www.q1productions.com Open in urlscan Pro
3.211.129.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www2.q1productions.com/e/130201/eimbursement-register-virtual-/3t5ch9/1272139355/h/wuug_nMXHs0hn7DF4PkxEgPjoE_jBd-lTBx4...
Effective URL:
https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Submission: On July 09 via manual (July 9th 2024, 6:01:31 pm UTC) from IN — Scanned from DE

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 15 domains to perform 49 HTTP transactions. The main IP is 3.211.129.6, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.q1productions.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 5th 2023. Valid for: a year.

This is the only time www.q1productions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	3.92.120.28 3.92.120.28	14618 (AMAZON-AES) (AMAZON-AES)
22	3.211.129.6 3.211.129.6	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
1	34.197.26.140 34.197.26.140	14618 (AMAZON-AES) (AMAZON-AES)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.229.233.34 192.229.233.34	15133 (EDGECAST) (EDGECAST)
1	172.217.18.8 172.217.18.8	15169 (GOOGLE) (GOOGLE)
1	54.243.104.204 54.243.104.204	14618 (AMAZON-AES) (AMAZON-AES)
1	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
1		() ()
2	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
1	74.125.206.156 74.125.206.156	15169 (GOOGLE) (GOOGLE)
1	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
1	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
2	34.237.219.119 34.237.219.119	14618 (AMAZON-AES) (AMAZON-AES)
1 6	18.245.86.97 18.245.86.97	16509 (AMAZON-02) (AMAZON-02)
1	34.251.55.181 34.251.55.181	16509 (AMAZON-02) (AMAZON-02)
49	20

2 3.92.120.28 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com

www2.q1productions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 3.211.129.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-129-6.compute-1.amazonaws.com

www.q1productions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
q1productions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.26.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-26-140.compute-1.amazonaws.com

tfaforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.233.34 (United States)

ASN15133 (EDGECAST, US)

static.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.104.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-104-204.compute-1.amazonaws.com

www.tfaforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 (None, )

ASN- ()

www.q1productions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f196.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.237.219.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-219-119.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.245.86.97 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-97.fra60.r.cloudfront.net

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.55.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-55-181.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	q1productions.com 1 redirects www2.q1productions.com www.q1productions.com q1productions.com	481 KB
7	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 5082 d.adroll.com — Cisco Umbrella Rank: 2630	119 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 12805 go.pardot.com Failed	5 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 232	72 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 102	21 KB
2	tfaforms.com tfaforms.com — Cisco Umbrella Rank: 200061 www.tfaforms.com — Cisco Umbrella Rank: 218091	4 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6500	63 B
1	google.com www.google.com — Cisco Umbrella Rank: 10	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 208	353 B
1	gstatic.com fonts.gstatic.com	48 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	77 KB
1	olark.com static.olark.com — Cisco Umbrella Rank: 31772	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 331	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108	3 KB
49	15

	Domain	Requested by
22	www.q1productions.com	www.q1productions.com static.olark.com
6	s.adroll.com	1 redirects www.q1productions.com s.adroll.com
2	pi.pardot.com	www.q1productions.com pi.pardot.com
2	www.facebook.com	www.q1productions.com
2	connect.facebook.net	www.q1productions.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.q1productions.com
2	www2.q1productions.com	1 redirects pi.pardot.com
1	d.adroll.com	s.adroll.com
1	q1productions.com
1	www.google.de	www.q1productions.com
1	www.google.com	www.q1productions.com
1	stats.g.doubleclick.net	www.q1productions.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.tfaforms.com	www.q1productions.com
1	www.googletagmanager.com	www.q1productions.com
1	static.olark.com	www.q1productions.com
1	cdnjs.cloudflare.com	www.q1productions.com
1	tfaforms.com	www.q1productions.com
1	fonts.googleapis.com	www.q1productions.com
0	go.pardot.com Failed	pi.pardot.com
49	20

This site contains no links.

Subject Issuer	Validity	Valid
*.q1productions.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-04`	a year	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
tfaforms.com Amazon RSA 2048 M02	`2024-04-29` - `2025-05-28`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
static.olark.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-20` - `2025-03-22`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.tfaforms.com Amazon RSA 2048 M02	`2024-03-16` - `2025-04-14`	a year	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-18` - `2024-07-17`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.de WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-05` - `2025-06-04`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
www2.q1productions.com R11	`2024-06-23` - `2024-09-21`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Frame ID: 037EC666C1CCF78B424B3961985031E7
Requests: 47 HTTP requests in this frame

Frame: https://www.tfaforms.com/5121130?faIframeUniqueId=0vhva3exoe&jsid=null&hostURL=https%3A%2F%2Fwww.q1productions.com%2Fmedical-device-reimbursement%2Fregister-virtual%2F
Frame ID: B323109A92348A3EDDBA4AE55660B2A8
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.q1productions.com/1143c0f6-88fd-4b0e-bf38-fb7d83d28e93
Frame ID: E4F6A1C199866AAF7F736F0708E55141
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Medical Device Coverage & Reimbursement Professional Engagement Course - Q1 Productions

Page URL History Show full URLs

https://www2.q1productions.com/e/130201/eimbursement-register-virtual-/3t5ch9/1272139355/h/wuug_nMXHs0hn7DF... HTTP 301
https://www.q1productions.com/medical-device-reimbursement/register-virtual/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

