542
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=1db05e3c-881b-4935-a72b-4ea9f09b307b&expires=5&user_group=0
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=1db05e3c-881b-4935-a72b-4ea9f09b307b&expires=5&user_group=0
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=1db05e3c-881b-4935-a72b-4ea9f09b307b&expires=5&user_group=0
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=23d15560b94601e&ccid=1db05e3c-881b-4935-a72b-4ea9f09b307b&cn=DE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.223.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-223-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 15:04:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=1db05e3c-881b-4935-a72b-4ea9f09b307b&expires=5&user_group=0
date
Wed, 12 May 2021 15:04:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| ub object| dataLayer object| UnbounceSnowplowNamespace function| ubSnowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| fbq function| _fbq object| ldfdr string| piAId string| piCId string| piHostname undefined| dynamicPixel function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData function| _add_ctag object| body

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log (Line 1)
Message:
cp-case-study-download

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clickcertain.com
a.remarketstats.com
app.salesloft.com
builder-assets.unbounce.com
cm.g.doubleclick.net
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
i.liadm.com
initiatives.swordhealth.com
mktg.sword.health.swordhealth.com
mktg.swordhealth.com
pixel.tapad.com
px.ads.linkedin.com
px4.ads.linkedin.com
sc.lfeeder.com
secure.adnxs.com
snap.licdn.com
stats.g.doubleclick.net
storage.pardot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
108.174.10.14
13.224.89.221
13.224.95.94
142.250.186.130
18.196.95.178
185.33.221.11
23.22.247.80
2600:9000:20eb:2c00:1f:f723:6fc0:93a1
2600:9000:21f3:ac00:d:7e9b:1200:93a1
2600:9000:21f3:fe00:1d:11cf:5800:93a1
2606:4700:20::ac43:4549
2606:4700:3039::6815:c074
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2a00:1450:4001:803::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9b
2a02:26f0:6c00:2ab::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.193.154.185
35.156.223.207
35.174.78.146
35.227.248.159
52.22.212.120
54.165.219.213
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1d7ec022c03f680ee0030df9213ff142f43f9159ccf9b283aba1273dda485e20
2a9b3e65d4d3339d01572aaa4a7ef3c1f0fbc451a90650e567376b0c54a21a7b
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
3b699e9d1e9de2de60b298b20f6a7a8bee4d2762f19cf1b6f557df57063a23fc
40197879d231cf1703915cb2d4f20385fcd804b97deb057a97fe8d1ef91a64dc
4dd1c658b3a4af9dd21f4a57171af4ea152a06bb094f013ce786907966cf02fc
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7c09f7b240e7348984a0dddb417fddca6e062bd3fecabb969a92ef1718bfc90f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
87d101b35903efe6011008bbc772d730656e7cd2d22934fbdecc0c3f5ce2e13a
8eea3997c2e7995040a996df1ae2adc9ecdab1d51cc5654e1367bb482bc46af9
ab88e31adb6c691cc5d7ec5ba186800947c1dd234cb5e56e2cbdfe5901d7e58c
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
bf0bda5f4e999cdd7a8bca818c135dfb79e7ef61124711e0e3b0e6c241bc8697
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd2ca27063b11d0f7b10ca5ee1165cbe5bf99469c3bde81a94c195496f5c7c5c
d8d1b79035284aabf2f4a3a25b95679f701b90f3b63c2818aacd4359a6d923a6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629