49
Requests

96 %
HTTPS

0 %
IPv6

15
Domains

20
Subdomains

20
IPs

4
Countries

839 kB
Transfer

3080 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www2.q1productions.com/e/130201/eimbursement-register-virtual-/3t5ch9/1272139355/h/wuug_nMXHs0hn7DF4PkxEgPjoE_jBd-lTBx4DyE_FbE HTTP 301
https://www.q1productions.com/medical-device-reimbursement/register-virtual/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://s.adroll.com/j/pre/LFQHJHC3XRF4TPTQTPMSGQ/HJ6GFIZ2GVGDFMCOB37KG4/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.q1productions.com/medical-device-reimbursement/register-virtual/
Redirect Chain

https://www2.q1productions.com/e/130201/eimbursement-register-virtual-/3t5ch9/1272139355/h/wuug_nMXHs0hn7DF4PkxEgPjoE_jBd-lTBx4DyE_FbE
https://www.q1productions.com/medical-device-reimbursement/register-virtual/

90 KB
16 KB

1135ms
699ms

Document
text/html

3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PHP/7.4.13 PleskLin
Resource Hash: 7ea71e177123dc9c622299d4fdf1e7a3b04409efedd56cd3d44035ba982706f6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, no-cache, s-maxage=10
content-encoding: gzip
content-length: 15735
content-type: text/html; charset=UTF-8
date: Tue, 09 Jul 2024 18:01:23 GMT
link: <https://www.q1productions.com/wp-json/>; rel="https://api.w.org/", <https://www.q1productions.com/wp-json/wp/v2/pages/95517>; rel="alternate"; type="application/json", <https://www.q1productions.com/?p=95517>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-mod-pagespeed: 1.13.35.2-0
x-powered-by: PHP/7.4.13 PleskLin

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Jul 2024 18:01:22 GMT
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
cache-control: max-age=63072000
content-encoding: gzip
expires: Thu, 09 Jul 2026 18:01:21 GMT
location: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary: Accept-Encoding,User-Agent

GET
H2 200 A.style.min.css,qver=5.9.10.pagespeed.cf.F57u5S_8rc.css
www.q1productions.com/wp-includes/css/dist/block-library/ 81 KB
11 KB 195ms
191ms Stylesheet
text/css 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.q1productions.com/wp-includes/css/dist/block-library/A.style.min.css,qver=5.9.10.pagespeed.cf.F57u5S_8rc.css
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 976c80e46a6f74317977c8addfacdccdc38f64b8b2014cb96bc7d6cb6f292133

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Tue, 09 Jul 2024 18:01:16 GMT
server: nginx
x-original-content-length: 83419
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11055
expires: Wed, 09 Jul 2025 18:01:16 GMT

GET
H2 200 A.style.css,qver=5.9.10.pagespeed.cf.nnTsSDmqhv.css
www.q1productions.com/wp-content/themes/Divi/ 805 KB
79 KB 212ms
208ms Stylesheet
text/css 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.q1productions.com/wp-content/themes/Divi/A.style.css,qver=5.9.10.pagespeed.cf.nnTsSDmqhv.css
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 1a8dcf628fcb9d508c45b3cb0e6ac724f61a381528c5da142f686739a52622df

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Tue, 09 Jul 2024 18:01:16 GMT
server: nginx
x-original-content-length: 824719
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 80707
expires: Wed, 09 Jul 2025 18:01:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 57 KB
3 KB 432ms
46ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap

Requested by

Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

f322afdaf7184e4ddd7fca589f89cdd7e2e2721dffbf8abed7cb1eca88b0915f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jul 2024 18:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 17:19:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jul 2024 18:01:23 GMT

GET
H2 200 style.min.css,qver=0.9.4.pagespeed.ce.XL3xQbXNIK.css
www.q1productions.com/wp-content/plugins/flip-cards-module-divi/styles/ 2 KB
917 B 211ms
207ms Stylesheet
text/css 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.q1productions.com/wp-content/plugins/flip-cards-module-divi/styles/style.min.css,qver=0.9.4.pagespeed.ce.XL3xQbXNIK.css
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 13161620ac821e80048f8b8c4ebb6aeffdf87950d1b93317998ecf1a77bef0d9

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 15:43:40 GMT
x-original-content-length: 2491
server: nginx
etag: W/"0-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 659
expires: Wed, 09 Jul 2025 18:01:23 GMT

GET
H2 200 jquery.min.js,qver=3.6.0.pagespeed.jm.izqK4d2SK0.js Show response
www.q1productions.com/wp-includes/js/jquery/ 87 KB
30 KB 109ms
106ms Script
application/javascript 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.q1productions.com/wp-includes/js/jquery/jquery.min.js,qver=3.6.0.pagespeed.jm.izqK4d2SK0.js
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: dac43ee603984a0cc147709cfa5c93cd3d42ea34dd2af211469fabfeacaf230c

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Tue, 09 Jul 2024 18:01:16 GMT
server: nginx
x-original-content-length: 89521
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30818
expires: Wed, 09 Jul 2025 18:01:16 GMT

GET
H2 200 jquery-migrate.min.js,qver=3.3.2.pagespeed.jm.Ws-UgblvVg.js Show response
www.q1productions.com/wp-includes/js/jquery/ 11 KB
4 KB 211ms
208ms Script
application/javascript 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.q1productions.com/wp-includes/js/jquery/jquery-migrate.min.js,qver=3.3.2.pagespeed.jm.Ws-UgblvVg.js
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: a401f117b1f57a3fcbf532459aff51ba2a984c7eefea8e29ab1b1765855a039e

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Tue, 09 Jul 2024 18:01:16 GMT
server: nginx
x-original-content-length: 11224
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4105
expires: Wed, 09 Jul 2025 18:01:16 GMT

GET
H2 200 olark-live-chat,_public,_js,_olark-wp-public.js,qver==1.0.0+sticky-menu-or-anything-on-scroll,_assets,_js,_jq-sticky-anything.min.js,qver==2.1.1.pagespeed.jc.2kfsM7kDx0.js Show response
www.q1productions.com/wp-content/plugins/ 10 KB
3 KB 210ms
207ms Script
application/javascript 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.q1productions.com/wp-content/plugins/olark-live-chat,_public,_js,_olark-wp-public.js,qver==1.0.0+sticky-menu-or-anything-on-scroll,_assets,_js,_jq-sticky-anything.min.js,qver==2.1.1.pagespeed.jc.2kfsM7kDx0.js
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 71004b9d67b100b1f7b656ed255edaa190100d71ce4938395fd67921985daf85

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Tue, 09 Jul 2024 18:01:16 GMT
server: nginx
x-original-content-length: 10744
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2700
expires: Wed, 09 Jul 2025 18:01:16 GMT

GET
H2 200 modules.ttf
www.q1productions.com/wp-content/themes/Divi/core/admin/fonts/ 90 KB
90 KB 211ms
208ms Font
application/font-sfnt 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.q1productions.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Origin: https://www.q1productions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
last-modified: Thu, 19 Aug 2021 11:56:18 GMT
server: nginx
etag: "611e46e2-168f0"
x-powered-by: PleskLin
content-type: application/font-sfnt
accept-ranges: bytes
content-length: 92400

GET
H2 200 A.et-divi-customizer-global-17200159161911.min.css.pagespeed.cf.LSUoCXdafQ.css
www.q1productions.com/wp-content/et-cache/global/ 2 KB
881 B 113ms
110ms Stylesheet
text/css 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.q1productions.com/wp-content/et-cache/global/A.et-divi-customizer-global-17200159161911.min.css.pagespeed.cf.LSUoCXdafQ.css
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 9572421943565d17b7dc41e50a41e0ef4f26a5e21011b8c9b30b3746c46d83b6

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Tue, 09 Jul 2024 18:01:16 GMT
server: nginx
x-original-content-length: 2084
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 627
expires: Wed, 09 Jul 2025 18:01:16 GMT

GET
H2 200 iframe_resize_helper.js Show response
tfaforms.com/js/ 8 KB
4 KB 331ms
107ms Script
application/javascript 34.197.26.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tfaforms.com/js/iframe_resize_helper.js

Requested by

Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.197.26.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-26-140.compute-1.amazonaws.com

Software

nginx /

Resource Hash

147ad3fd7669117cbdab423fefb0c972f8cfc6c2ad68aead70da48be029cffdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 16:25:03 GMT
server: nginx
etag: W/"667aef5f-2015"
content-type: application/javascript
x-fa-app: ecs-175-175

GET
H2 200 wp-emoji-release.min.js Show response
www.q1productions.com/wp-includes/js/ 18 KB
18 KB 173ms
167ms Script
application/javascript 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.q1productions.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.10
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
last-modified: Thu, 19 Aug 2021 10:39:36 GMT
server: nginx
etag: "611e34e8-4705"
x-powered-by: PleskLin
content-type: application/javascript
accept-ranges: bytes
content-length: 18181

GET
H2 200 xVeranex,402x.png.pagespeed.ic.LN3ZOrF1Bw.webp
www.q1productions.com/wp-content/uploads/2023/02/ 8 KB
9 KB 119ms
119ms Image
image/webp 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.q1productions.com/wp-content/uploads/2023/02/xVeranex,402x.png.pagespeed.ic.LN3ZOrF1Bw.webp
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: b04094700186a5712387524c6bd3812a8d749863eb325a79fe4b3314b56b6151

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
last-modified: Tue, 09 Jul 2024 17:59:13 GMT
server: nginx
x-original-content-length: 16628
etag: W/"0"
x-powered-by: PleskLin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.q1productions.com/wp-content/uploads/2023/02/Veranex@2x.png>; rel="canonical"
content-length: 8508
expires: Wed, 09 Jul 2025 17:59:13 GMT

GET
H2 200 xTraining-Pros,402x.png.pagespeed.ic.mcS1PRRx5L.webp
www.q1productions.com/wp-content/uploads/2022/03/ 7 KB
7 KB 119ms
118ms Image
image/webp 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.q1productions.com/wp-content/uploads/2022/03/xTraining-Pros,402x.png.pagespeed.ic.mcS1PRRx5L.webp
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 747c2c0262f6de7f5cccf5fe2c6f6332a80db1c3df0626ff8ba91b9a6ce39d7b

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
last-modified: Tue, 09 Jul 2024 17:59:13 GMT
server: nginx
x-original-content-length: 15868
etag: W/"0"
x-powered-by: PleskLin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.q1productions.com/wp-content/uploads/2022/03/Training-Pros@2x.png>; rel="canonical"
content-length: 7032
expires: Wed, 09 Jul 2025 17:59:13 GMT

GET
H2 200 xTelcor,402x.png.pagespeed.ic.PAQitYO4nt.webp
www.q1productions.com/wp-content/uploads/2021/10/ 4 KB
4 KB 106ms
106ms Image
image/webp 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.q1productions.com/wp-content/uploads/2021/10/xTelcor,402x.png.pagespeed.ic.PAQitYO4nt.webp
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 8cfb60542d3869bba8f95f6b1d6eb469f7f29b36c063b1c19dc992d89ac25fb8

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
last-modified: Tue, 09 Jul 2024 17:59:13 GMT
server: nginx
x-original-content-length: 12665
etag: W/"0"
x-powered-by: PleskLin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.q1productions.com/wp-content/uploads/2021/10/Telcor@2x.png>; rel="canonical"
content-length: 4268
expires: Wed, 09 Jul 2025 17:59:13 GMT

GET
H2 200 xTipping-Point,402x.png.pagespeed.ic.JSglOfbTrc.webp
www.q1productions.com/wp-content/uploads/2021/12/ 13 KB
13 KB 106ms
106ms Image
image/webp 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.q1productions.com/wp-content/uploads/2021/12/xTipping-Point,402x.png.pagespeed.ic.JSglOfbTrc.webp
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: d4ba972b447cd530a3a8cbe7b404f6fd374f7fb64bcf9073731f87553ec2a88a

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
last-modified: Tue, 09 Jul 2024 17:45:14 GMT
server: nginx
x-original-content-length: 27942
etag: W/"0"
x-powered-by: PleskLin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.q1productions.com/wp-content/uploads/2021/12/Tipping-Point@2x.png>; rel="canonical"
content-length: 13288
expires: Wed, 09 Jul 2025 17:45:14 GMT

GET
H2 200 xVantagePoint,402x.png.pagespeed.ic.0HByHeSKFm.webp
www.q1productions.com/wp-content/uploads/2021/11/ 7 KB
8 KB 112ms
105ms Image
image/webp 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.q1productions.com/wp-content/uploads/2021/11/xVantagePoint,402x.png.pagespeed.ic.0HByHeSKFm.webp
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 436409258f97fa68f126b4ff1dcab5bb6a23b7f2818410ece5133a3ea32eebd4

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
last-modified: Tue, 09 Jul 2024 17:59:13 GMT
server: nginx
x-original-content-length: 16861
etag: W/"0"
x-powered-by: PleskLin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.q1productions.com/wp-content/uploads/2021/11/VantagePoint@2x.png>; rel="canonical"
content-length: 7604
expires: Wed, 09 Jul 2025 17:59:13 GMT

GET
H2 200 xTrialCard,402x.png.pagespeed.ic.ahv2_e72T_.webp
www.q1productions.com/wp-content/uploads/2021/11/ 10 KB
10 KB 115ms
110ms Image
image/webp 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.q1productions.com/wp-content/uploads/2021/11/xTrialCard,402x.png.pagespeed.ic.ahv2_e72T_.webp
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 390422ea8e8e2ff3129d5c21d0c7b36dedf09a048ab26d08f4b671f3bd80363f

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
last-modified: Tue, 09 Jul 2024 17:59:13 GMT
server: nginx
x-original-content-length: 25945
etag: W/"0"
x-powered-by: PleskLin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.q1productions.com/wp-content/uploads/2021/11/TrialCard@2x.png>; rel="canonical"
content-length: 9928
expires: Wed, 09 Jul 2025 17:59:13 GMT

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 53ms
31ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css?ver=4.1.1

Requested by

Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1654887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4tGpZ18UhQNQ97kFZp715uLHJawwXO%2FILhwdeCacd3TM5pMA4BoxxNd03AExdd%2B1AXsTaP45ZCXCiHeFeOXlTigSIPHdgENheBh4Zhw2VduLyS95iRGjuVMoONz1vrBJjE3q5Sxq"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a0a38130e2637ce-FRA
expires: Sun, 29 Jun 2025 18:01:23 GMT

GET
H2 200 A.custom_animations.css,qver=2.9.7.1.pagespeed.cf.ZdrYH_SY7f.css
www.q1productions.com/wp-content/plugins/divi-overlays/assets/css/ 8 KB
1 KB 112ms
106ms Stylesheet
text/css 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.q1productions.com/wp-content/plugins/divi-overlays/assets/css/A.custom_animations.css,qver=2.9.7.1.pagespeed.cf.ZdrYH_SY7f.css
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: d229d023bfd27750fd628377b717e4c2448c6772ba46ce6b37a627023a5ff614

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Tue, 09 Jul 2024 18:01:16 GMT
server: nginx
x-original-content-length: 8465
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 856
expires: Wed, 09 Jul 2025 18:01:16 GMT

GET
H2 200 A.style.css,qver=2.9.7.1.pagespeed.cf.AjDyqNCnk5.css
www.q1productions.com/wp-content/plugins/divi-overlays/assets/css/ 10 KB
2 KB 117ms
110ms Stylesheet
text/css 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.q1productions.com/wp-content/plugins/divi-overlays/assets/css/A.style.css,qver=2.9.7.1.pagespeed.cf.AjDyqNCnk5.css
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: d65c78bb59458af6200d05e0bcb1d2dbb87316a47bec472860624a8ae0c1f7fa

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Tue, 09 Jul 2024 18:01:16 GMT
server: nginx
x-original-content-length: 10668
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2168
expires: Wed, 09 Jul 2025 18:01:16 GMT

GET
H2 200 custom.unified.js Show response
www.q1productions.com/wp-content/themes/Divi/js/ 485 KB
133 KB 117ms
111ms Script
application/javascript 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.q1productions.com/wp-content/themes/Divi/js/custom.unified.js?ver=4.9.7

Requested by

Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-129-6.compute-1.amazonaws.com

Software

nginx / PleskLin

Resource Hash

74b77920d03fc16a7cccf28e4ee37e848f22052aaa1ad642f45efdb59f50770c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 499676
server: nginx
etag: W/"PSA-aj-jLkrdolJqp"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21
accept-ranges: bytes
content-length: 136187
expires: Tue, 09 Jul 2024 18:01:45 GMT

GET
H2 200 plugins,_divi_module_acf,P204.0,_scripts,_frontend-bundle.min.js,qver==1.0.0+plugins,_flip-cards-module-divi,_scripts,_frontend-bundle.min.js,qver==0.9.4+themes,_Divi,_core,_admin,_js,_common.js,qv... Show response
www.q1productions.com/wp-content/ 45 KB
12 KB 173ms
167ms Script
application/javascript 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.q1productions.com/wp-content/plugins,_divi_module_acf,P204.0,_scripts,_frontend-bundle.min.js,qver==1.0.0+plugins,_flip-cards-module-divi,_scripts,_frontend-bundle.min.js,qver==0.9.4+themes,_Divi,_core,_admin,_js,_common.js,qver==4.9.7+plugins,_divi-overlays,_assets,_js,_jquery.exitintent.js,qver==2.9.7.1+plugins,_divi-overlays,_assets,_js,_custom.js,qver==2.9.7.1.pagespeed.jc.LUyBiH4rXF.js
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 21dd23628f6b803e209adfab7c42cc771038ab9a3e99c53d123e7ecf0bd8a8ab

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Tue, 09 Jul 2024 18:01:16 GMT
server: nginx
x-original-content-length: 46162
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11834
expires: Wed, 09 Jul 2025 18:01:16 GMT

GET
H2 200 loader.js Show response
static.olark.com/jsclient/ 9 KB
3 KB 45ms
8ms Script
application/javascript 192.229.233.34
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/loader.js
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.34 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 17 Jun 2024 22:04:45 GMT
server: ECS (frb/6772)
age: 1983
etag: "6670b2fd-2227"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 3120
expires: Tue, 09 Jul 2024 21:01:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
77 KB 448ms
65ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W28346N

Requested by

Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4bfafb9fe4685b78773ef0b8bda7ca4803469df5b4f6c866a8fa627d18566612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78232
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jul 2024 18:01:24 GMT

GET
H2 200 5121130
www.tfaforms.com/ Frame B323 0
0 1333ms
1094ms Document
text/html 54.243.104.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tfaforms.com/5121130?faIframeUniqueId=0vhva3exoe&jsid=null&hostURL=https%3A%2F%2Fwww.q1productions.com%2Fmedical-device-reimbursement%2Fregister-virtual%2F

Requested by

Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.104.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-104-204.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.q1productions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 09 Jul 2024 18:01:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT, -1
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-fa-app: ecs-152-234

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 419ms
36ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.q1productions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:01:55 GMT
x-content-type-options: nosniff
age: 28769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 10:01:55 GMT

GET
BLOB 200
OK 1143c0f6-88fd-4b0e-bf38-fb7d83d28e93 Show response
https://www.q1productions.com/ Frame E4F6 147 B
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.q1productions.com/1143c0f6-88fd-4b0e-bf38-fb7d83d28e93
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/loader.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef75b33904d93af24fa40e39bfc332becf6145911fb0715a252445b5e2bcb79e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 147
Content-Type: text/html

GET
H2 200 x9.jpg.pagespeed.ic.Urqj_4kSQl.webp
www.q1productions.com/wp-content/uploads/2022/02/ 20 KB
20 KB 106ms
105ms Image
image/webp 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.q1productions.com/wp-content/uploads/2022/02/x9.jpg.pagespeed.ic.Urqj_4kSQl.webp
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: b1c5f1ca88792fb4b34d8e95f292c03cbdc1ec19033e69540f0506793d92efe7

Request headers

Referer: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:23 GMT
last-modified: Tue, 09 Jul 2024 17:59:43 GMT
server: nginx
x-original-content-length: 337656
etag: W/"0"
x-powered-by: PleskLin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.q1productions.com/wp-content/uploads/2022/02/9.jpg>; rel="canonical"
content-length: 20066
expires: Wed, 09 Jul 2025 17:59:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 421ms
35ms Script
text/javascript 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W28346N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Jul 2024 16:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5537
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 09 Jul 2024 18:29:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 222 KB
59 KB 325ms
8ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 Jul 2024 18:01:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58293
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1380, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 3SiXgarPJxU/Wuy2fh8SPwjWsrRtFg867zVM+l2CWnEubFOCiukKM5+DYiakKs1Hfb5+T1vlKLHhLX35BJaI2A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 315414685567261 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 10ms
9ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/315414685567261?v=2.9.160&r=stable&domain=www.q1productions.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

dd72f43aab32aa0285ed808688b3d6169343abf4bcc80d15652b63dd8ce2082a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 Jul 2024 18:01:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12339
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=61, mss=1380, tbw=63825, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: lOD3geRm3wd8mUv32LlH+sKdElcvTxdd7rQLOwQQiIyIntVlD8svfvsnP9yoGn7Q4FmIX9ljW8P8V6iIJ2ljMA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 326ms
9ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=315414685567261&ev=PageView&dl=https%3A%2F%2Fwww.q1productions.com%2Fmedical-device-reimbursement%2Fregister-virtual%2F&rl=&if=false&ts=1720548084581&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720548084580.158013798889571128&ler=empty&cdl=API_unavailable&it=1720548084551&coo=false&rqm=GET

Requested by

Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1380, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 09 Jul 2024 18:01:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 453ms
136ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=315414685567261&ev=PageView&dl=https%3A%2F%2Fwww.q1productions.com%2Fmedical-device-reimbursement%2Fregister-virtual%2F&rl=&if=false&ts=1720548084581&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720548084580.158013798889571128&ler=empty&cdl=API_unavailable&it=1720548084551&coo=false&rqm=FGET

Requested by

Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa13fdad107f8a9c9","source_keys":["1","2"]},{"key_piece":"0x26edb50145327966","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 09 Jul 2024 18:01:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389697753293418467", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1380, tbw=3099, tp=-1, tpl=-1, uplat=127, ullat=0
pragma: no-cache
x-fb-debug: GzvYMAabm5xXJgDURnz8OHvkifWR8x1bmv6fdaSObZFpKlRxmTbc9l/dFJ2It4iIwH68oAXNQ/+q+G0vavdF3g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389697753293418467"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 44ms
43ms XHR
text/plain 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1691782023&t=pageview&_s=1&dl=https%3A%2F%2Fwww.q1productions.com%2Fmedical-device-reimbursement%2Fregister-virtual%2F&ul=de-de&de=UTF-8&dt=Medical%20Device%20Coverage%20%26%20Reimbursement%20Professional%20Engagement%20Course%20-%20Q1%20Productions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1119026646&gjid=1771414687&cid=1677877539.1720548085&tid=UA-2252229-9&_gid=1126284945.1720548085&_r=1&_slc=1&gtm=45He4730n81W28346Nv840588778za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=1167613940

Requested by

Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 18:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.q1productions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 359ms
20ms XHR
text/plain 74.125.206.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2252229-9&cid=1677877539.1720548085&jid=1119026646&gjid=1771414687&_gid=1126284945.1720548085&npa=1&_u=YEBAAEAAAAAAACAAI~&z=1860045963

Requested by

Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jul 2024 18:01:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.q1productions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 136ms
60ms Image
image/gif 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2252229-9&cid=1677877539.1720548085&jid=1119026646&npa=1&_u=YEBAAEAAAAAAACAAI~&z=117768449

Requested by

Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f196.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 18:01:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 108ms
61ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2252229-9&cid=1677877539.1720548085&jid=1119026646&npa=1&_u=YEBAAEAAAAAAACAAI~&z=117768449

Requested by

Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 18:01:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 334ms
110ms Script
application/javascript 34.237.219.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-219-119.compute-1.amazonaws.com
Software: /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 18:01:26 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Tue, 09 Jul 2024 15:54:53 GMT
etag: "15f4-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1988
expires: Thu, 09 Jul 2026 18:01:26 GMT

GET
H2 200 favicon.ico
q1productions.com/wp-content/uploads/2017/05/ 6 KB
6 KB 108ms
105ms Other
image/vnd.microsoft.icon 3.211.129.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q1productions.com/wp-content/uploads/2017/05/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.211.129.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-129-6.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: df999d283c1dc61606bae05af6cd608dd0a32bd17e8eac2a6953693f0866473c

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:26 GMT
last-modified: Tue, 24 Dec 2019 22:26:08 GMT
server: nginx
etag: "5e029080-1636"
x-powered-by: PleskLin
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
content-length: 5686

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 88 KB
27 KB 348ms
9ms Script
text/javascript 18.245.86.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.q1productions.com
URL: https://www.q1productions.com/medical-device-reimbursement/register-virtual/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-97.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02b5db103f24a7395fa2623b371ea764e2948337147de780911dc2fcdec49458

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 17:40:59 GMT
X-Amz-Version-Id: fsiDuzy5vys3wCM7hYlFnR.TBXHQSKgT
Content-Encoding: gzip
Via: 1.1 d4b0acc43b96f7849332ef0fcc29ac32.cloudfront.net (CloudFront)
Age: 1228
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 04 Jul 2024 15:21:58 GMT
Server: AmazonS3
Etag: W/"c3ca7e6129306d41ac549ab4c252c99b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 3L83LQ7uRMlbJ62mRVqIYWj7zjMDrXUuV4EH9Dvsdds9Rf3HcetMEg==

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 4 KB
3 KB 496ms
495ms Script
text/javascript 34.237.219.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1817&account_id=131201&title=Medical%20Device%20Coverage%20%26%20Reimbursement%20Professional%20Engagement%20Course%20-%20Q1%20Productions&url=https%3A%2F%2Fwww.q1productions.com%2Fmedical-device-reimbursement%2Fregister-virtual%2F&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-219-119.compute-1.amazonaws.com

Software

Resource Hash

6ad665ab691410e18bdc98bfa5a876594386c6f3829de2f7f1a4deb2343f5a33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 09 Jul 2024 18:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
vary: Accept-Encoding,User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 1361
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/LFQHJHC3XRF4TPTQTPMSGQ/HJ6GFIZ2GVGDFMCOB37KG4/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
732 B

20ms
10ms

Script
application/javascript

18.245.86.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-97.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 17:00:44 GMT
X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 d4b0acc43b96f7849332ef0fcc29ac32.cloudfront.net (CloudFront)
Age: 3642
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: lsSLilI5kA3m9xpbF2eTiQKL6wsgmLZEuevgSoK53WBx4xSAHU3Ivg==

Redirect headers

Date: Tue, 09 Jul 2024 17:51:43 GMT
Via: 1.1 d4b0acc43b96f7849332ef0fcc29ac32.cloudfront.net (CloudFront)
Age: 582
X-Amz-Cf-Pop: FRA60-P6
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: tRSLqevsIOCxPFQpAPV5GN2WhRq_dXpfACLT6cedEiWOxgPkRV-8cQ==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/LFQHJHC3XRF4TPTQTPMSGQ/HJ6GFIZ2GVGDFMCOB37KG4/ 9 KB
4 KB 19ms
9ms Script
text/javascript 18.245.86.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/LFQHJHC3XRF4TPTQTPMSGQ/HJ6GFIZ2GVGDFMCOB37KG4/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-97.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 18:01:09 GMT
X-Amz-Version-Id: _mjZHlaERnnwe9FswTvkaS0pSObovb1G
Content-Encoding: gzip
Via: 1.1 d4b0acc43b96f7849332ef0fcc29ac32.cloudfront.net (CloudFront)
Age: 18
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 09 Jul 2024 11:47:49 GMT
Server: AmazonS3
Etag: W/"706be4fd28aeb971d2ff83a528c2073a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 8vgWjGiP4cSwPVa6pTPVI8LMAorXbAHxDU63g5Ifn8YjcI2zXKkAlQ==

GET
H2 200 LFQHJHC3XRF4TPTQTPMSGQ Show response
d.adroll.com/consent/check/ 494 B
587 B 405ms
31ms Script
application/javascript 34.251.55.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/LFQHJHC3XRF4TPTQTPMSGQ?pv=84073594101.94191&arrfrr=https%3A%2F%2Fwww.q1productions.com%2Fmedical-device-reimbursement%2Fregister-virtual%2F&_s=113215f6827386d314288b98e6bee933&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.55.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-55-181.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: b16db1918175ca31bac19ef0b38ad26def27ffc35b50e7e6747c16f5ff13803a

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 18:01:27 GMT
server: nginx/1.22.1
content-length: 494
content-type: application/javascript

GET
H/1.1 200
OK analytics Show response
www2.q1productions.com/ 50 B
1020 B 337ms
337ms Script
text/javascript 3.92.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.q1productions.com/analytics?conly=true&visitor_id=434391725&visitor_id_sign=c0aca6ee25a4d2275b6df29a03355e97aada059b57cc63420faf1813d023fd7a4cba17c3a9f633e20daf39adc6042bce33376ae3&pi_opt_in=&campaign_id=1817&account_id=131201&title=Medical%20Device%20Coverage%20%26%20Reimbursement%20Professional%20Engagement%20Course%20-%20Q1%20Productions&url=https%3A%2F%2Fwww.q1productions.com%2Fmedical-device-reimbursement%2Fregister-virtual%2F&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1817&account_id=131201&title=Medical%20Device%20Coverage%20%26%20Reimbursement%20Professional%20Engagement%20Course%20-%20Q1%20Productions&url=https%3A%2F%2Fwww.q1productions.com%2Fmedical-device-reimbursement%2Fregister-virtual%2F&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-120-28.compute-1.amazonaws.com
Software: /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 09 Jul 2024 18:01:27 GMT
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
vary: User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 50
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET analytics
go.pardot.com/olark/ 0
0

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 413 KB
84 KB 11ms
10ms Script
text/javascript 18.245.86.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-97.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b8671f08b1e11ff97209c38ae055192065f256c7ce760c715fe05c5482d2e81

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: VrseeXkYhawqUTA9Fww4aopzp4PLNITS
Content-Encoding: gzip
Via: 1.1 d4b0acc43b96f7849332ef0fcc29ac32.cloudfront.net (CloudFront)
Date: Tue, 09 Jul 2024 17:58:35 GMT
Age: 171
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 25 Jun 2024 18:52:35 GMT
Server: AmazonS3
Etag: W/"e5a8f1a23546815681b8bee9100b5eac"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: YRlBRskMajHGT4VwbOxCb4yCLoYGil84CY1ihw9I_4uaMW5_zHJ28g==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 11ms
10ms Image
image/png 18.245.86.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-97.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Referer: https://www.q1productions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 17:25:45 GMT
X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Via: 1.1 d4b0acc43b96f7849332ef0fcc29ac32.cloudfront.net (CloudFront)
Age: 2143
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: -V78FdX1hUwR7R0-QuLmulRN7CrPtM6wzWhtQsnTRjjd8N6dX938kA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: go.pardot.com
URL: https://go.pardot.com/olark/analytics?account_id=131201&campaign_id=1817&visitor_id=434391725

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tfaforms.com/	1970-01-20 22:05:52	Name: AWSALBTGCORS Value: AjSWdJIFl17oe2/yivYog+5M9jBiinItK3spA1qN5v9AJG9dYStAQ36PW0KTiKbxtsOjLDxVNQc/rCrR/CraxT5PQEY/jLrR/PZtaJ6NxoshkyvcLeBKj4JrGb6V8xWgWoq/MFp6lOLmv3DgnJhDAS8LlNhR4gwYNZ1tBNaDLpzn
tfaforms.com/	1970-01-20 22:05:52	Name: AWSALBCORS Value: E7ggttVEAOTayMXP9t0YAZozzmdXFUAK8H+aXo9IDnOElRHaPJHIpHCaJ0okKZ/UQNLEQ8DrhcdY7mON4zMREkhuzCfNsW8BeSzEUEXIKiEwx2ikU8CQMkTn6vBr
.q1productions.com/	1970-01-21 00:05:24	Name: _fbp Value: fb.1.1720548084580.158013798889571128
.q1productions.com/	1970-01-21 07:31:48	Name: _ga Value: GA1.2.1677877539.1720548085
.q1productions.com/	1970-01-20 21:57:14	Name: _gid Value: GA1.2.1126284945.1720548085
.q1productions.com/	1970-01-20 21:55:48	Name: _gat_UA-2252229-9 Value: 1
www.tfaforms.com/	1969-12-31 23:59:59	Name: FORMASSEMBLY Value: c488e719ede7d2dd612bdc810c4570eb
www.tfaforms.com/	1970-01-20 22:05:52	Name: AWSALBTGCORS Value: i5RcpFsyfHI5LhQwkkearSTSs2TjhgE81vlWehQ6vghOqPRQcsLR/oF8JeJBPppkAeIuh+Orz0GqKGNjcRawkvMqcUQjZPKhc8pK92B+ppmG+AbM+gSZCA1VNCkv9w/fz6zh18sU88bfz+eJiuFSxDz/6xhwVTuDE9c8rVUWvTB0
www.tfaforms.com/	1970-01-20 22:05:52	Name: AWSALBCORS Value: W88kBQvjfLHuJLDc61oWFz7BfRhYEfjdiuQdqd5gZtGzgZFcp9hCGDpkL3jQ09Ksa3IjtI8Il+5eQDk3KyzCTvjl5oni+kTcmeCsidO17KWa07Khkqnp5rTnWnm/
.pardot.com/	1970-01-21 07:31:48	Name: visitor_id130201 Value: 434391725
.pardot.com/	1970-01-21 07:31:48	Name: visitor_id130201-hash Value: c0aca6ee25a4d2275b6df29a03355e97aada059b57cc63420faf1813d023fd7a4cba17c3a9f633e20daf39adc6042bce33376ae3
pi.pardot.com/	1970-01-20 21:55:49	Name: lpv130201 Value: aHR0cHM6Ly93d3cucTFwcm9kdWN0aW9ucy5jb20vbWVkaWNhbC1kZXZpY2UtcmVpbWJ1cnNlbWVudC9yZWdpc3Rlci12aXJ0dWFsLw%3D%3D
www.q1productions.com/	1970-01-21 07:31:48	Name: visitor_id130201 Value: 434391725
www.q1productions.com/	1970-01-21 07:31:48	Name: visitor_id130201-hash Value: c0aca6ee25a4d2275b6df29a03355e97aada059b57cc63420faf1813d023fd7a4cba17c3a9f633e20daf39adc6042bce33376ae3
www2.q1productions.com/	1970-01-21 07:31:48	Name: visitor_id130201 Value: 434391725
www2.q1productions.com/	1970-01-21 07:31:48	Name: visitor_id130201-hash Value: c0aca6ee25a4d2275b6df29a03355e97aada059b57cc63420faf1813d023fd7a4cba17c3a9f633e20daf39adc6042bce33376ae3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
go.pardot.com
pi.pardot.com
q1productions.com
s.adroll.com
static.olark.com
stats.g.doubleclick.net
tfaforms.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.q1productions.com
www.tfaforms.com
www2.q1productions.com
go.pardot.com

104.17.24.14
142.250.184.195
142.250.186.74
157.240.0.35
157.240.0.6
172.217.16.196
172.217.18.14
172.217.18.8
172.217.18.99
18.245.86.97
192.229.233.34
3.211.129.6
3.92.120.28
34.197.26.140
34.237.219.119
34.251.55.181
54.243.104.204
74.125.206.156
02b5db103f24a7395fa2623b371ea764e2948337147de780911dc2fcdec49458
13161620ac821e80048f8b8c4ebb6aeffdf87950d1b93317998ecf1a77bef0d9
147ad3fd7669117cbdab423fefb0c972f8cfc6c2ad68aead70da48be029cffdb
1a8dcf628fcb9d508c45b3cb0e6ac724f61a381528c5da142f686739a52622df
21dd23628f6b803e209adfab7c42cc771038ab9a3e99c53d123e7ecf0bd8a8ab
390422ea8e8e2ff3129d5c21d0c7b36dedf09a048ab26d08f4b671f3bd80363f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
436409258f97fa68f126b4ff1dcab5bb6a23b7f2818410ece5133a3ea32eebd4
4b8671f08b1e11ff97209c38ae055192065f256c7ce760c715fe05c5482d2e81
4bfafb9fe4685b78773ef0b8bda7ca4803469df5b4f6c866a8fa627d18566612
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
6ad665ab691410e18bdc98bfa5a876594386c6f3829de2f7f1a4deb2343f5a33
71004b9d67b100b1f7b656ed255edaa190100d71ce4938395fd67921985daf85
747c2c0262f6de7f5cccf5fe2c6f6332a80db1c3df0626ff8ba91b9a6ce39d7b
74b77920d03fc16a7cccf28e4ee37e848f22052aaa1ad642f45efdb59f50770c
7ea71e177123dc9c622299d4fdf1e7a3b04409efedd56cd3d44035ba982706f6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8cfb60542d3869bba8f95f6b1d6eb469f7f29b36c063b1c19dc992d89ac25fb8
9572421943565d17b7dc41e50a41e0ef4f26a5e21011b8c9b30b3746c46d83b6
976c80e46a6f74317977c8addfacdccdc38f64b8b2014cb96bc7d6cb6f292133
9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f
a401f117b1f57a3fcbf532459aff51ba2a984c7eefea8e29ab1b1765855a039e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d
b04094700186a5712387524c6bd3812a8d749863eb325a79fe4b3314b56b6151
b16db1918175ca31bac19ef0b38ad26def27ffc35b50e7e6747c16f5ff13803a
b1c5f1ca88792fb4b34d8e95f292c03cbdc1ec19033e69540f0506793d92efe7
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d229d023bfd27750fd628377b717e4c2448c6772ba46ce6b37a627023a5ff614
d4ba972b447cd530a3a8cbe7b404f6fd374f7fb64bcf9073731f87553ec2a88a
d65c78bb59458af6200d05e0bcb1d2dbb87316a47bec472860624a8ae0c1f7fa
dac43ee603984a0cc147709cfa5c93cd3d42ea34dd2af211469fabfeacaf230c
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
dd72f43aab32aa0285ed808688b3d6169343abf4bcc80d15652b63dd8ce2082a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df999d283c1dc61606bae05af6cd608dd0a32bd17e8eac2a6953693f0866473c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef75b33904d93af24fa40e39bfc332becf6145911fb0715a252445b5e2bcb79e
f322afdaf7184e4ddd7fca589f89cdd7e2e2721dffbf8abed7cb1eca88b0915f

www.q1productions.com Open in urlscan Pro 3.211.129.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

96 %HTTPS

0 %IPv6

15 Domains

20 Subdomains

20 IPs

4 Countries

839 kBTransfer

3080 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.q1productions.com Open in urlscan Pro
3.211.129.6 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

96 %
HTTPS

0 %
IPv6

15
Domains

20
Subdomains

20
IPs

4
Countries

839 kB
Transfer

3080 kB
Size

16
Cookies

49 HTTP transactions
0 data transactions